github.com/hyperledger/fabric-ca@v2.0.0-alpha.0.20201120210307-7b4f34729db1+incompatible/scripts/fvt/postgres_test.sh (about) 1 #!/bin/bash 2 # 3 # Copyright IBM Corp. All Rights Reserved. 4 # 5 # SPDX-License-Identifier: Apache-2.0 6 # 7 8 TESTCASE="postgres" 9 FABRIC_CA="$GOPATH/src/github.com/hyperledger/fabric-ca" 10 FABRIC_CAEXEC="$FABRIC_CA/bin/fabric-ca" 11 SCRIPTDIR="$FABRIC_CA/scripts/fvt" 12 . $SCRIPTDIR/fabric-ca_utils 13 RC=0 14 15 export FABRIC_CA_SERVER_HOME="/tmp/$TESTCASE" 16 17 PGSQLSERVERCONFIG="$FABRIC_CA_SERVER_HOME/pgsqlserverconfig.yaml" 18 SERVERLOG="$FABRIC_CA_SERVER_HOME/serverlog.txt" 19 MSP="$FABRIC_CA_SERVER_HOME/msp" 20 SERVERCERT="$FABRIC_CA_SERVER_HOME/fabric-ca-cert.pem" 21 DBNAME="fabric_ca" 22 23 function cleanup { 24 rm $SERVERCERT 25 rm -rf $MSP 26 rm $SERVERLOG 27 } 28 29 function configureDB { 30 psql -c "CREATE USER testuser WITH PASSWORD 'testuserpw' LOGIN" 31 psql -c "CREATE DATABASE testdb" 32 psql -d testdb -c "DROP DATABASE $DBNAME" 33 psql -d testdb -c "DROP DATABASE postgres" 34 } 35 36 function resetDB { 37 psql -d testdb -c "ALTER DATABASE template1_temp RENAME TO template1" 38 psql -d testdb -c "CREATE DATABASE $DBNAME" 39 psql -d testdb -c "CREATE DATABASE postgres" 40 psql -d testdb -c "ALTER USER testuser WITH NOCREATEDB" 41 } 42 43 function genConfig { 44 mkdir -p $FABRIC_CA_SERVER_HOME 45 cat > $PGSQLSERVERCONFIG <<EOF 46 debug: true 47 48 db: 49 type: postgres 50 datasource: host=localhost port=$POSTGRES_PORT user=testuser password=testuserpw dbname=fabric_ca 51 52 tls: 53 enabled: true 54 certfile: $TLS_SERVERCERT 55 keyfile: $TLS_SERVERKEY 56 57 registry: 58 # Maximum number of times a password/secret can be reused for enrollment 59 # (default: -1, which means there is no limit) 60 maxenrollments: -1 61 62 # Contains identity information which is used when LDAP is disabled 63 identities: 64 - name: a 65 pass: b 66 type: client 67 affiliation: "" 68 maxenrollments: -1 69 attrs: 70 hf.Registrar.Roles: "client,user,peer,validator,auditor" 71 hf.Registrar.DelegateRoles: "client,user,validator,auditor" 72 hf.Revoker: true 73 hf.IntermediateCA: true 74 75 affiliations: 76 org1: 77 - department1 78 - department2 79 org2: 80 - department1 81 EOF 82 } 83 84 genConfig 85 cleanup 86 configureDB 87 88 # TEST 1: Database user does not have permission to create DB and also 89 # no database exists with the same name as user 90 $SCRIPTDIR/fabric-ca_setup.sh -S -X -g $PGSQLSERVERCONFIG 2>&1 | tee $SERVERLOG & 91 pollFabricCa "" "" $CA_DEFAULT_PORT 92 $SCRIPTDIR/fabric-ca_setup.sh -K 93 grep "pq: permission denied to create database" $SERVERLOG &> /dev/null 94 if [ $? != 0 ]; then 95 ErrorMsg "'testuser' should not have been able to create database, does not have permissions" 96 fi 97 98 # TEST 2: There are no database to establish a connection, an error is expected 99 # Three database are tried, the database specified in connection string, postgres, 100 # and template1 101 psql -d testdb -c "ALTER DATABASE template1 RENAME TO template1_temp" 102 $SCRIPTDIR/fabric-ca_setup.sh -S -X -g $PGSQLSERVERCONFIG 2>&1 | tee $SERVERLOG & 103 pollFabricCa "" "" $CA_DEFAULT_PORT 104 grep "Please create one of these database before continuing" $SERVERLOG &> /dev/null 105 if [ $? != 0 ]; then 106 ErrorMsg "None of the database expected exist, should have thrown an error in the logs" 107 fi 108 109 # TEST 3: User has permissions to create DB and at least of the expected database 110 # exists, should successfully initialize database now 111 psql -d testdb -c "ALTER DATABASE template1_temp RENAME TO template1" 112 psql -d testdb -c "ALTER USER testuser WITH CREATEDB" 113 114 # Enroll should try to reinitialize the DB before processing enroll request and should succeed 115 enroll a b 2>&1 | grep "Stored client certificate" 116 if [ $? != 0 ]; then 117 ErrorMsg "Enroll request should have passed" 118 fi 119 120 $SCRIPTDIR/fabric-ca_setup.sh -K 121 grep "Initialized postgres database" $SERVERLOG &> /dev/null 122 if [ $? != 0 ]; then 123 ErrorMsg "Postgres database should have been successfully initialized" 124 fi 125 126 resetDB 127 CleanUp $RC 128 exit $RC