forked from hyperledger/fabric
-
Notifications
You must be signed in to change notification settings - Fork 0
/
bundle.go
245 lines (207 loc) · 7.54 KB
/
bundle.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
/*
Copyright IBM Corp. All Rights Reserved.
SPDX-License-Identifier: Apache-2.0
*/
package channelconfig
import (
"github.com/hyperledger/fabric/common/cauthdsl"
"github.com/hyperledger/fabric/common/configtx"
"github.com/hyperledger/fabric/common/flogging"
"github.com/hyperledger/fabric/common/policies"
"github.com/hyperledger/fabric/msp"
cb "github.com/hyperledger/fabric/protos/common"
"github.com/hyperledger/fabric/protos/utils"
"github.com/pkg/errors"
)
var logger = flogging.MustGetLogger("common.channelconfig")
// RootGroupKey is the key for namespacing the channel config, especially for
// policy evaluation.
const RootGroupKey = "Channel"
// Bundle is a collection of resources which will always have a consistent
// view of the channel configuration. In particular, for a given bundle reference,
// the config sequence, the policy manager etc. will always return exactly the
// same value. The Bundle structure is immutable and will always be replaced in its
// entirety, with new backing memory.
type Bundle struct {
policyManager policies.Manager
channelConfig *ChannelConfig
configtxManager configtx.Validator
}
// PolicyManager returns the policy manager constructed for this config.
func (b *Bundle) PolicyManager() policies.Manager {
return b.policyManager
}
// MSPManager returns the MSP manager constructed for this config.
func (b *Bundle) MSPManager() msp.MSPManager {
return b.channelConfig.MSPManager()
}
// ChannelConfig returns the config.Channel for the chain.
func (b *Bundle) ChannelConfig() Channel {
return b.channelConfig
}
// OrdererConfig returns the config.Orderer for the channel
// and whether the Orderer config exists.
func (b *Bundle) OrdererConfig() (Orderer, bool) {
result := b.channelConfig.OrdererConfig()
return result, result != nil
}
// ConsortiumsConfig returns the config.Consortiums for the channel
// and whether the consortiums config exists.
func (b *Bundle) ConsortiumsConfig() (Consortiums, bool) {
result := b.channelConfig.ConsortiumsConfig()
return result, result != nil
}
// ApplicationConfig returns the configtxapplication.SharedConfig for the channel
// and whether the Application config exists.
func (b *Bundle) ApplicationConfig() (Application, bool) {
result := b.channelConfig.ApplicationConfig()
return result, result != nil
}
// ConfigtxValidator returns the configtx.Validator for the channel.
func (b *Bundle) ConfigtxValidator() configtx.Validator {
return b.configtxManager
}
// ValidateNew checks if a new bundle's contained configuration is valid to be derived from the current bundle.
// This allows checks of the nature "Make sure that the consensus type did not change".
func (b *Bundle) ValidateNew(nb Resources) error {
if oc, ok := b.OrdererConfig(); ok {
noc, ok := nb.OrdererConfig()
if !ok {
return errors.New("current config has orderer section, but new config does not")
}
// Prevent consensus-type migration when channel capabilities ConsensusTypeMigration is disabled
if !b.channelConfig.Capabilities().ConsensusTypeMigration() {
if oc.ConsensusType() != noc.ConsensusType() {
return errors.Errorf("attempted to change consensus type from %s to %s",
oc.ConsensusType(), noc.ConsensusType())
}
}
for orgName, org := range oc.Organizations() {
norg, ok := noc.Organizations()[orgName]
if !ok {
continue
}
mspID := org.MSPID()
if mspID != norg.MSPID() {
return errors.Errorf("orderer org %s attempted to change MSP ID from %s to %s", orgName, mspID, norg.MSPID())
}
}
}
if ac, ok := b.ApplicationConfig(); ok {
nac, ok := nb.ApplicationConfig()
if !ok {
return errors.New("current config has application section, but new config does not")
}
for orgName, org := range ac.Organizations() {
norg, ok := nac.Organizations()[orgName]
if !ok {
continue
}
mspID := org.MSPID()
if mspID != norg.MSPID() {
return errors.Errorf("application org %s attempted to change MSP ID from %s to %s", orgName, mspID, norg.MSPID())
}
}
}
if cc, ok := b.ConsortiumsConfig(); ok {
ncc, ok := nb.ConsortiumsConfig()
if !ok {
return errors.Errorf("current config has consortiums section, but new config does not")
}
for consortiumName, consortium := range cc.Consortiums() {
nconsortium, ok := ncc.Consortiums()[consortiumName]
if !ok {
continue
}
for orgName, org := range consortium.Organizations() {
norg, ok := nconsortium.Organizations()[orgName]
if !ok {
continue
}
mspID := org.MSPID()
if mspID != norg.MSPID() {
return errors.Errorf("consortium %s org %s attempted to change MSP ID from %s to %s", consortiumName, orgName, mspID, norg.MSPID())
}
}
}
} else if _, okNew := nb.ConsortiumsConfig(); okNew {
return errors.Errorf("current config has no consortiums section, but new config does")
}
return nil
}
// NewBundleFromEnvelope wraps the NewBundle function, extracting the needed
// information from a full configtx
func NewBundleFromEnvelope(env *cb.Envelope) (*Bundle, error) {
payload, err := utils.UnmarshalPayload(env.Payload)
if err != nil {
return nil, errors.Wrap(err, "failed to unmarshal payload from envelope")
}
configEnvelope, err := configtx.UnmarshalConfigEnvelope(payload.Data)
if err != nil {
return nil, errors.Wrap(err, "failed to unmarshal config envelope from payload")
}
if payload.Header == nil {
return nil, errors.Errorf("envelope header cannot be nil")
}
chdr, err := utils.UnmarshalChannelHeader(payload.Header.ChannelHeader)
if err != nil {
return nil, errors.Wrap(err, "failed to unmarshal channel header")
}
return NewBundle(chdr.ChannelId, configEnvelope.Config)
}
// NewBundle creates a new immutable bundle of configuration
func NewBundle(channelID string, config *cb.Config) (*Bundle, error) {
if err := preValidate(config); err != nil {
return nil, err
}
channelConfig, err := NewChannelConfig(config.ChannelGroup)
if err != nil {
return nil, errors.Wrap(err, "initializing channelconfig failed")
}
policyProviderMap := make(map[int32]policies.Provider)
for pType := range cb.Policy_PolicyType_name {
rtype := cb.Policy_PolicyType(pType)
switch rtype {
case cb.Policy_UNKNOWN:
// Do not register a handler
case cb.Policy_SIGNATURE:
policyProviderMap[pType] = cauthdsl.NewPolicyProvider(channelConfig.MSPManager())
case cb.Policy_MSP:
// Add hook for MSP Handler here
}
}
policyManager, err := policies.NewManagerImpl(RootGroupKey, policyProviderMap, config.ChannelGroup)
if err != nil {
return nil, errors.Wrap(err, "initializing policymanager failed")
}
configtxManager, err := configtx.NewValidatorImpl(channelID, config, RootGroupKey, policyManager)
if err != nil {
return nil, errors.Wrap(err, "initializing configtx manager failed")
}
return &Bundle{
policyManager: policyManager,
channelConfig: channelConfig,
configtxManager: configtxManager,
}, nil
}
func preValidate(config *cb.Config) error {
if config == nil {
return errors.New("channelconfig Config cannot be nil")
}
if config.ChannelGroup == nil {
return errors.New("config must contain a channel group")
}
if og, ok := config.ChannelGroup.Groups[OrdererGroupKey]; ok {
if _, ok := og.Values[CapabilitiesKey]; !ok {
if _, ok := config.ChannelGroup.Values[CapabilitiesKey]; ok {
return errors.New("cannot enable channel capabilities without orderer support first")
}
if ag, ok := config.ChannelGroup.Groups[ApplicationGroupKey]; ok {
if _, ok := ag.Values[CapabilitiesKey]; ok {
return errors.New("cannot enable application capabilities without orderer support first")
}
}
}
}
return nil
}