github.com/yimialmonte/fabric@v2.1.1+incompatible/core/aclmgmt/resourceprovider_test.go (about)

     1  /*
     2  Copyright IBM Corp. 2016 All Rights Reserved.
     3  
     4  SPDX-License-Identifier: Apache-2.0
     5  */
     6  
     7  package aclmgmt
     8  
     9  import (
    10  	"fmt"
    11  	"os"
    12  	"testing"
    13  
    14  	"github.com/golang/protobuf/proto"
    15  	"github.com/hyperledger/fabric-protos-go/common"
    16  	"github.com/hyperledger/fabric-protos-go/peer"
    17  	"github.com/hyperledger/fabric/core/aclmgmt/mocks"
    18  	"github.com/hyperledger/fabric/internal/pkg/identity"
    19  	msptesttools "github.com/hyperledger/fabric/msp/mgmt/testtools"
    20  	"github.com/hyperledger/fabric/protoutil"
    21  	"github.com/stretchr/testify/assert"
    22  )
    23  
    24  func newPolicyProvider(pEvaluator policyEvaluator) aclmgmtPolicyProvider {
    25  	return &aclmgmtPolicyProviderImpl{pEvaluator}
    26  }
    27  
    28  // ------- mocks ---------
    29  
    30  //mockPolicyEvaluatorImpl implements policyEvaluator
    31  type mockPolicyEvaluatorImpl struct {
    32  	pmap  map[string]string
    33  	peval map[string]error
    34  }
    35  
    36  func (pe *mockPolicyEvaluatorImpl) PolicyRefForAPI(resName string) string {
    37  	return pe.pmap[resName]
    38  }
    39  
    40  func (pe *mockPolicyEvaluatorImpl) Evaluate(polName string, sd []*protoutil.SignedData) error {
    41  	err, ok := pe.peval[polName]
    42  	if !ok {
    43  		return PolicyNotFound(polName)
    44  	}
    45  
    46  	//this could be non nil or some error
    47  	return err
    48  }
    49  
    50  //go:generate counterfeiter -o mocks/signer_serializer.go --fake-name SignerSerializer . signerSerializer
    51  
    52  type signerSerializer interface {
    53  	identity.SignerSerializer
    54  }
    55  
    56  //go:generate counterfeiter -o mocks/defaultaclprovider.go --fake-name DefaultACLProvider . defaultACLProvider
    57  
    58  func TestPolicyBase(t *testing.T) {
    59  	peval := &mockPolicyEvaluatorImpl{pmap: map[string]string{"res": "pol"}, peval: map[string]error{"pol": nil}}
    60  	pprov := newPolicyProvider(peval)
    61  	sProp, _ := protoutil.MockSignedEndorserProposalOrPanic("A", &peer.ChaincodeSpec{}, []byte("Alice"), []byte("msg1"))
    62  	err := pprov.CheckACL("pol", sProp)
    63  	assert.NoError(t, err)
    64  
    65  	signer := &mocks.SignerSerializer{}
    66  	env, err := protoutil.CreateSignedEnvelope(common.HeaderType_CONFIG, "myc", signer, &common.ConfigEnvelope{}, 0, 0)
    67  	assert.NoError(t, err)
    68  	err = pprov.CheckACL("pol", env)
    69  	assert.NoError(t, err)
    70  }
    71  
    72  func TestPolicyBad(t *testing.T) {
    73  	peval := &mockPolicyEvaluatorImpl{pmap: map[string]string{"res": "pol"}, peval: map[string]error{"pol": nil}}
    74  	pprov := newPolicyProvider(peval)
    75  
    76  	//bad policy
    77  	err := pprov.CheckACL("pol", []byte("not a signed proposal"))
    78  	assert.Error(t, err, InvalidIdInfo("pol").Error())
    79  
    80  	sProp, _ := protoutil.MockSignedEndorserProposalOrPanic("A", &peer.ChaincodeSpec{}, []byte("Alice"), []byte("msg1"))
    81  	err = pprov.CheckACL("badpolicy", sProp)
    82  	assert.Error(t, err)
    83  
    84  	sProp, _ = protoutil.MockSignedEndorserProposalOrPanic("A", &peer.ChaincodeSpec{}, []byte("Alice"), []byte("msg1"))
    85  	sProp.ProposalBytes = []byte("bad proposal bytes")
    86  	err = pprov.CheckACL("res", sProp)
    87  	assert.Error(t, err)
    88  
    89  	sProp, _ = protoutil.MockSignedEndorserProposalOrPanic("A", &peer.ChaincodeSpec{}, []byte("Alice"), []byte("msg1"))
    90  	prop := &peer.Proposal{}
    91  	if proto.Unmarshal(sProp.ProposalBytes, prop) != nil {
    92  		t.FailNow()
    93  	}
    94  	prop.Header = []byte("bad hdr")
    95  	sProp.ProposalBytes = protoutil.MarshalOrPanic(prop)
    96  	err = pprov.CheckACL("res", sProp)
    97  	assert.Error(t, err)
    98  }
    99  
   100  // test to ensure ptypes are processed by default provider
   101  func TestForceDefaultsForPType(t *testing.T) {
   102  	defAclProvider := &mocks.DefaultACLProvider{}
   103  	defAclProvider.CheckACLReturns(nil)
   104  	defAclProvider.IsPtypePolicyReturns(true)
   105  	rp := &resourceProvider{defaultProvider: defAclProvider}
   106  	err := rp.CheckACL("aptype", "somechannel", struct{}{})
   107  	assert.NoError(t, err)
   108  }
   109  
   110  func init() {
   111  	// setup the MSP manager so that we can sign/verify
   112  	err := msptesttools.LoadMSPSetupForTesting()
   113  	if err != nil {
   114  		fmt.Printf("Could not load msp config, err %s", err)
   115  		os.Exit(-1)
   116  		return
   117  	}
   118  }