github.com/yimialmonte/fabric@v2.1.1+incompatible/common/cauthdsl/policy_test.go (about) 1 /* 2 Copyright IBM Corp. 2016 All Rights Reserved. 3 4 SPDX-License-Identifier: Apache-2.0 5 */ 6 7 package cauthdsl 8 9 import ( 10 "fmt" 11 "testing" 12 13 "github.com/golang/protobuf/proto" 14 cb "github.com/hyperledger/fabric-protos-go/common" 15 "github.com/hyperledger/fabric/common/policies" 16 "github.com/hyperledger/fabric/common/policydsl" 17 "github.com/hyperledger/fabric/protoutil" 18 "github.com/stretchr/testify/assert" 19 ) 20 21 var acceptAllPolicy *cb.Policy 22 var rejectAllPolicy *cb.Policy 23 24 func init() { 25 acceptAllPolicy = makePolicySource(true) 26 rejectAllPolicy = makePolicySource(false) 27 } 28 29 // The proto utils has become a dumping ground of cyclic imports, it's easier to define this locally 30 func marshalOrPanic(msg proto.Message) []byte { 31 data, err := proto.Marshal(msg) 32 if err != nil { 33 panic(fmt.Errorf("Error marshaling messages: %s, %s", msg, err)) 34 } 35 return data 36 } 37 38 func makePolicySource(policyResult bool) *cb.Policy { 39 var policyData *cb.SignaturePolicyEnvelope 40 if policyResult { 41 policyData = policydsl.AcceptAllPolicy 42 } else { 43 policyData = policydsl.RejectAllPolicy 44 } 45 return &cb.Policy{ 46 Type: int32(cb.Policy_SIGNATURE), 47 Value: marshalOrPanic(policyData), 48 } 49 } 50 51 func providerMap() map[int32]policies.Provider { 52 r := make(map[int32]policies.Provider) 53 r[int32(cb.Policy_SIGNATURE)] = NewPolicyProvider(&mockDeserializer{}) 54 return r 55 } 56 57 func TestAccept(t *testing.T) { 58 policyID := "policyID" 59 m, err := policies.NewManagerImpl("test", providerMap(), &cb.ConfigGroup{ 60 Policies: map[string]*cb.ConfigPolicy{ 61 policyID: {Policy: acceptAllPolicy}, 62 }, 63 }) 64 assert.NoError(t, err) 65 assert.NotNil(t, m) 66 67 policy, ok := m.GetPolicy(policyID) 68 assert.True(t, ok, "Should have found policy which was just added, but did not") 69 err = policy.EvaluateSignedData([]*protoutil.SignedData{{Identity: []byte("identity"), Data: []byte("data"), Signature: []byte("sig")}}) 70 assert.NoError(t, err, "Should not have errored evaluating an acceptAll policy") 71 } 72 73 func TestReject(t *testing.T) { 74 policyID := "policyID" 75 m, err := policies.NewManagerImpl("test", providerMap(), &cb.ConfigGroup{ 76 Policies: map[string]*cb.ConfigPolicy{ 77 policyID: {Policy: rejectAllPolicy}, 78 }, 79 }) 80 assert.NoError(t, err) 81 assert.NotNil(t, m) 82 policy, ok := m.GetPolicy(policyID) 83 assert.True(t, ok, "Should have found policy which was just added, but did not") 84 err = policy.EvaluateSignedData([]*protoutil.SignedData{{Identity: []byte("identity"), Data: []byte("data"), Signature: []byte("sig")}}) 85 assert.Error(t, err, "Should have errored evaluating an rejectAll policy") 86 } 87 88 func TestRejectOnUnknown(t *testing.T) { 89 m, err := policies.NewManagerImpl("test", providerMap(), &cb.ConfigGroup{}) 90 assert.NoError(t, err) 91 assert.NotNil(t, m) 92 policy, ok := m.GetPolicy("FakePolicyID") 93 assert.False(t, ok, "Should not have found policy which was never added, but did") 94 err = policy.EvaluateSignedData([]*protoutil.SignedData{{Identity: []byte("identity"), Data: []byte("data"), Signature: []byte("sig")}}) 95 assert.Error(t, err, "Should have errored evaluating the default policy") 96 } 97 98 func TestNewPolicyErrorCase(t *testing.T) { 99 provider := NewPolicyProvider(nil) 100 101 pol1, msg1, err1 := provider.NewPolicy([]byte{0}) 102 assert.Nil(t, pol1) 103 assert.Nil(t, msg1) 104 assert.EqualError(t, err1, "Error unmarshaling to SignaturePolicy: proto: common.SignaturePolicyEnvelope: illegal tag 0 (wire type 0)") 105 106 sigPolicy2 := &cb.SignaturePolicyEnvelope{Version: -1} 107 data2 := marshalOrPanic(sigPolicy2) 108 pol2, msg2, err2 := provider.NewPolicy(data2) 109 assert.Nil(t, pol2) 110 assert.Nil(t, msg2) 111 assert.EqualError(t, err2, "This evaluator only understands messages of version 0, but version was -1") 112 113 pol3, msg3, err3 := provider.NewPolicy([]byte{}) 114 assert.Nil(t, pol3) 115 assert.Nil(t, msg3) 116 assert.EqualError(t, err3, "Empty policy element") 117 118 var pol4 *policy 119 err4 := pol4.EvaluateSignedData([]*protoutil.SignedData{}) 120 assert.EqualError(t, err4, "no such policy") 121 } 122 123 func TestEnvelopeBasedPolicyProvider(t *testing.T) { 124 pp := &EnvelopeBasedPolicyProvider{Deserializer: &mockDeserializer{}} 125 p, err := pp.NewPolicy(nil) 126 assert.Nil(t, p) 127 assert.Error(t, err, "invalid arguments") 128 129 p, err = pp.NewPolicy(&cb.SignaturePolicyEnvelope{}) 130 assert.Nil(t, p) 131 assert.Error(t, err, "Empty policy element") 132 133 p, err = pp.NewPolicy(policydsl.SignedByMspPeer("primus inter pares")) 134 assert.NotNil(t, p) 135 assert.NoError(t, err) 136 } 137 138 func TestConverter(t *testing.T) { 139 p := policy{} 140 141 cp, err := p.Convert() 142 assert.Nil(t, cp) 143 assert.Error(t, err) 144 assert.Contains(t, err.Error(), "nil policy field") 145 146 p.signaturePolicyEnvelope = policydsl.RejectAllPolicy 147 148 cp, err = p.Convert() 149 assert.NotNil(t, cp) 150 assert.NoError(t, err) 151 assert.Equal(t, cp, policydsl.RejectAllPolicy) 152 }