github.com/true-sqn/fabric@v2.1.1+incompatible/core/common/privdata/util.go (about) 1 /* 2 Copyright IBM Corp. All Rights Reserved. 3 4 SPDX-License-Identifier: Apache-2.0 5 */ 6 7 package privdata 8 9 import ( 10 "github.com/golang/protobuf/proto" 11 mspp "github.com/hyperledger/fabric-protos-go/msp" 12 "github.com/hyperledger/fabric-protos-go/peer" 13 "github.com/hyperledger/fabric/common/cauthdsl" 14 "github.com/hyperledger/fabric/common/policies" 15 "github.com/hyperledger/fabric/msp" 16 "github.com/pkg/errors" 17 ) 18 19 // getPolicy creates a new policy from the policy envelope. It will return an error if the envelope has invalid policy config. 20 // Some caller (e.g., MembershipProvider.AsMemberOf) may drop the error and treat it as a RejectAll policy. 21 // In the future, we must revisit the callers if this method will return different types of errors. 22 func getPolicy(collectionPolicyConfig *peer.CollectionPolicyConfig, deserializer msp.IdentityDeserializer) (policies.Policy, error) { 23 if collectionPolicyConfig == nil { 24 return nil, errors.New("collection policy config is nil") 25 } 26 accessPolicyEnvelope := collectionPolicyConfig.GetSignaturePolicy() 27 if accessPolicyEnvelope == nil { 28 return nil, errors.New("collection config access policy is nil") 29 } 30 // create access policy from the envelope 31 32 pp := cauthdsl.EnvelopeBasedPolicyProvider{Deserializer: deserializer} 33 accessPolicy, err := pp.NewPolicy(accessPolicyEnvelope) 34 if err != nil { 35 return nil, errors.WithMessage(err, "failed constructing policy object out of collection policy config") 36 } 37 38 return accessPolicy, nil 39 } 40 41 // getMemberOrgs returns a map containing member orgs from a list of MSPPrincipals, 42 // it will skip identities it fails to process 43 func getMemberOrgs(identities []*mspp.MSPPrincipal, deserializer msp.IdentityDeserializer) map[string]struct{} { 44 memberOrgs := map[string]struct{}{} 45 46 // get member org MSP IDs from the envelope 47 for _, principal := range identities { 48 switch principal.PrincipalClassification { 49 case mspp.MSPPrincipal_ROLE: 50 // Principal contains the msp role 51 mspRole := &mspp.MSPRole{} 52 err := proto.Unmarshal(principal.Principal, mspRole) 53 if err == nil { 54 memberOrgs[mspRole.MspIdentifier] = struct{}{} 55 } 56 case mspp.MSPPrincipal_IDENTITY: 57 principalId, err := deserializer.DeserializeIdentity(principal.Principal) 58 if err == nil { 59 memberOrgs[principalId.GetMSPIdentifier()] = struct{}{} 60 } 61 case mspp.MSPPrincipal_ORGANIZATION_UNIT: 62 OU := &mspp.OrganizationUnit{} 63 err := proto.Unmarshal(principal.Principal, OU) 64 if err == nil { 65 memberOrgs[OU.MspIdentifier] = struct{}{} 66 } 67 } 68 } 69 return memberOrgs 70 }