[FAB-11323] added pvtdata membership info provider

this change set adds pvtdata membership info provider interface and
an implementation of the interface.

Change-Id: I90b31f26141d292dd52d2524e2a1527dd4ba818f
Signed-off-by: nirro <nirro@il.ibm.com>

Author: nirrozenbaum

core/common/privdata/collection.go

@@ -85,6 +85,13 @@ type CollectionStore interface {
 
 	// RetrieveCollectionPersistenceConfigs retrieves the collection's persistence related configurations
 	RetrieveCollectionPersistenceConfigs(cc common.CollectionCriteria) (CollectionPersistenceConfigs, error)
+
+	CollectionFilter
+}
+
+type CollectionFilter interface {
+	// AccessFilter retrieves the collection's filter that matches a given channel and a collectionPolicyConfig
+	AccessFilter(channelName string, collectionPolicyConfig *common.CollectionPolicyConfig) (Filter, error)
 }
 
 const (

core/common/privdata/membershipinfo.go

@@ -0,0 +1,35 @@
+/*
+Copyright IBM Corp. All Rights Reserved.
+
+SPDX-License-Identifier: Apache-2.0
+*/
+
+package privdata
+
+import (
+	"github.com/hyperledger/fabric/protos/common"
+)
+
+// MembershipInfoProvider interface defines an interface to check whether a peer is eligible to a collection or not
+type MembershipInfoProvider interface {
+	// AmMemberOf checks whether the current peer is a member of the given collection config
+	AmMemberOf(collectionPolicyConfig *common.CollectionPolicyConfig) (bool, error)
+}
+
+type membershipProvider struct {
+	selfSignedData common.SignedData
+	cf             CollectionFilter
+	channelName    string
+}
+
+func NewMembershipInfoProvider(channelName string, selfSignedData common.SignedData, filter CollectionFilter) MembershipInfoProvider {
+	return &membershipProvider{channelName: channelName, selfSignedData: selfSignedData, cf: filter}
+}
+
+func (m *membershipProvider) AmMemberOf(collectionPolicyConfig *common.CollectionPolicyConfig) (bool, error) {
+	filt, err := m.cf.AccessFilter(m.channelName, collectionPolicyConfig)
+	if err != nil {
+		return false, err
+	}
+	return filt(m.selfSignedData), nil
+}

core/common/privdata/membershipinfo_test.go

@@ -0,0 +1,52 @@
+/*
+Copyright IBM Corp. All Rights Reserved.
+
+SPDX-License-Identifier: Apache-2.0
+*/
+
+package privdata
+
+import (
+	"testing"
+
+	"github.com/hyperledger/fabric/common/cauthdsl"
+	"github.com/hyperledger/fabric/protos/common"
+	"github.com/stretchr/testify/assert"
+)
+
+func TestMembershipInfoProvider(t *testing.T) {
+	// define identity of self peer as peer0
+	peerSelfSignedData := common.SignedData{
+		Identity:  []byte("peer0"),
+		Signature: []byte{1, 2, 3},
+		Data:      []byte{4, 5, 6},
+	}
+
+	collectionStore := NewSimpleCollectionStore(&mockStoreSupport{})
+
+	// verify membership provider returns true
+	membershipProvider := NewMembershipInfoProvider("test1", peerSelfSignedData, collectionStore)
+	res, err := membershipProvider.AmMemberOf(getAccessPolicy([]string{"peer0", "peer1"}))
+	assert.True(t, res)
+	assert.Nil(t, err)
+
+	// verify membership provider returns false
+	res, err = membershipProvider.AmMemberOf(getAccessPolicy([]string{"peer2", "peer3"}))
+	assert.False(t, res)
+	assert.Nil(t, err)
+
+	// verify membership provider returns nil and error
+	res, err = membershipProvider.AmMemberOf(nil)
+	assert.False(t, res)
+	assert.Error(t, err)
+	assert.Equal(t, "Collection config policy is nil", err.Error())
+}
+
+func getAccessPolicy(signers []string) *common.CollectionPolicyConfig {
+	var data [][]byte
+	for _, signer := range signers {
+		data = append(data, []byte(signer))
+	}
+	policyEnvelope := cauthdsl.Envelope(cauthdsl.Or(cauthdsl.SignedBy(0), cauthdsl.SignedBy(1)), data)
+	return createCollectionPolicyConfig(policyEnvelope)
+}

core/common/privdata/simplecollection.go

@@ -81,13 +81,7 @@ func (sc *SimpleCollection) Setup(collectionConfig *common.StaticCollectionConfi
 		return errors.New("Collection config access policy is nil")
 	}
 
-	// create access policy from the envelope
-	npp := cauthdsl.NewPolicyProvider(deserializer)
-	polBytes, err := proto.Marshal(accessPolicyEnvelope)
-	if err != nil {
-		return err
-	}
-	sc.accessPolicy, _, err = npp.NewPolicy(polBytes)
+	err := sc.setupAccessPolicy(collectionPolicyConfig, deserializer)
 	if err != nil {
 		return err
 	}
@@ -124,6 +118,27 @@ func (sc *SimpleCollection) Setup(collectionConfig *common.StaticCollectionConfi
 	return nil
 }
 
+// Setup configures a simple collection object based on a given
+// StaticCollectionConfig proto that has all the necessary information
+func (sc *SimpleCollection) setupAccessPolicy(collectionPolicyConfig *common.CollectionPolicyConfig, deserializer msp.IdentityDeserializer) error {
+	if collectionPolicyConfig == nil {
+		return errors.New("Collection config policy is nil")
+	}
+	accessPolicyEnvelope := collectionPolicyConfig.GetSignaturePolicy()
+	if accessPolicyEnvelope == nil {
+		return errors.New("Collection config access policy is nil")
+	}
+
+	// create access policy from the envelope
+	npp := cauthdsl.NewPolicyProvider(deserializer)
+	polBytes, err := proto.Marshal(accessPolicyEnvelope)
+	if err != nil {
+		return err
+	}
+	sc.accessPolicy, _, err = npp.NewPolicy(polBytes)
+	return err
+}
+
 // BlockToLive return collection's block to live configuration
 func (s *SimpleCollectionPersistenceConfigs) BlockToLive() uint64 {
 	return s.blockToLive

core/common/privdata/store.go

@@ -120,6 +120,15 @@ func (c *simpleCollectionStore) retrieveSimpleCollection(cc common.CollectionCri
 	return sc, nil
 }
 
+func (c *simpleCollectionStore) AccessFilter(channelName string, collectionPolicyConfig *common.CollectionPolicyConfig) (Filter, error) {
+	sc := &SimpleCollection{}
+	err := sc.setupAccessPolicy(collectionPolicyConfig, c.s.GetIdentityDeserializer(channelName))
+	if err != nil {
+		return nil, err
+	}
+	return sc.AccessFilter(), nil
+}
+
 func (c *simpleCollectionStore) RetrieveCollection(cc common.CollectionCriteria) (Collection, error) {
 	return c.retrieveSimpleCollection(cc)
 }

core/ledger/pvtdatapolicy/testutil/mock_collection_store.go

@@ -43,6 +43,10 @@ func (m *MockCollectionStore) RetrieveCollectionPersistenceConfigs(cc common.Col
 	return nil, privdata.NoSuchCollectionError{}
 }
 
+func (m *MockCollectionStore) AccessFilter(channelName string, collectionPolicyConfig *common.CollectionPolicyConfig) (privdata.Filter, error) {
+	return nil, errors.New("not implemented")
+}
+
 func (m *MockCollectionStore) SetBTL(ns, collection string, btl uint64) {
 	m.dummyData[[2]string{ns, collection}] = btl
 }

gossip/privdata/coordinator_test.go

@@ -406,6 +406,10 @@ func (cs *collectionStore) RetrieveCollectionPersistenceConfigs(cc common.Collec
 	panic("implement me")
 }
 
+func (cs *collectionStore) AccessFilter(channelName string, collectionPolicyConfig *common.CollectionPolicyConfig) (privdata.Filter, error) {
+	panic("implement me")
+}
+
 type collectionAccessPolicy struct {
 	cs *collectionStore
 	n  uint64

gossip/privdata/pull_test.go

@@ -89,6 +89,10 @@ func (cs mockCollectionStore) RetrieveCollectionPersistenceConfigs(cc fcommon.Co
 	return cs.m[cc.Collection], nil
 }
 
+func (cs mockCollectionStore) AccessFilter(channelName string, collectionPolicyConfig *fcommon.CollectionPolicyConfig) (privdata.Filter, error) {
+	panic("implement me")
+}
+
 type mockCollectionAccess struct {
 	cs  *mockCollectionStore
 	btl uint64