user_mgmt

package
v0.0.0-...-aeb4a1d Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 5, 2022 License: Apache-2.0 Imports: 9 Imported by: 0

Documentation

Overview

Package user_mgmt manages users and groups. It stores users and organizations as assets and maintains a graph of user and organization relationships. An organization can be a group or subgroup.

Index

Examples

Constants

View Source 
const ROLE_AUDIT = global.ROLE_AUDIT

ROLE_AUDIT is a User.Role option that specifies an auditor.

View Source 
const ROLE_ORG = global.ROLE_ORG

ROLE_ORG is a User.Role option that specifies an org.

View Source 
const ROLE_SYSTEM_ADMIN = global.ROLE_SYSTEM_ADMIN

ROLE_SYSTEM_ADMIN is a User.Role option that specifies a system admin.

View Source 
const ROLE_USER = global.ROLE_USER

ROLE_USER is a User.Role option that specifies a user.

Variables

This section is empty.

Functions

func ConvertFromAsset 

func ConvertFromAsset(asset *data_model.Asset) data_model.User

ConvertFromAsset converts an asset object to a user object.

func ConvertToAsset 

func ConvertToAsset(user data_model.User) data_model.Asset

ConvertToAsset converts a user object to an asset object.

func GetCallerData 

func GetCallerData(stub cached_stub.CachedStubInterface) (data_model.User, error)

GetCallerData gets keys from TMAP and returns the caller's data from the ledger.

Example 
stub := cached_stub.NewCachedStub(test_utils.CreateExampleMockStub())

GetCallerData(stub)

Output:

func GetOrg 

func GetOrg(stub cached_stub.CachedStubInterface, caller data_model.User, args []string) ([]byte, error)

GetOrg returns an organization.

args = [orgId]

Example 
stub := cached_stub.NewCachedStub(test_utils.CreateExampleMockStub())
caller := test_utils.CreateTestUser("caller1")

GetOrg(stub, caller, []string{"org1"})

Output:

func GetOrgs 

func GetOrgs(stub cached_stub.CachedStubInterface, caller data_model.User, args []string) ([]byte, error)

GetOrgs returns a list of all organizations.

args = []

Example 
stub := cached_stub.NewCachedStub(test_utils.CreateExampleMockStub())
caller := test_utils.CreateTestUser("caller1")

GetOrgs(stub, caller, []string{})

Output:

func GetUser 

func GetUser(stub cached_stub.CachedStubInterface, caller data_model.User, args []string) ([]byte, error)

GetUser returns a user object. args = [userID]

Example 
stub := cached_stub.NewCachedStub(test_utils.CreateExampleMockStub())
caller := test_utils.CreateTestUser("caller1")

GetUser(stub, caller, []string{"user1"})

Output:

func GetUserAssetID 

func GetUserAssetID(userID string) string

GetUserAssetID returns the asset ID for the stored user object identified by the given userID.

func GetUserData 

func GetUserData(stub cached_stub.CachedStubInterface, caller data_model.User, userID string, options ...interface{}) (data_model.User, error)

GetUserData finds, decrypts, and returns a User for the given userID. The user's public key will always be included. If the private and/or sym keys cannot be retrieved, they will be left blank, and no error will be returned. If userID is same as callerId, User object is copied from caller object.

options can be passed in any of the following orders:

keyPath []string keyPath []string, keyPath2 []string includePrivateAndSymKeys bool includePrivateAndSymKeys bool, keyPath []string includePrivateAndSymKeys bool, keyPath []string, keyPath2 []string includePrivateAndSymKeys bool, includePrivateData bool includePrivateAndSymKeys bool, includePrivateData bool, keyPath []string includePrivateAndSymKeys bool, includePrivateData bool, keyPath []string, keyPath2 []string

If includePrivateAndSymKeys (default false) is true, this function will include the user's private and sym keys as well. If includePrivateData (default false) is false, the user's private data will not be decrypted. if keyPath (default nil) is passed in, user's symKey will be retrieved using this keyPath. The first element of keyPath must be a caller's key, and the last element must be the user's sym key. keyPaths is always the last option if it's specified. KeyPath2 is for the user's private key.

Example 
stub := cached_stub.NewCachedStub(test_utils.CreateExampleMockStub())
caller := test_utils.CreateTestUser("caller1")

GetUserData(stub, caller, "user1", true, true)

Output:

func GetUserIter 

func GetUserIter(
	stub cached_stub.CachedStubInterface,
	caller data_model.User,
	startValues []string,
	endValues []string,
	decryptPrivateData bool,
	returnOnlyPrivateAssets bool,
	assetKeyPath interface{},
	previousKey string,
	limit int,
	filterRule *simple_rule.Rule) (asset_manager.AssetIteratorInterface, error)

GetUserIter returns an interator of user objects This function is not meant to be called from outside of chaincode

Example 
stub := cached_stub.NewCachedStub(test_utils.CreateExampleMockStub())
caller := test_utils.CreateTestUser("caller1")

// filter rule to exclude user with ID of tom123
rule := simple_rule.NewRule(simple_rule.R("!=",
	simple_rule.R("var", "asset_id"),
	"tom123"),
)

// only get users whose is_group is set to false and role set to user
GetUserIter(
	stub,
	caller,
	[]string{"false", "user"},
	[]string{"false", "user"},
	false,
	false,
	[]string{caller.GetPubPrivKeyId()},
	"",
	10,
	&rule)

Output:

func GetUsers 

func GetUsers(stub cached_stub.CachedStubInterface, caller data_model.User, args []string) ([]byte, error)

GetUsers returns a list of all members for a given orgId, optionally filtered by role.

args = [orgId, role] role is an optional parameter.

Example 
stub := cached_stub.NewCachedStub(test_utils.CreateExampleMockStub())
caller := test_utils.CreateTestUser("caller1")

// returns org1 member users
GetUsers(stub, caller, []string{"org1"})

// returns org1 member users with "user" role
GetUsers(stub, caller, []string{"org1", global.ROLE_USER})

Output:

func Init 

func Init(stub cached_stub.CachedStubInterface, logLevel ...shim.LoggingLevel) ([]byte, error)

Init sets up the user_mgmt package by building an index table for users.

func PutUserInOrg 

func PutUserInOrg(stub cached_stub.CachedStubInterface, caller data_model.User, args []string) ([]byte, error)

PutUserInOrg is a proxy function for PutUserInGroup.

args = [ userID, orgID, isAdmin]

Example 
stub := cached_stub.NewCachedStub(test_utils.CreateExampleMockStub())
caller := test_utils.CreateTestUser("caller1")

PutUserInOrg(stub, caller, []string{"user1", "org1", "false"})

Output:

func RegisterAuditor 

func RegisterAuditor(stub cached_stub.CachedStubInterface, caller data_model.User, args []string) ([]byte, error)

RegisterAuditor registers an auditor user. Caller's role must be "system". Auditor's role must be "audit".

args = [userBytes, allowAccess]

When registering a new user, if allowAccess is true, the caller will be given access to the user's private key.

Example 
stub := cached_stub.NewCachedStub(test_utils.CreateExampleMockStub())
caller := test_utils.CreateTestUser("caller1")

user := data_model.User{
	ID:   "user1",
	Role: global.ROLE_AUDIT,
	// other data_model.User fields
}
userBytes, _ := json.Marshal(&user)

RegisterAuditor(stub, caller, []string{string(userBytes), "true"})

Output:

func RegisterOrg 

func RegisterOrg(stub cached_stub.CachedStubInterface, caller data_model.User, args []string) ([]byte, error)

RegisterOrg registers or updates an organization or a group. Also creates a default org admin user. When registering a new org, if the makeCallerAdmin flag is true, the caller will be added as an admin of the org.

args = [ orgBytes, makeCallerAdmin ]

Example 
stub := cached_stub.NewCachedStub(test_utils.CreateExampleMockStub())
caller := test_utils.CreateTestUser("caller1")

privateKey := test_utils.GeneratePrivateKey()
privateKeyBytes := x509.MarshalPKCS1PrivateKey(privateKey)
publicKey := privateKey.Public().(*rsa.PublicKey)
publicKeyBytes, _ := x509.MarshalPKIXPublicKey(publicKey)
symKey := test_utils.GenerateSymKey()
solutionPrivateData := make(map[string]interface{})

org := data_model.User{
	ID:                  "org1",
	Name:                "Org 1",
	Role:                global.ROLE_ORG,
	PublicKey:           publicKey,
	PublicKeyB64:        base64.StdEncoding.EncodeToString(publicKeyBytes),
	PrivateKey:          privateKey,
	PrivateKeyB64:       base64.StdEncoding.EncodeToString(privateKeyBytes),
	SymKey:              symKey,
	SymKeyB64:           base64.StdEncoding.EncodeToString(symKey),
	IsGroup:             true,
	Status:              "active",
	Email:               "email@mail.com",
	SolutionPublicData:  make(map[string]interface{}),
	SolutionPrivateData: solutionPrivateData,
	KmsPublicKeyId:      "kmspublickeyid",
	KmsPrivateKeyId:     "kmsprivatekeyid",
	KmsSymKeyId:         "kmssymkeyid",
	Secret:              "secret",
}
orgBytes, _ := json.Marshal(&org)

RegisterOrg(stub, caller, []string{string(orgBytes), "true"})

Output:

func RegisterOrgWithParams 

func RegisterOrgWithParams(stub cached_stub.CachedStubInterface, caller data_model.User, org data_model.User, makeCallerAdmin bool) error

RegisterOrgWithParams is the internal function for registering or updating an org. "WithParams" functions should only be called from within the chaincode.

When registering a new org, if the makeCallerAdmin flag is true, the caller will be added as an admin of the org.

func RegisterSystemAdmin 

func RegisterSystemAdmin(stub cached_stub.CachedStubInterface, caller data_model.User, args []string) ([]byte, error)

RegisterSystemAdmin registers a system admin user. Callers role must be "system". System admin's role must be "system".

args = [userBytes, allowAccess]

When registering a new user, if allowAccess is true, the caller will be given access to the user's private key.

Example 
stub := cached_stub.NewCachedStub(test_utils.CreateExampleMockStub())
caller := test_utils.CreateTestUser("caller1")

user := data_model.User{
	ID:   "user1",
	Role: global.ROLE_SYSTEM_ADMIN,
	// other data_model.User fields
}
userBytes, _ := json.Marshal(&user)

RegisterSystemAdmin(stub, caller, []string{string(userBytes), "true"})

Output:

func RegisterUser 

func RegisterUser(stub cached_stub.CachedStubInterface, caller data_model.User, args []string) ([]byte, error)

RegisterUser registers or updates a user.

args = [ user, allowAccess ]

user is the data_model.User to add or update. If allowAccess is true and a new user is being registered, gives the caller access to the user's private key. If allowAccess is true and a new group is being registered, makes the caller an admin of the group.

Example 
stub := cached_stub.NewCachedStub(test_utils.CreateExampleMockStub())
caller := test_utils.CreateTestUser("caller1")

privateKey := test_utils.GeneratePrivateKey()
privateKeyBytes := x509.MarshalPKCS1PrivateKey(privateKey)
publicKey := privateKey.Public().(*rsa.PublicKey)
publicKeyBytes, _ := x509.MarshalPKIXPublicKey(publicKey)
symKey := test_utils.GenerateSymKey()

user := data_model.User{
	ID:                  "user1",
	Name:                "Jo Smith",
	Role:                global.ROLE_USER,
	PublicKey:           publicKey,
	PublicKeyB64:        base64.StdEncoding.EncodeToString(publicKeyBytes),
	PrivateKey:          privateKey,
	PrivateKeyB64:       base64.StdEncoding.EncodeToString(privateKeyBytes),
	SymKey:              symKey,
	SymKeyB64:           base64.StdEncoding.EncodeToString(symKey),
	IsGroup:             false,
	Status:              "active",
	Email:               "email@mail.com",
	SolutionPublicData:  make(map[string]interface{}),
	SolutionPrivateData: make(map[string]interface{}),
	KmsPublicKeyId:      "kmspublickeyid",
	KmsPrivateKeyId:     "kmsprivatekeyid",
	KmsSymKeyId:         "kmssymkeyid",
	Secret:              "secret",
}
userBytes, _ := json.Marshal(&user)

RegisterUser(stub, caller, []string{string(userBytes), "true"})

Output:

func RegisterUserWithParams 

func RegisterUserWithParams(stub cached_stub.CachedStubInterface, caller data_model.User, user data_model.User, allowAccess bool) error

RegisterUserWithParams registers or updates a user "WithParams" functions should only be called from within the chaincode.

user - the user object to add/update allowAccess - [users] if true, gives the caller access to the user's private key (only applies for a new user, not an update of an existing user) allowAccess - [groups] if true, makes the caller an admin of the group (only applies for a new group, not an update of an existing group)

func UpdateOrg 

func UpdateOrg(stub cached_stub.CachedStubInterface, caller data_model.User, args []string) ([]byte, error)

UpdateOrg updates an organization.

args = [orgBytes]

Example 
stub := cached_stub.NewCachedStub(test_utils.CreateExampleMockStub())
caller := test_utils.CreateTestUser("caller1")

org1Bytes, _ := GetOrg(stub, caller, []string{"org1"})
org1 := data_model.User{}
json.Unmarshal(org1Bytes, &org1)

// modify solution public data
solutionPublicData := org1.SolutionPublicData.(map[string]interface{})
solutionPublicData["age"] = 30
org1.SolutionPublicData = solutionPublicData
org1Bytes, _ = json.Marshal(org1)

UpdateOrg(stub, caller, []string{string(org1Bytes)})

Output:

Types

This section is empty.

Source Files

View all Source files

Directories

Path Synopsis
Package user_groups handles user management functions related to groups.
 Package user_groups handles user management functions related to groups.
Package user_keys handles user management functions related to user keys.
 Package user_keys handles user management functions related to user keys.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.