forked from hyperledger/fabric
/
aclmgmtimpl.go
60 lines (46 loc) · 1.61 KB
/
aclmgmtimpl.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
/*
Copyright IBM Corp. All Rights Reserved.
SPDX-License-Identifier: Apache-2.0
*/
package aclmgmt
import (
"github.com/hyperledger/fabric/common/flogging"
"github.com/hyperledger/fabric/core/ledger"
"github.com/hyperledger/fabric/protos/common"
)
var aclMgmtLogger = flogging.MustGetLogger("aclmgmt")
type aclMethod func(resName string, channelID string, idinfo interface{}) error
//implementation of aclMgmt
type aclMgmtImpl struct {
//by default resources are managed by RSCC. However users may set aclMethod for
//a resource and bypass RSCC if necessary
aclOverrides map[string]aclMethod
}
var rscc ACLProvider
//CheckACL checks the ACL for the resource for the channel using the
//idinfo. idinfo is an object such as SignedProposal from which an
//id can be extracted for testing against a policy
func (am *aclMgmtImpl) CheckACL(resName string, channelID string, idinfo interface{}) error {
aclMeth := am.aclOverrides[resName]
if aclMeth != nil {
return aclMeth(resName, channelID, idinfo)
}
if rscc == nil {
panic("-----RegisterACLProvider not called ----")
}
return rscc.CheckACL(resName, channelID, idinfo)
}
func newACLMgmt(r ACLProvider) ACLProvider {
rscc = r
if rscc == nil {
rscc = newDefaultACLProvider()
}
//by default overrides are not set and all acl checks are referred to rscc
return &aclMgmtImpl{aclOverrides: make(map[string]aclMethod)}
}
func (am *aclMgmtImpl) GenerateSimulationResults(txEnvelop *common.Envelope, simulator ledger.TxSimulator) error {
if rscc == nil {
panic("-----RegisterACLProvider not called ----")
}
return rscc.GenerateSimulationResults(txEnvelop, simulator)
}