Skip to content

Commit

Permalink
[FAB-15066] Add additional IT
Browse files Browse the repository at this point in the history 
* Test for ignoring collection config endorsement policy if using legacy
chaincode
* Test for endorsement failure if semantically wrong but well formed
collection config signature policy is used

Change-Id: Ic7c64cfa287bd7f58aaf5ce8e7f9b3df683369f6
Signed-off-by: Danny Cao <dcao@us.ibm.com>
  • Loading branch information
@caod123
caod123 committed Nov 20, 2019
1 parent b852a86 commit ddd24b9
Show file tree
Hide file tree
Showing 2 changed files with 129 additions and 52 deletions.
157 changes: 105 additions & 52 deletions integration/pvtdata/pvtdata_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -523,84 +523,137 @@ var _ bool = Describe("PrivateData", func() {
})

Describe("Collection Config Endorsement Policy", func() {
BeforeEach(func() {
testChaincode = chaincode{
Chaincode: newLifecycleChaincode,
isLegacy: false,
}
nwo.EnableCapabilities(network, "testchannel", "Application", "V2_0", orderer, network.Peers...)
})

When("a peer specified in the chaincode endorsement policy but not in the collection config endorsement policy is used to invoke the chaincode", func() {
It("fails validation", func() {
When("using legacy lifecycle chaincode", func() {
It("ignores the collection config endorsement policy and successfully invokes the chaincode", func() {
testChaincode = chaincode{
Chaincode: legacyChaincode,
isLegacy: true,
}
By("setting the collection config endorsement policy to org2 or org3 peers")
testChaincode.CollectionsConfig = collectionConfig("collections_config4.json")

By("deploying new lifecycle chaincode")
// set collection endorsement policy to org2 or org3
By("deploying legacy chaincode")
deployChaincode(network, orderer, testChaincode)

By("adding marble1 with an org1 peer as endorser")
By("adding marble1 with an org 1 peer as endorser")
peer := network.Peer("Org1", "peer0")
marbleDetails := `{"name":"marble1", "color":"blue", "size":35, "owner":"tom", "price":99}`
marbleDetailsBase64 := base64.StdEncoding.EncodeToString([]byte(marbleDetails))

command := commands.ChaincodeInvoke{
ChannelID: channelID,
Orderer: network.OrdererAddress(orderer, nwo.ListenPort),
Name: testChaincode.Name,
Ctor: fmt.Sprintf(`{"Args":["initMarble"]}`),
Transient: fmt.Sprintf(`{"marble":"%s"}`, marbleDetailsBase64),
PeerAddresses: []string{
network.PeerAddress(peer, nwo.ListenPort),
},
WaitForEvent: true,
}

sess, err := network.PeerUserSession(peer, "User1", command)
Expect(err).NotTo(HaveOccurred())
Eventually(sess, network.EventuallyTimeout).Should(gexec.Exit())
Expect(sess.Err).To(gbytes.Say("ENDORSEMENT_POLICY_FAILURE"))
addMarble(network, orderer, testChaincode.Name, marbleDetails, peer)
})
})

When("a peer specified in the collection endorsement policy but not in the chaincode endorsement policy is used to invoke the chaincode", func() {
When("the collection endorsement policy is a signature policy", func() {
It("successfully invokes the chaincode", func() {
// collection config endorsement policy specifies org2 or org3 peers for endorsement
By("setting the collection config endorsement policy to use a signature policy")
testChaincode.CollectionsConfig = collectionConfig("collections_config4.json")
When("using new lifecycle chaincode", func() {
BeforeEach(func() {
testChaincode = chaincode{
Chaincode: newLifecycleChaincode,
isLegacy: false,
}
nwo.EnableCapabilities(network, "testchannel", "Application", "V2_0", orderer, network.Peers...)
})

By("setting the chaincode endorsement policy to org1 or org2 peers")
testChaincode.SignaturePolicy = `OR ('Org1MSP.member','Org2MSP.member')`
When("a peer specified in the chaincode endorsement policy but not in the collection config endorsement policy is used to invoke the chaincode", func() {
It("fails validation", func() {
By("setting the collection config endorsement policy to org2 or org3 peers")
testChaincode.CollectionsConfig = collectionConfig("collections_config4.json")

By("deploying new lifecycle chaincode")
// set collection endorsement policy to org2 or org3
deployChaincode(network, orderer, testChaincode)

By("adding marble1 with an org3 peer as endorser")
peer := network.Peer("Org3", "peer0")
By("adding marble1 with an org1 peer as endorser")
peer := network.Peer("Org1", "peer0")
marbleDetails := `{"name":"marble1", "color":"blue", "size":35, "owner":"tom", "price":99}`
addMarble(network, orderer, testChaincode.Name, marbleDetails, peer)
marbleDetailsBase64 := base64.StdEncoding.EncodeToString([]byte(marbleDetails))

command := commands.ChaincodeInvoke{
ChannelID: channelID,
Orderer: network.OrdererAddress(orderer, nwo.ListenPort),
Name: testChaincode.Name,
Ctor: fmt.Sprintf(`{"Args":["initMarble"]}`),
Transient: fmt.Sprintf(`{"marble":"%s"}`, marbleDetailsBase64),
PeerAddresses: []string{
network.PeerAddress(peer, nwo.ListenPort),
},
WaitForEvent: true,
}

sess, err := network.PeerUserSession(peer, "User1", command)
Expect(err).NotTo(HaveOccurred())
Eventually(sess, network.EventuallyTimeout).Should(gexec.Exit())
Expect(sess.Err).To(gbytes.Say("ENDORSEMENT_POLICY_FAILURE"))
})
})

When("the collection endorsement policy is a channel config policy reference", func() {
It("successfully invokes the chaincode", func() {
// collection config endorsement policy specifies channel config policy reference /Channel/Application/Readers
By("setting the collection config endorsement policy to use a channel config policy reference")
testChaincode.CollectionsConfig = collectionConfig("collections_config5.json")
When("a peer specified in the collection endorsement policy but not in the chaincode endorsement policy is used to invoke the chaincode", func() {
When("the collection endorsement policy is a signature policy", func() {
It("successfully invokes the chaincode", func() {
// collection config endorsement policy specifies org2 or org3 peers for endorsement
By("setting the collection config endorsement policy to use a signature policy")
testChaincode.CollectionsConfig = collectionConfig("collections_config4.json")

By("setting the chaincode endorsement policy to org1 or org2 peers")
testChaincode.SignaturePolicy = `OR ('Org1MSP.member','Org2MSP.member')`

By("deploying new lifecycle chaincode")
// set collection endorsement policy to org2 or org3
deployChaincode(network, orderer, testChaincode)

By("adding marble1 with an org3 peer as endorser")
peer := network.Peer("Org3", "peer0")
marbleDetails := `{"name":"marble1", "color":"blue", "size":35, "owner":"tom", "price":99}`
addMarble(network, orderer, testChaincode.Name, marbleDetails, peer)
})
})

When("the collection endorsement policy is a channel config policy reference", func() {
It("successfully invokes the chaincode", func() {
// collection config endorsement policy specifies channel config policy reference /Channel/Application/Readers
By("setting the collection config endorsement policy to use a channel config policy reference")
testChaincode.CollectionsConfig = collectionConfig("collections_config5.json")

By("setting the channel endorsement policy to org1 or org2 peers")
testChaincode.SignaturePolicy = `OR ('Org1MSP.member','Org2MSP.member')`

By("deploying new lifecycle chaincode")
deployChaincode(network, orderer, testChaincode)

By("adding marble1 with an org3 peer as endorser")
peer := network.Peer("Org3", "peer0")
marbleDetails := `{"name":"marble1", "color":"blue", "size":35, "owner":"tom", "price":99}`
addMarble(network, orderer, testChaincode.Name, marbleDetails, peer)
})
})
})

By("setting the channel endorsement policy to org1 or org2 peers")
testChaincode.SignaturePolicy = `OR ('Org1MSP.member','Org2MSP.member')`
When("the collection config endorsement policy specifies a semantically wrong, but well formed signature policy", func() {
It("fails to invoke the chaincode with an endorsement policy failure", func() {
By("setting the collection config endorsement policy to non existent org4 peers")
testChaincode.CollectionsConfig = collectionConfig("collections_config6.json")

By("deploying new lifecycle chaincode")
deployChaincode(network, orderer, testChaincode)

By("adding marble1 with an org3 peer as endorser")
peer := network.Peer("Org3", "peer0")
By("adding marble1 with an org1 peer as endorser")
peer := network.Peer("Org1", "peer0")
marbleDetails := `{"name":"marble1", "color":"blue", "size":35, "owner":"tom", "price":99}`
addMarble(network, orderer, testChaincode.Name, marbleDetails, peer)
marbleDetailsBase64 := base64.StdEncoding.EncodeToString([]byte(marbleDetails))

command := commands.ChaincodeInvoke{
ChannelID: channelID,
Orderer: network.OrdererAddress(orderer, nwo.ListenPort),
Name: testChaincode.Name,
Ctor: fmt.Sprintf(`{"Args":["initMarble"]}`),
Transient: fmt.Sprintf(`{"marble":"%s"}`, marbleDetailsBase64),
PeerAddresses: []string{
network.PeerAddress(peer, nwo.ListenPort),
},
WaitForEvent: true,
}

sess, err := network.PeerUserSession(peer, "User1", command)
Expect(err).NotTo(HaveOccurred())
Eventually(sess, network.EventuallyTimeout).Should(gexec.Exit())
Expect(sess.Err).To(gbytes.Say("ENDORSEMENT_POLICY_FAILURE"))
})
})
})
Expand Down
24 changes: 24 additions & 0 deletions integration/pvtdata/testdata/collection_configs/collections_config6.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
[
{
"name": "collectionMarbles",
"policy": "OR('Org1MSP.member', 'Org2MSP.member', 'Org3MSP.member')",
"requiredPeerCount": 1,
"maxPeerCount": 2,
"blockToLive":1000000,
"memberOnlyRead": false,
"endorsementPolicy": {
"signaturePolicy": "OR('Org4MSP.member')"
}
},
{
"name": "collectionMarblePrivateDetails",
"policy": "OR('Org1MSP.member', 'Org2MSP.member', 'Org3MSP.member')",
"requiredPeerCount": 1,
"maxPeerCount": 2,
"blockToLive":1000000,
"memberOnlyRead": false,
"endorsementPolicy": {
"signaturePolicy": "OR('Org4MSP.member')"
}
}
]

0 comments on commit ddd24b9

Please sign in to comment.