github.com/renegr87/renegr87@v2.1.1+incompatible/core/common/privdata/simplecollection_test.go (about) 1 /* 2 Copyright IBM Corp. All Rights Reserved. 3 4 SPDX-License-Identifier: Apache-2.0 5 */ 6 7 package privdata 8 9 import ( 10 "bytes" 11 "errors" 12 "testing" 13 "time" 14 15 cb "github.com/hyperledger/fabric-protos-go/common" 16 mb "github.com/hyperledger/fabric-protos-go/msp" 17 pb "github.com/hyperledger/fabric-protos-go/peer" 18 "github.com/hyperledger/fabric/common/policydsl" 19 "github.com/hyperledger/fabric/msp" 20 "github.com/hyperledger/fabric/protoutil" 21 "github.com/stretchr/testify/assert" 22 ) 23 24 func createCollectionPolicyConfig(accessPolicy *cb.SignaturePolicyEnvelope) *pb.CollectionPolicyConfig { 25 cpcSp := &pb.CollectionPolicyConfig_SignaturePolicy{ 26 SignaturePolicy: accessPolicy, 27 } 28 cpc := &pb.CollectionPolicyConfig{ 29 Payload: cpcSp, 30 } 31 return cpc 32 } 33 34 type mockIdentity struct { 35 idBytes []byte 36 } 37 38 func (id *mockIdentity) Anonymous() bool { 39 panic("implement me") 40 } 41 42 func (id *mockIdentity) ExpiresAt() time.Time { 43 return time.Time{} 44 } 45 46 func (id *mockIdentity) SatisfiesPrincipal(p *mb.MSPPrincipal) error { 47 if bytes.Equal(id.idBytes, p.Principal) { 48 return nil 49 } 50 return errors.New("Principals do not match") 51 } 52 53 func (id *mockIdentity) GetIdentifier() *msp.IdentityIdentifier { 54 return &msp.IdentityIdentifier{Mspid: "Mock", Id: string(id.idBytes)} 55 } 56 57 func (id *mockIdentity) GetMSPIdentifier() string { 58 return string(id.idBytes) 59 } 60 61 func (id *mockIdentity) Validate() error { 62 return nil 63 } 64 65 func (id *mockIdentity) GetOrganizationalUnits() []*msp.OUIdentifier { 66 return nil 67 } 68 69 func (id *mockIdentity) Verify(msg []byte, sig []byte) error { 70 if bytes.Equal(sig, []byte("badsigned")) { 71 return errors.New("Invalid signature") 72 } 73 return nil 74 } 75 76 func (id *mockIdentity) Serialize() ([]byte, error) { 77 return id.idBytes, nil 78 } 79 80 type mockDeserializer struct { 81 fail error 82 } 83 84 func (md *mockDeserializer) DeserializeIdentity(serializedIdentity []byte) (msp.Identity, error) { 85 if md.fail != nil { 86 return nil, md.fail 87 } 88 return &mockIdentity{idBytes: serializedIdentity}, nil 89 } 90 91 func (md *mockDeserializer) IsWellFormed(_ *mb.SerializedIdentity) error { 92 return nil 93 } 94 95 func TestNewSimpleCollectionWithBadConfig(t *testing.T) { 96 // set up simple collection with nil collection config 97 _, err := NewSimpleCollection(nil, &mockDeserializer{}) 98 assert.Error(t, err) 99 100 // create static collection config with faulty policy 101 collectionConfig := &pb.StaticCollectionConfig{ 102 Name: "test collection", 103 RequiredPeerCount: 1, 104 MemberOrgsPolicy: getBadAccessPolicy([]string{"peer0", "peer1"}, 3), 105 } 106 _, err = NewSimpleCollection(collectionConfig, &mockDeserializer{}) 107 assert.Error(t, err) 108 assert.EqualError(t, err, "failed constructing policy object out of collection policy config: identity index out of range, requested 3, but identities length is 2") 109 } 110 111 func TestNewSimpleCollectionWithGoodConfig(t *testing.T) { 112 // create member access policy 113 var signers = [][]byte{[]byte("signer0"), []byte("signer1")} 114 policyEnvelope := policydsl.Envelope(policydsl.Or(policydsl.SignedBy(0), policydsl.SignedBy(1)), signers) 115 accessPolicy := createCollectionPolicyConfig(policyEnvelope) 116 117 // create static collection config 118 collectionConfig := &pb.StaticCollectionConfig{ 119 Name: "test collection", 120 RequiredPeerCount: 1, 121 MemberOrgsPolicy: accessPolicy, 122 } 123 124 // set up simple collection with valid data 125 sc, err := NewSimpleCollection(collectionConfig, &mockDeserializer{}) 126 assert.NoError(t, err) 127 128 // check name 129 assert.True(t, sc.CollectionID() == "test collection") 130 131 // check members 132 members := sc.MemberOrgs() 133 assert.Contains(t, members, "signer0") 134 assert.Contains(t, members, "signer1") 135 136 // check required peer count 137 assert.True(t, sc.RequiredPeerCount() == 1) 138 } 139 140 func TestSetupWithBadConfig(t *testing.T) { 141 // set up simple collection with invalid data 142 var sc SimpleCollection 143 err := sc.Setup(&pb.StaticCollectionConfig{}, &mockDeserializer{}) 144 assert.Error(t, err) 145 146 // create static collection config with faulty policy 147 collectionConfig := &pb.StaticCollectionConfig{ 148 Name: "test collection", 149 RequiredPeerCount: 1, 150 MemberOrgsPolicy: getBadAccessPolicy([]string{"peer0", "peer1"}, 3), 151 } 152 err = sc.Setup(collectionConfig, &mockDeserializer{}) 153 assert.Error(t, err) 154 assert.EqualError(t, err, "failed constructing policy object out of collection policy config: identity index out of range, requested 3, but identities length is 2") 155 } 156 157 func TestSetupGoodConfigCollection(t *testing.T) { 158 // create member access policy 159 var signers = [][]byte{[]byte("signer0"), []byte("signer1")} 160 policyEnvelope := policydsl.Envelope(policydsl.Or(policydsl.SignedBy(0), policydsl.SignedBy(1)), signers) 161 accessPolicy := createCollectionPolicyConfig(policyEnvelope) 162 163 // create static collection config 164 collectionConfig := &pb.StaticCollectionConfig{ 165 Name: "test collection", 166 RequiredPeerCount: 1, 167 MemberOrgsPolicy: accessPolicy, 168 } 169 170 // set up simple collection with valid data 171 var sc SimpleCollection 172 err := sc.Setup(collectionConfig, &mockDeserializer{}) 173 assert.NoError(t, err) 174 175 // check name 176 assert.True(t, sc.CollectionID() == "test collection") 177 178 // check members 179 members := sc.MemberOrgs() 180 assert.Contains(t, members, "signer0") 181 assert.Contains(t, members, "signer1") 182 183 // check required peer count 184 assert.True(t, sc.RequiredPeerCount() == 1) 185 } 186 187 func TestSimpleCollectionFilter(t *testing.T) { 188 // create member access policy 189 var signers = [][]byte{[]byte("signer0"), []byte("signer1")} 190 policyEnvelope := policydsl.Envelope(policydsl.Or(policydsl.SignedBy(0), policydsl.SignedBy(1)), signers) 191 accessPolicy := createCollectionPolicyConfig(policyEnvelope) 192 193 // create static collection config 194 collectionConfig := &pb.StaticCollectionConfig{ 195 Name: "test collection", 196 RequiredPeerCount: 1, 197 MemberOrgsPolicy: accessPolicy, 198 } 199 200 // set up simple collection 201 var sc SimpleCollection 202 err := sc.Setup(collectionConfig, &mockDeserializer{}) 203 assert.NoError(t, err) 204 205 // get the collection access filter 206 var cap CollectionAccessPolicy 207 cap = &sc 208 accessFilter := cap.AccessFilter() 209 210 // check filter: not a member of the collection 211 notMember := protoutil.SignedData{ 212 Identity: []byte{1, 2, 3}, 213 Signature: []byte{}, 214 Data: []byte{}, 215 } 216 assert.False(t, accessFilter(notMember)) 217 218 // check filter: member of the collection 219 member := protoutil.SignedData{ 220 Identity: signers[0], 221 Signature: []byte{}, 222 Data: []byte{}, 223 } 224 assert.True(t, accessFilter(member)) 225 }