github.com/hechain20/hechain@v0.0.0-20220316014945-b544036ba106/core/common/privdata/membershipinfo.go (about) 1 /* 2 Copyright hechain. All Rights Reserved. 3 4 SPDX-License-Identifier: Apache-2.0 5 */ 6 7 package privdata 8 9 import ( 10 "github.com/hechain20/hechain/common/flogging" 11 "github.com/hechain20/hechain/core/chaincode/implicitcollection" 12 "github.com/hechain20/hechain/msp" 13 "github.com/hechain20/hechain/protoutil" 14 "github.com/hyperledger/fabric-protos-go/peer" 15 ) 16 17 var logger = flogging.MustGetLogger("common.privdata") 18 19 // MembershipProvider can be used to check whether a peer is eligible to a collection or not 20 type MembershipProvider struct { 21 mspID string 22 selfSignedData protoutil.SignedData 23 IdentityDeserializerFactory func(chainID string) msp.IdentityDeserializer 24 myImplicitCollectionName string 25 } 26 27 // NewMembershipInfoProvider returns MembershipProvider 28 func NewMembershipInfoProvider(mspID string, selfSignedData protoutil.SignedData, identityDeserializerFunc func(chainID string) msp.IdentityDeserializer) *MembershipProvider { 29 return &MembershipProvider{ 30 mspID: mspID, 31 selfSignedData: selfSignedData, 32 IdentityDeserializerFactory: identityDeserializerFunc, 33 myImplicitCollectionName: implicitcollection.NameForOrg(mspID), 34 } 35 } 36 37 // AmMemberOf checks whether the current peer is a member of the given collection config. 38 // If getPolicy returns an error, it will drop the error and return false - same as a RejectAll policy. 39 // It is used when a chaincode is upgraded to see if the peer's org has become eligible after a collection 40 // change. 41 func (m *MembershipProvider) AmMemberOf(channelName string, collectionPolicyConfig *peer.CollectionPolicyConfig) (bool, error) { 42 deserializer := m.IdentityDeserializerFactory(channelName) 43 44 // Do a simple check to see if the mspid matches any principal identities in the SignaturePolicy - FAB-17059 45 if collectionPolicyConfig.GetSignaturePolicy() != nil { 46 memberOrgs := getMemberOrgs(collectionPolicyConfig.GetSignaturePolicy().GetIdentities(), deserializer) 47 48 if _, ok := memberOrgs[m.mspID]; ok { 49 return true, nil 50 } 51 } 52 53 // Fall back to default access policy evaluation otherwise 54 accessPolicy, err := getPolicy(collectionPolicyConfig, deserializer) 55 if err != nil { 56 // drop the error and return false - same as reject all policy 57 logger.Errorf("Reject all due to error getting policy: %s", err) 58 return false, nil 59 } 60 if err := accessPolicy.EvaluateSignedData([]*protoutil.SignedData{&m.selfSignedData}); err != nil { 61 return false, nil 62 } 63 64 return true, nil 65 } 66 67 func (m *MembershipProvider) MyImplicitCollectionName() string { 68 return m.myImplicitCollectionName 69 }