github.com/hechain20/hechain@v0.0.0-20220316014945-b544036ba106/core/common/privdata/collection.go

github.com/hechain20/hechain@v0.0.0-20220316014945-b544036ba106/core/common/privdata/collection.go (about)

     1  /*
     2  Copyright hechain. All Rights Reserved.
     3  
     4  SPDX-License-Identifier: Apache-2.0
     5  */
     6  
     7  package privdata
     8  
     9  import (
    10  	"strings"
    11  
    12  	"github.com/hechain20/hechain/core/ledger"
    13  	"github.com/hechain20/hechain/protoutil"
    14  	"github.com/hyperledger/fabric-protos-go/peer"
    15  )
    16  
    17  // Collection defines a common interface for collections
    18  type Collection interface {
    19  	// SetTxContext configures the tx-specific ephemeral collection info, such
    20  	// as txid, nonce, creator -- for future use
    21  	// SetTxContext(parameters ...interface{})
    22  
    23  	// CollectionID returns this collection's ID
    24  	CollectionID() string
    25  
    26  	// GetEndorsementPolicy returns the endorsement policy for validation -- for
    27  	// future use
    28  	// GetEndorsementPolicy() string
    29  
    30  	// MemberOrgs returns the collection's members as MSP IDs. This serves as
    31  	// a human-readable way of quickly identifying who is part of a collection.
    32  	MemberOrgs() map[string]struct{}
    33  }
    34  
    35  // CollectionAccessPolicy encapsulates functions for the access policy of a collection
    36  type CollectionAccessPolicy interface {
    37  	// AccessFilter returns a member filter function for a collection
    38  	AccessFilter() Filter
    39  
    40  	// The minimum number of peers private data will be sent to upon
    41  	// endorsement. The endorsement would fail if dissemination to at least
    42  	// this number of peers is not achieved.
    43  	RequiredPeerCount() int
    44  
    45  	// The maximum number of peers that private data will be sent to
    46  	// upon endorsement. This number has to be bigger than RequiredPeerCount().
    47  	MaximumPeerCount() int
    48  
    49  	// MemberOrgs returns the collection's members as MSP IDs. This serves as
    50  	// a human-readable way of quickly identifying who is part of a collection.
    51  	MemberOrgs() map[string]struct{}
    52  
    53  	// IsMemberOnlyRead returns a true if only collection members can read
    54  	// the private data
    55  	IsMemberOnlyRead() bool
    56  
    57  	// IsMemberOnlyWrite returns a true if only collection members can write
    58  	// the private data
    59  	IsMemberOnlyWrite() bool
    60  }
    61  
    62  // CollectionPersistenceConfigs encapsulates configurations related to persistence of a collection
    63  type CollectionPersistenceConfigs interface {
    64  	// BlockToLive returns the number of blocks after which the collection data expires.
    65  	// For instance if the value is set to 10, a key last modified by block number 100
    66  	// will be purged at block number 111. A zero value is treated same as MaxUint64
    67  	BlockToLive() uint64
    68  }
    69  
    70  // Filter defines a rule that filters peers according to data signed by them.
    71  // The Identity in the SignedData is a SerializedIdentity of a peer.
    72  // The Data is a message the peer signed, and the Signature is the corresponding
    73  // Signature on that Data.
    74  // Returns: True, if the policy holds for the given signed data.
    75  //          False otherwise
    76  type Filter func(protoutil.SignedData) bool
    77  
    78  // CollectionStore provides various APIs to retrieves stored collections and perform
    79  // membership check & read permission check based on the collection's properties.
    80  // TODO: Refactor CollectionStore - FAB-13082
    81  // (1) function such as RetrieveCollection() and RetrieveCollectionConfigPackage() are
    82  //     never used except in mocks and test files.
    83  // (2) in gossip, at least in 7 different places, the following 3 operations
    84  //     are repeated which can be avoided by introducing a API called IsAMemberOf().
    85  //         (i)   retrieves collection access policy by calling RetrieveCollectionAccessPolicy()
    86  //         (ii)  get the access filter func from the collection access policy
    87  //         (iii) create the evaluation policy and check for membership
    88  // (3) we would need a cache in collection store to avoid repeated crypto operation.
    89  //     This would be simple to implement when we introduce IsAMemberOf() APIs.
    90  type CollectionStore interface {
    91  	// RetrieveCollection retrieves the collection in the following way:
    92  	// If the TxID exists in the ledger, the collection that is returned has the
    93  	// latest configuration that was committed into the ledger before this txID
    94  	// was committed.
    95  	// Else - it's the latest configuration for the collection.
    96  	RetrieveCollection(CollectionCriteria) (Collection, error)
    97  
    98  	// RetrieveCollectionAccessPolicy retrieves a collection's access policy
    99  	RetrieveCollectionAccessPolicy(CollectionCriteria) (CollectionAccessPolicy, error)
   100  
   101  	// RetrieveCollectionConfig retrieves a collection's config
   102  	RetrieveCollectionConfig(CollectionCriteria) (*peer.StaticCollectionConfig, error)
   103  
   104  	// RetrieveCollectionConfigPackage retrieves the whole configuration package
   105  	// for the chaincode with the supplied criteria
   106  	RetrieveCollectionConfigPackage(CollectionCriteria) (*peer.CollectionConfigPackage, error)
   107  
   108  	// RetrieveCollectionPersistenceConfigs retrieves the collection's persistence related configurations
   109  	RetrieveCollectionPersistenceConfigs(CollectionCriteria) (CollectionPersistenceConfigs, error)
   110  
   111  	// RetrieveReadWritePermission retrieves the read-write permission of the creator of the
   112  	// signedProposal for a given collection using collection access policy and flags such as
   113  	// memberOnlyRead & memberOnlyWrite
   114  	RetrieveReadWritePermission(CollectionCriteria, *peer.SignedProposal, ledger.QueryExecutor) (bool, bool, error)
   115  
   116  	CollectionFilter
   117  }
   118  
   119  type CollectionFilter interface {
   120  	// AccessFilter retrieves the collection's filter that matches a given channel and a collectionPolicyConfig
   121  	AccessFilter(channelName string, collectionPolicyConfig *peer.CollectionPolicyConfig) (Filter, error)
   122  }
   123  
   124  const (
   125  	// Collection-specific constants
   126  
   127  	// CollectionSeparator is the separator used to build the KVS
   128  	// key storing the collections of a chaincode; note that we are
   129  	// using as separator a character which is illegal for either the
   130  	// name or the version of a chaincode so there cannot be any
   131  	// collisions when choosing the name
   132  	collectionSeparator = "~"
   133  	// collectionSuffix is the suffix of the KVS key storing the
   134  	// collections of a chaincode
   135  	collectionSuffix = "collection"
   136  )
   137  
   138  // BuildCollectionKVSKey constructs the collection config key for a given chaincode name
   139  func BuildCollectionKVSKey(ccname string) string {
   140  	return ccname + collectionSeparator + collectionSuffix
   141  }
   142  
   143  // IsCollectionConfigKey detects if a key is a collection key
   144  func IsCollectionConfigKey(key string) bool {
   145  	return strings.Contains(key, collectionSeparator)
   146  }
   147  
   148  // GetCCNameFromCollectionConfigKey returns the chaincode name given a collection config key
   149  func GetCCNameFromCollectionConfigKey(key string) string {
   150  	splittedKey := strings.Split(key, collectionSeparator)
   151  	return splittedKey[0]
   152  }