-
Notifications
You must be signed in to change notification settings - Fork 6
/
aclmgmt.go
55 lines (43 loc) · 1.47 KB
/
aclmgmt.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
/*
Copyright IBM Corp. All Rights Reserved.
SPDX-License-Identifier: Apache-2.0
*/
package aclmgmt
import (
"sync"
"github.com/hyperledger/fabric/common/flogging"
)
var aclLogger = flogging.MustGetLogger("aclmgmt")
type ACLProvider interface {
//CheckACL checks the ACL for the resource for the channel using the
//idinfo. idinfo is an object such as SignedProposal from which an
//id can be extracted for testing against a policy
CheckACL(resName string, channelID string, idinfo interface{}) error
}
//---------- custom tx processor initialized once by peer -------
var configtxLock sync.RWMutex
//---------- ACLProvider intialized once SCCs are brought up by peer ---------
var aclProvider ACLProvider
var once sync.Once
//---------- ACLProvider intialized once SCCs are brought up by peer ---------
//RegisterACLProvider will be called to register an ACLProvider.
//Users can write their own ACLProvider and register. If not provided,
//the standard resource based ACLProvider will be created and registered
func RegisterACLProvider(prov ACLProvider) {
once.Do(func() {
configtxLock.Lock()
defer configtxLock.Unlock()
//if an external prov is not supplied, create
//a resource based ACLProvider and register
if aclProvider = prov; aclProvider == nil {
aclProvider = newACLMgmt(nil)
}
})
}
//GetACLProvider returns ACLProvider
func GetACLProvider() ACLProvider {
if aclProvider == nil {
panic("-----RegisterACLProvider not called -----")
}
return aclProvider
}