Documentation ¶
Index ¶
- Constants
- func ImplicitMetaFromString(input string) (*cb.ImplicitMetaPolicy, error)
- func ImplicitMetaPolicyWithSubPolicy(subPolicyName string, rule cb.ImplicitMetaPolicy_Rule) *cb.ConfigPolicy
- func SignatureSetToValidIdentities(signedData []*protoutil.SignedData, ...) []mspi.Identity
- func TemplateImplicitMetaAllPolicy(path []string, policyName string) *cb.ConfigGroup
- func TemplateImplicitMetaAnyPolicy(path []string, policyName string) *cb.ConfigGroup
- func TemplateImplicitMetaMajorityPolicy(path []string, policyName string) *cb.ConfigGroup
- func TemplateImplicitMetaPolicy(path []string, policyName string, rule cb.ImplicitMetaPolicy_Rule) *cb.ConfigGroup
- func TemplateImplicitMetaPolicyWithSubPolicy(path []string, policyName string, subPolicyName string, ...) *cb.ConfigGroup
- type ChannelPolicyManagerGetter
- type ConfigPolicy
- type Converter
- type ImplicitMetaPolicy
- type InquireablePolicy
- type Manager
- type ManagerImpl
- type Policy
- type PolicyLogger
- type PolicyManagerGetterFunc
- type PrincipalSet
- type PrincipalSets
- type Provider
- type StandardConfigPolicy
- func ImplicitMetaAllPolicy(policyName string) *StandardConfigPolicy
- func ImplicitMetaAnyPolicy(policyName string) *StandardConfigPolicy
- func ImplicitMetaMajorityPolicy(policyName string) *StandardConfigPolicy
- func SignaturePolicy(policyName string, sigPolicy *cb.SignaturePolicyEnvelope) *StandardConfigPolicy
Constants ¶
const ( // Path separator is used to separate policy names in paths PathSeparator = "/" // ChannelPrefix is used in the path of standard channel policy managers ChannelPrefix = "Channel" // ApplicationPrefix is used in the path of standard application policy paths ApplicationPrefix = "Application" // OrdererPrefix is used in the path of standard orderer policy paths OrdererPrefix = "Orderer" // ChannelReaders is the label for the channel's readers policy (encompassing both orderer and application readers) ChannelReaders = PathSeparator + ChannelPrefix + PathSeparator + "Readers" // ChannelWriters is the label for the channel's writers policy (encompassing both orderer and application writers) ChannelWriters = PathSeparator + ChannelPrefix + PathSeparator + "Writers" // ChannelApplicationReaders is the label for the channel's application readers policy ChannelApplicationReaders = PathSeparator + ChannelPrefix + PathSeparator + ApplicationPrefix + PathSeparator + "Readers" // ChannelApplicationWriters is the label for the channel's application writers policy ChannelApplicationWriters = PathSeparator + ChannelPrefix + PathSeparator + ApplicationPrefix + PathSeparator + "Writers" // ChannelApplicationAdmins is the label for the channel's application admin policy ChannelApplicationAdmins = PathSeparator + ChannelPrefix + PathSeparator + ApplicationPrefix + PathSeparator + "Admins" // BlockValidation is the label for the policy which should validate the block signatures for the channel BlockValidation = PathSeparator + ChannelPrefix + PathSeparator + OrdererPrefix + PathSeparator + "BlockValidation" // ChannelOrdererAdmins is the label for the channel's orderer admin policy ChannelOrdererAdmins = PathSeparator + ChannelPrefix + PathSeparator + OrdererPrefix + PathSeparator + "Admins" // ChannelOrdererWriters is the label for the channel's orderer writers policy ChannelOrdererWriters = PathSeparator + ChannelPrefix + PathSeparator + OrdererPrefix + PathSeparator + "Writers" // ChannelOrdererReaders is the label for the channel's orderer readers policy ChannelOrdererReaders = PathSeparator + ChannelPrefix + PathSeparator + OrdererPrefix + PathSeparator + "Readers" )
Variables ¶
This section is empty.
Functions ¶
func ImplicitMetaFromString ¶ added in v1.2.0
func ImplicitMetaFromString(input string) (*cb.ImplicitMetaPolicy, error)
func ImplicitMetaPolicyWithSubPolicy ¶
func ImplicitMetaPolicyWithSubPolicy(subPolicyName string, rule cb.ImplicitMetaPolicy_Rule) *cb.ConfigPolicy
ImplicitMetaPolicyWithSubPolicy creates an implicitmeta policy
func SignatureSetToValidIdentities ¶
func SignatureSetToValidIdentities(signedData []*protoutil.SignedData, identityDeserializer mspi.IdentityDeserializer) []mspi.Identity
SignatureSetToValidIdentities takes a slice of pointers to signed data, checks the validity of the signature and of the signer and returns a slice of associated identities. The returned identities are deduplicated.
func TemplateImplicitMetaAllPolicy ¶
func TemplateImplicitMetaAllPolicy(path []string, policyName string) *cb.ConfigGroup
TempateImplicitMetaAnyPolicy returns TemplateImplicitMetaPolicy with cb.ImplicitMetaPolicy_ALL as the rule
func TemplateImplicitMetaAnyPolicy ¶
func TemplateImplicitMetaAnyPolicy(path []string, policyName string) *cb.ConfigGroup
TempateImplicitMetaAnyPolicy returns TemplateImplicitMetaPolicy with cb.ImplicitMetaPolicy_ANY as the rule
func TemplateImplicitMetaMajorityPolicy ¶
func TemplateImplicitMetaMajorityPolicy(path []string, policyName string) *cb.ConfigGroup
TempateImplicitMetaAnyPolicy returns TemplateImplicitMetaPolicy with cb.ImplicitMetaPolicy_MAJORITY as the rule
func TemplateImplicitMetaPolicy ¶
func TemplateImplicitMetaPolicy(path []string, policyName string, rule cb.ImplicitMetaPolicy_Rule) *cb.ConfigGroup
TemplateImplicitMetaPolicy creates a policy at the specified path with the given policyName It utilizes the policyName for the subPolicyName as well, as this is the standard usage pattern
func TemplateImplicitMetaPolicyWithSubPolicy ¶
func TemplateImplicitMetaPolicyWithSubPolicy(path []string, policyName string, subPolicyName string, rule cb.ImplicitMetaPolicy_Rule) *cb.ConfigGroup
TemplateImplicitMetaPolicy creates a policy at the specified path with the given policyName and subPolicyName
Types ¶
type ChannelPolicyManagerGetter ¶
type ChannelPolicyManagerGetter interface { // Returns the policy manager associated with the specified channel. Manager(channelID string) Manager }
ChannelPolicyManagerGetter is a support interface to get access to the policy manager of a given channel
type ConfigPolicy ¶ added in v1.1.0
type ConfigPolicy interface { // Key is the key this value should be stored in the *cb.ConfigGroup.Policies map. Key() string // Value is the backing policy implementation for this ConfigPolicy Value() *cb.Policy }
ConfigPolicy defines a common representation for different *cb.ConfigPolicy values.
type Converter ¶
type Converter interface {
Convert() (*cb.SignaturePolicyEnvelope, error)
}
Converter represents a policy which may be translated into a SignaturePolicyEnvelope
type ImplicitMetaPolicy ¶
type ImplicitMetaPolicy struct { Threshold int SubPolicies []Policy SubPolicyName string // contains filtered or unexported fields }
func NewImplicitMetaPolicy ¶
func NewImplicitMetaPolicy(data []byte, managers map[string]*ManagerImpl) (*ImplicitMetaPolicy, error)
NewPolicy creates a new policy based on the policy bytes
func (*ImplicitMetaPolicy) Convert ¶
func (p *ImplicitMetaPolicy) Convert() (*cb.SignaturePolicyEnvelope, error)
Convert implements the policies.Converter function to convert an implicit meta policy into a signature policy envelope.
func (*ImplicitMetaPolicy) EvaluateIdentities ¶
func (imp *ImplicitMetaPolicy) EvaluateIdentities(identities []msp.Identity) error
EvaluateIdentities takes an array of identities and evaluates whether they satisfy the policy
func (*ImplicitMetaPolicy) EvaluateSignedData ¶
func (imp *ImplicitMetaPolicy) EvaluateSignedData(signatureSet []*protoutil.SignedData) error
EvaluateSignedData takes a set of SignedData and evaluates whether this set of signatures satisfies the policy
type InquireablePolicy ¶ added in v1.2.0
type InquireablePolicy interface { // SatisfiedBy returns a slice of PrincipalSets that each of them // satisfies the policy. SatisfiedBy() []PrincipalSet }
InquireablePolicy is a Policy that one can inquire
type Manager ¶
type Manager interface { // GetPolicy returns a policy and true if it was the policy requested, or false if it is the default policy GetPolicy(id string) (Policy, bool) // Manager returns the sub-policy manager for a given path and whether it exists Manager(path []string) (Manager, bool) }
Manager is a read only subset of the policy ManagerImpl
type ManagerImpl ¶
ManagerImpl is an implementation of Manager and configtx.ConfigHandler In general, it should only be referenced as an Impl for the configtx.ConfigManager
func NewManagerImpl ¶
func NewManagerImpl(path string, providers map[int32]Provider, root *cb.ConfigGroup) (*ManagerImpl, error)
NewManagerImpl creates a new ManagerImpl with the given CryptoHelper
func (*ManagerImpl) GetPolicy ¶
func (pm *ManagerImpl) GetPolicy(id string) (Policy, bool)
GetPolicy returns a policy and true if it was the policy requested, or false if it is the default reject policy
func (*ManagerImpl) Manager ¶
func (pm *ManagerImpl) Manager(path []string) (Manager, bool)
Manager returns the sub-policy manager for a given path and whether it exists
type Policy ¶
type Policy interface { // EvaluateSignedData takes a set of SignedData and evaluates whether // 1) the signatures are valid over the related message // 2) the signing identities satisfy the policy EvaluateSignedData(signatureSet []*protoutil.SignedData) error // EvaluateIdentities takes an array of identities and evaluates whether // they satisfy the policy EvaluateIdentities(identities []mspi.Identity) error }
Policy is used to determine if a signature is valid
type PolicyLogger ¶
type PolicyLogger struct { Policy Policy // contains filtered or unexported fields }
func (*PolicyLogger) Convert ¶
func (pl *PolicyLogger) Convert() (*cb.SignaturePolicyEnvelope, error)
func (*PolicyLogger) EvaluateIdentities ¶
func (pl *PolicyLogger) EvaluateIdentities(identities []mspi.Identity) error
func (*PolicyLogger) EvaluateSignedData ¶
func (pl *PolicyLogger) EvaluateSignedData(signatureSet []*protoutil.SignedData) error
type PolicyManagerGetterFunc ¶
PolicyManagerGetterFunc is a function adapater for ChannelPolicyManagerGetter.
func (PolicyManagerGetterFunc) Manager ¶
func (p PolicyManagerGetterFunc) Manager(channelID string) Manager
type PrincipalSet ¶ added in v1.2.0
type PrincipalSet []*msp.MSPPrincipal
PrincipalSet is a collection of MSPPrincipals
func (PrincipalSet) ContainingOnly ¶ added in v1.2.0
func (ps PrincipalSet) ContainingOnly(f func(*msp.MSPPrincipal) bool) bool
ContainingOnly returns whether the given PrincipalSet contains only Principals that satisfy the given predicate
func (PrincipalSet) UniqueSet ¶ added in v1.2.0
func (ps PrincipalSet) UniqueSet() map[*msp.MSPPrincipal]int
UniqueSet returns a histogram that is induced by the PrincipalSet
type PrincipalSets ¶ added in v1.2.0
type PrincipalSets []PrincipalSet
PrincipalSets aggregates PrincipalSets
func (PrincipalSets) ContainingOnly ¶ added in v1.2.0
func (psSets PrincipalSets) ContainingOnly(f func(*msp.MSPPrincipal) bool) PrincipalSets
ContainingOnly returns PrincipalSets that contain only principals of the given predicate
type Provider ¶
type Provider interface { // NewPolicy creates a new policy based on the policy bytes NewPolicy(data []byte) (Policy, proto.Message, error) }
Provider provides the backing implementation of a policy
type StandardConfigPolicy ¶ added in v1.1.0
type StandardConfigPolicy struct {
// contains filtered or unexported fields
}
StandardConfigValue implements the ConfigValue interface.
func ImplicitMetaAllPolicy ¶ added in v1.1.0
func ImplicitMetaAllPolicy(policyName string) *StandardConfigPolicy
ImplicitMetaAllPolicy defines an implicit meta policy whose sub_policy and key is policyname with rule ALL.
func ImplicitMetaAnyPolicy ¶ added in v1.1.0
func ImplicitMetaAnyPolicy(policyName string) *StandardConfigPolicy
ImplicitMetaAnyPolicy defines an implicit meta policy whose sub_policy and key is policyname with rule ANY.
func ImplicitMetaMajorityPolicy ¶ added in v1.1.0
func ImplicitMetaMajorityPolicy(policyName string) *StandardConfigPolicy
ImplicitMetaMajorityPolicy defines an implicit meta policy whose sub_policy and key is policyname with rule MAJORITY.
func SignaturePolicy ¶ added in v1.1.0
func SignaturePolicy(policyName string, sigPolicy *cb.SignaturePolicyEnvelope) *StandardConfigPolicy
SignaturePolicy defines a policy with key policyName and the given signature policy.
func (*StandardConfigPolicy) Key ¶ added in v1.1.0
func (scv *StandardConfigPolicy) Key() string
Key is the key this value should be stored in the *cb.ConfigGroup.Values map.
func (*StandardConfigPolicy) Value ¶ added in v1.1.0
func (scv *StandardConfigPolicy) Value() *cb.Policy
Value is the *cb.Policy which should be stored as the *cb.ConfigPolicy.Policy.