github.com/hechain20/hechain@v0.0.0-20220316014945-b544036ba106/common/cauthdsl/policy_test.go (about)

     1  /*
     2  Copyright hechain. 2022 All Rights Reserved.
     3  
     4  SPDX-License-Identifier: Apache-2.0
     5  */
     6  
     7  package cauthdsl
     8  
     9  import (
    10  	"fmt"
    11  	"testing"
    12  
    13  	"github.com/golang/protobuf/proto"
    14  	"github.com/hechain20/hechain/common/policies"
    15  	"github.com/hechain20/hechain/common/policydsl"
    16  	"github.com/hechain20/hechain/protoutil"
    17  	cb "github.com/hyperledger/fabric-protos-go/common"
    18  	"github.com/stretchr/testify/require"
    19  )
    20  
    21  var (
    22  	acceptAllPolicy *cb.Policy
    23  	rejectAllPolicy *cb.Policy
    24  )
    25  
    26  func init() {
    27  	acceptAllPolicy = makePolicySource(true)
    28  	rejectAllPolicy = makePolicySource(false)
    29  }
    30  
    31  // The proto utils has become a dumping ground of cyclic imports, it's easier to define this locally
    32  func marshalOrPanic(msg proto.Message) []byte {
    33  	data, err := proto.Marshal(msg)
    34  	if err != nil {
    35  		panic(fmt.Errorf("Error marshaling messages: %s, %s", msg, err))
    36  	}
    37  	return data
    38  }
    39  
    40  func makePolicySource(policyResult bool) *cb.Policy {
    41  	var policyData *cb.SignaturePolicyEnvelope
    42  	if policyResult {
    43  		policyData = policydsl.AcceptAllPolicy
    44  	} else {
    45  		policyData = policydsl.RejectAllPolicy
    46  	}
    47  	return &cb.Policy{
    48  		Type:  int32(cb.Policy_SIGNATURE),
    49  		Value: marshalOrPanic(policyData),
    50  	}
    51  }
    52  
    53  func providerMap() map[int32]policies.Provider {
    54  	r := make(map[int32]policies.Provider)
    55  	r[int32(cb.Policy_SIGNATURE)] = NewPolicyProvider(&mockDeserializer{})
    56  	return r
    57  }
    58  
    59  func TestAccept(t *testing.T) {
    60  	policyID := "policyID"
    61  	m, err := policies.NewManagerImpl("test", providerMap(), &cb.ConfigGroup{
    62  		Policies: map[string]*cb.ConfigPolicy{
    63  			policyID: {Policy: acceptAllPolicy},
    64  		},
    65  	})
    66  	require.NoError(t, err)
    67  	require.NotNil(t, m)
    68  
    69  	policy, ok := m.GetPolicy(policyID)
    70  	require.True(t, ok, "Should have found policy which was just added, but did not")
    71  	err = policy.EvaluateSignedData([]*protoutil.SignedData{{Identity: []byte("identity"), Data: []byte("data"), Signature: []byte("sig")}})
    72  	require.NoError(t, err, "Should not have errored evaluating an acceptAll policy")
    73  }
    74  
    75  func TestReject(t *testing.T) {
    76  	policyID := "policyID"
    77  	m, err := policies.NewManagerImpl("test", providerMap(), &cb.ConfigGroup{
    78  		Policies: map[string]*cb.ConfigPolicy{
    79  			policyID: {Policy: rejectAllPolicy},
    80  		},
    81  	})
    82  	require.NoError(t, err)
    83  	require.NotNil(t, m)
    84  	policy, ok := m.GetPolicy(policyID)
    85  	require.True(t, ok, "Should have found policy which was just added, but did not")
    86  	err = policy.EvaluateSignedData([]*protoutil.SignedData{{Identity: []byte("identity"), Data: []byte("data"), Signature: []byte("sig")}})
    87  	require.Error(t, err, "Should have errored evaluating an rejectAll policy")
    88  }
    89  
    90  func TestRejectOnUnknown(t *testing.T) {
    91  	m, err := policies.NewManagerImpl("test", providerMap(), &cb.ConfigGroup{})
    92  	require.NoError(t, err)
    93  	require.NotNil(t, m)
    94  	policy, ok := m.GetPolicy("FakePolicyID")
    95  	require.False(t, ok, "Should not have found policy which was never added, but did")
    96  	err = policy.EvaluateSignedData([]*protoutil.SignedData{{Identity: []byte("identity"), Data: []byte("data"), Signature: []byte("sig")}})
    97  	require.Error(t, err, "Should have errored evaluating the default policy")
    98  }
    99  
   100  func TestNewPolicyErrorCase(t *testing.T) {
   101  	provider := NewPolicyProvider(nil)
   102  
   103  	pol1, msg1, err1 := provider.NewPolicy([]byte{0})
   104  	require.Nil(t, pol1)
   105  	require.Nil(t, msg1)
   106  	require.EqualError(t, err1, "Error unmarshalling to SignaturePolicy: proto: common.SignaturePolicyEnvelope: illegal tag 0 (wire type 0)")
   107  
   108  	sigPolicy2 := &cb.SignaturePolicyEnvelope{Version: -1}
   109  	data2 := marshalOrPanic(sigPolicy2)
   110  	pol2, msg2, err2 := provider.NewPolicy(data2)
   111  	require.Nil(t, pol2)
   112  	require.Nil(t, msg2)
   113  	require.EqualError(t, err2, "This evaluator only understands messages of version 0, but version was -1")
   114  
   115  	pol3, msg3, err3 := provider.NewPolicy([]byte{})
   116  	require.Nil(t, pol3)
   117  	require.Nil(t, msg3)
   118  	require.EqualError(t, err3, "Empty policy element")
   119  
   120  	var pol4 *policy
   121  	err4 := pol4.EvaluateSignedData([]*protoutil.SignedData{})
   122  	require.EqualError(t, err4, "no such policy")
   123  }
   124  
   125  func TestEnvelopeBasedPolicyProvider(t *testing.T) {
   126  	pp := &EnvelopeBasedPolicyProvider{Deserializer: &mockDeserializer{}}
   127  	p, err := pp.NewPolicy(nil)
   128  	require.Nil(t, p)
   129  	require.Error(t, err, "invalid arguments")
   130  
   131  	p, err = pp.NewPolicy(&cb.SignaturePolicyEnvelope{})
   132  	require.Nil(t, p)
   133  	require.Error(t, err, "Empty policy element")
   134  
   135  	p, err = pp.NewPolicy(policydsl.SignedByMspPeer("primus inter pares"))
   136  	require.NotNil(t, p)
   137  	require.NoError(t, err)
   138  }
   139  
   140  func TestConverter(t *testing.T) {
   141  	p := policy{}
   142  
   143  	cp, err := p.Convert()
   144  	require.Nil(t, cp)
   145  	require.Error(t, err)
   146  	require.Contains(t, err.Error(), "nil policy field")
   147  
   148  	p.signaturePolicyEnvelope = policydsl.RejectAllPolicy
   149  
   150  	cp, err = p.Convert()
   151  	require.NotNil(t, cp)
   152  	require.NoError(t, err)
   153  	require.Equal(t, cp, policydsl.RejectAllPolicy)
   154  }