github.com/hechain20/hechain@v0.0.0-20220316014945-b544036ba106/common/cauthdsl/policy_test.go (about) 1 /* 2 Copyright hechain. 2022 All Rights Reserved. 3 4 SPDX-License-Identifier: Apache-2.0 5 */ 6 7 package cauthdsl 8 9 import ( 10 "fmt" 11 "testing" 12 13 "github.com/golang/protobuf/proto" 14 "github.com/hechain20/hechain/common/policies" 15 "github.com/hechain20/hechain/common/policydsl" 16 "github.com/hechain20/hechain/protoutil" 17 cb "github.com/hyperledger/fabric-protos-go/common" 18 "github.com/stretchr/testify/require" 19 ) 20 21 var ( 22 acceptAllPolicy *cb.Policy 23 rejectAllPolicy *cb.Policy 24 ) 25 26 func init() { 27 acceptAllPolicy = makePolicySource(true) 28 rejectAllPolicy = makePolicySource(false) 29 } 30 31 // The proto utils has become a dumping ground of cyclic imports, it's easier to define this locally 32 func marshalOrPanic(msg proto.Message) []byte { 33 data, err := proto.Marshal(msg) 34 if err != nil { 35 panic(fmt.Errorf("Error marshaling messages: %s, %s", msg, err)) 36 } 37 return data 38 } 39 40 func makePolicySource(policyResult bool) *cb.Policy { 41 var policyData *cb.SignaturePolicyEnvelope 42 if policyResult { 43 policyData = policydsl.AcceptAllPolicy 44 } else { 45 policyData = policydsl.RejectAllPolicy 46 } 47 return &cb.Policy{ 48 Type: int32(cb.Policy_SIGNATURE), 49 Value: marshalOrPanic(policyData), 50 } 51 } 52 53 func providerMap() map[int32]policies.Provider { 54 r := make(map[int32]policies.Provider) 55 r[int32(cb.Policy_SIGNATURE)] = NewPolicyProvider(&mockDeserializer{}) 56 return r 57 } 58 59 func TestAccept(t *testing.T) { 60 policyID := "policyID" 61 m, err := policies.NewManagerImpl("test", providerMap(), &cb.ConfigGroup{ 62 Policies: map[string]*cb.ConfigPolicy{ 63 policyID: {Policy: acceptAllPolicy}, 64 }, 65 }) 66 require.NoError(t, err) 67 require.NotNil(t, m) 68 69 policy, ok := m.GetPolicy(policyID) 70 require.True(t, ok, "Should have found policy which was just added, but did not") 71 err = policy.EvaluateSignedData([]*protoutil.SignedData{{Identity: []byte("identity"), Data: []byte("data"), Signature: []byte("sig")}}) 72 require.NoError(t, err, "Should not have errored evaluating an acceptAll policy") 73 } 74 75 func TestReject(t *testing.T) { 76 policyID := "policyID" 77 m, err := policies.NewManagerImpl("test", providerMap(), &cb.ConfigGroup{ 78 Policies: map[string]*cb.ConfigPolicy{ 79 policyID: {Policy: rejectAllPolicy}, 80 }, 81 }) 82 require.NoError(t, err) 83 require.NotNil(t, m) 84 policy, ok := m.GetPolicy(policyID) 85 require.True(t, ok, "Should have found policy which was just added, but did not") 86 err = policy.EvaluateSignedData([]*protoutil.SignedData{{Identity: []byte("identity"), Data: []byte("data"), Signature: []byte("sig")}}) 87 require.Error(t, err, "Should have errored evaluating an rejectAll policy") 88 } 89 90 func TestRejectOnUnknown(t *testing.T) { 91 m, err := policies.NewManagerImpl("test", providerMap(), &cb.ConfigGroup{}) 92 require.NoError(t, err) 93 require.NotNil(t, m) 94 policy, ok := m.GetPolicy("FakePolicyID") 95 require.False(t, ok, "Should not have found policy which was never added, but did") 96 err = policy.EvaluateSignedData([]*protoutil.SignedData{{Identity: []byte("identity"), Data: []byte("data"), Signature: []byte("sig")}}) 97 require.Error(t, err, "Should have errored evaluating the default policy") 98 } 99 100 func TestNewPolicyErrorCase(t *testing.T) { 101 provider := NewPolicyProvider(nil) 102 103 pol1, msg1, err1 := provider.NewPolicy([]byte{0}) 104 require.Nil(t, pol1) 105 require.Nil(t, msg1) 106 require.EqualError(t, err1, "Error unmarshalling to SignaturePolicy: proto: common.SignaturePolicyEnvelope: illegal tag 0 (wire type 0)") 107 108 sigPolicy2 := &cb.SignaturePolicyEnvelope{Version: -1} 109 data2 := marshalOrPanic(sigPolicy2) 110 pol2, msg2, err2 := provider.NewPolicy(data2) 111 require.Nil(t, pol2) 112 require.Nil(t, msg2) 113 require.EqualError(t, err2, "This evaluator only understands messages of version 0, but version was -1") 114 115 pol3, msg3, err3 := provider.NewPolicy([]byte{}) 116 require.Nil(t, pol3) 117 require.Nil(t, msg3) 118 require.EqualError(t, err3, "Empty policy element") 119 120 var pol4 *policy 121 err4 := pol4.EvaluateSignedData([]*protoutil.SignedData{}) 122 require.EqualError(t, err4, "no such policy") 123 } 124 125 func TestEnvelopeBasedPolicyProvider(t *testing.T) { 126 pp := &EnvelopeBasedPolicyProvider{Deserializer: &mockDeserializer{}} 127 p, err := pp.NewPolicy(nil) 128 require.Nil(t, p) 129 require.Error(t, err, "invalid arguments") 130 131 p, err = pp.NewPolicy(&cb.SignaturePolicyEnvelope{}) 132 require.Nil(t, p) 133 require.Error(t, err, "Empty policy element") 134 135 p, err = pp.NewPolicy(policydsl.SignedByMspPeer("primus inter pares")) 136 require.NotNil(t, p) 137 require.NoError(t, err) 138 } 139 140 func TestConverter(t *testing.T) { 141 p := policy{} 142 143 cp, err := p.Convert() 144 require.Nil(t, cp) 145 require.Error(t, err) 146 require.Contains(t, err.Error(), "nil policy field") 147 148 p.signaturePolicyEnvelope = policydsl.RejectAllPolicy 149 150 cp, err = p.Convert() 151 require.NotNil(t, cp) 152 require.NoError(t, err) 153 require.Equal(t, cp, policydsl.RejectAllPolicy) 154 }