privdata

package
v2.0.1+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 26, 2020 License: Apache-2.0 Imports: 14 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func BuildCollectionKVSKey

func BuildCollectionKVSKey(ccname string) string

BuildCollectionKVSKey constructs the collection config key for a given chaincode name

func GetCCNameFromCollectionConfigKey

func GetCCNameFromCollectionConfigKey(key string) string

GetCCNameFromCollectionConfigKey returns the chaincode name given a collection config key

func IsCollectionConfigKey

func IsCollectionConfigKey(key string) bool

IsCollectionConfigKey detects if a key is a collection key

func ParseCollectionConfig

func ParseCollectionConfig(colBytes []byte) (*peer.CollectionConfigPackage, error)

ParseCollectionConfig parses the collection configuration from the given serialized representation.

func RetrieveCollectionConfigPackageFromState

func RetrieveCollectionConfigPackageFromState(cc CollectionCriteria, state State) (*peer.CollectionConfigPackage, error)

RetrieveCollectionConfigPackageFromState retrieves the collection config package from the given key from the given state

Types

type ChaincodeInfoProvider

type ChaincodeInfoProvider interface {
	// ChaincodeInfo returns the info about a deployed chaincode.
	ChaincodeInfo(channelName, chaincodeName string, qe ledger.SimpleQueryExecutor) (*ledger.DeployedChaincodeInfo, error)
	// CollectionInfo returns the proto msg that defines the named collection.
	// This function can be used for both explicit and implicit collections.
	CollectionInfo(channelName, chaincodeName, collectionName string, qe ledger.SimpleQueryExecutor) (*peer.StaticCollectionConfig, error)
	// AllCollectionsConfigPkg returns a combined collection config pkg that contains both explicit and implicit collections
	AllCollectionsConfigPkg(channelName, chaincodeName string, qe ledger.SimpleQueryExecutor) (*peer.CollectionConfigPackage, error)
}

ChaincodeInfoProvider provides information about deployed chaincode. LSCC module is expected to provide an implementation for this dependencys

type Collection

type Collection interface {

	// CollectionID returns this collection's ID
	CollectionID() string

	// MemberOrgs returns the collection's members as MSP IDs. This serves as
	// a human-readable way of quickly identifying who is part of a collection.
	MemberOrgs() map[string]struct{}
}

Collection defines a common interface for collections

type CollectionAccessPolicy

type CollectionAccessPolicy interface {
	// AccessFilter returns a member filter function for a collection
	AccessFilter() Filter

	// The minimum number of peers private data will be sent to upon
	// endorsement. The endorsement would fail if dissemination to at least
	// this number of peers is not achieved.
	RequiredPeerCount() int

	// The maximum number of peers that private data will be sent to
	// upon endorsement. This number has to be bigger than RequiredPeerCount().
	MaximumPeerCount() int

	// MemberOrgs returns the collection's members as MSP IDs. This serves as
	// a human-readable way of quickly identifying who is part of a collection.
	MemberOrgs() map[string]struct{}

	// IsMemberOnlyRead returns a true if only collection members can read
	// the private data
	IsMemberOnlyRead() bool

	// IsMemberOnlyWrite returns a true if only collection members can write
	// the private data
	IsMemberOnlyWrite() bool
}

CollectionAccessPolicy encapsulates functions for the access policy of a collection

type CollectionCriteria

type CollectionCriteria struct {
	Channel    string
	Collection string
	Namespace  string
}

CollectionCriteria defines an element of a private data that corresponds to a certain transaction and collection

type CollectionFilter

type CollectionFilter interface {
	// AccessFilter retrieves the collection's filter that matches a given channel and a collectionPolicyConfig
	AccessFilter(channelName string, collectionPolicyConfig *peer.CollectionPolicyConfig) (Filter, error)
}

type CollectionPersistenceConfigs

type CollectionPersistenceConfigs interface {
	// BlockToLive returns the number of blocks after which the collection data expires.
	// For instance if the value is set to 10, a key last modified by block number 100
	// will be purged at block number 111. A zero value is treated same as MaxUint64
	BlockToLive() uint64
}

CollectionPersistenceConfigs encapsulates configurations related to persistence of a collection

type CollectionStore

type CollectionStore interface {
	// RetrieveCollection retrieves the collection in the following way:
	// If the TxID exists in the ledger, the collection that is returned has the
	// latest configuration that was committed into the ledger before this txID
	// was committed.
	// Else - it's the latest configuration for the collection.
	RetrieveCollection(CollectionCriteria) (Collection, error)

	// RetrieveCollectionAccessPolicy retrieves a collection's access policy
	RetrieveCollectionAccessPolicy(CollectionCriteria) (CollectionAccessPolicy, error)

	// RetrieveCollectionConfig retrieves a collection's config
	RetrieveCollectionConfig(CollectionCriteria) (*peer.StaticCollectionConfig, error)

	// RetrieveCollectionConfigPackage retrieves the whole configuration package
	// for the chaincode with the supplied criteria
	RetrieveCollectionConfigPackage(CollectionCriteria) (*peer.CollectionConfigPackage, error)

	// RetrieveCollectionPersistenceConfigs retrieves the collection's persistence related configurations
	RetrieveCollectionPersistenceConfigs(CollectionCriteria) (CollectionPersistenceConfigs, error)

	// RetrieveReadWritePermission retrieves the read-write persmission of the creator of the
	// signedProposal for a given collection using collection access policy and flags such as
	// memberOnlyRead & memberOnlyWrite
	RetrieveReadWritePermission(CollectionCriteria, *pb.SignedProposal, ledger.QueryExecutor) (bool, bool, error)

	CollectionFilter
}

CollectionStore provides various APIs to retrieves stored collections and perform membership check & read permission check based on the collection's properties. TODO: Refactor CollectionStore - FAB-13082 (1) function such as RetrieveCollection() and RetrieveCollectionConfigPackage() are

never used except in mocks and test files.

(2) in gossip, at least in 7 different places, the following 3 operations

are repeated which can be avoided by introducing a API called IsAMemberOf().
    (i)   retrieves collection access policy by calling RetrieveCollectionAccessPolicy()
    (ii)  get the access filter func from the collection access policy
    (iii) create the evaluation policy and check for membership

(3) we would need a cache in collection store to avoid repeated crypto operation.

This would be simple to implement when we introduce IsAMemberOf() APIs.

type Filter

type Filter func(protoutil.SignedData) bool

Filter defines a rule that filters peers according to data signed by them. The Identity in the SignedData is a SerializedIdentity of a peer. The Data is a message the peer signed, and the Signature is the corresponding Signature on that Data. Returns: True, if the policy holds for the given signed data.

False otherwise

type IdentityDeserializerFactory

type IdentityDeserializerFactory interface {
	GetIdentityDeserializer(chainID string) msp.IdentityDeserializer
}

IdentityDeserializerFactory creates msp.IdentityDeserializer for a chain.

type IdentityDeserializerFactoryFunc

type IdentityDeserializerFactoryFunc func(chainID string) msp.IdentityDeserializer

IdentityDeserializerFactoryFunc is a function adapater for IdentityDeserializerFactory.

func (IdentityDeserializerFactoryFunc) GetIdentityDeserializer

func (i IdentityDeserializerFactoryFunc) GetIdentityDeserializer(chainID string) msp.IdentityDeserializer

type MembershipProvider

type MembershipProvider struct {
	IdentityDeserializerFactory func(chainID string) msp.IdentityDeserializer
	// contains filtered or unexported fields
}

MembershipProvider can be used to check whether a peer is eligible to a collection or not

func NewMembershipInfoProvider

func NewMembershipInfoProvider(mspID string, selfSignedData protoutil.SignedData, identityDeserializerFunc func(chainID string) msp.IdentityDeserializer) *MembershipProvider

NewMembershipInfoProvider returns MembershipProvider

func (*MembershipProvider) AmMemberOf

func (m *MembershipProvider) AmMemberOf(channelName string, collectionPolicyConfig *peer.CollectionPolicyConfig) (bool, error)

AmMemberOf checks whether the current peer is a member of the given collection config. If getPolicy returns an error, it will drop the error and return false - same as a RejectAll policy. It is used when a chaincode is upgraded to see if the peer's org has become eligible after a collection change.

type NoSuchCollectionError

type NoSuchCollectionError CollectionCriteria

func (NoSuchCollectionError) Error

func (f NoSuchCollectionError) Error() string

type QueryExecutorFactory

type QueryExecutorFactory interface {
	NewQueryExecutor() (ledger.QueryExecutor, error)
}

A QueryExecutorFactory is responsible for creating ledger.QueryExectuor instances.

type SimpleCollection

type SimpleCollection struct {
	// contains filtered or unexported fields
}

SimpleCollection implements a collection with static properties and a public member set

func NewSimpleCollection

func NewSimpleCollection(collectionConfig *peer.StaticCollectionConfig, deserializer msp.IdentityDeserializer) (*SimpleCollection, error)

NewSimpleCollection returns a simple collection object based on a given StaticCollectionConfig proto that has all the necessary information

func (*SimpleCollection) AccessFilter

func (sc *SimpleCollection) AccessFilter() Filter

AccessFilter returns the member filter function that evaluates signed data against the member access policy of this collection

func (*SimpleCollection) CollectionID

func (sc *SimpleCollection) CollectionID() string

CollectionID returns the collection's ID

func (*SimpleCollection) IsMemberOnlyRead

func (sc *SimpleCollection) IsMemberOnlyRead() bool

IsMemberOnlyRead returns whether only collection member has the read permission

func (*SimpleCollection) IsMemberOnlyWrite

func (sc *SimpleCollection) IsMemberOnlyWrite() bool

IsMemberOnlyWrite returns whether only collection member has the write permission

func (*SimpleCollection) MaximumPeerCount

func (sc *SimpleCollection) MaximumPeerCount() int

MaximumPeerCount returns the maximum number of peers to which the private data will be sent

func (*SimpleCollection) MemberOrgs

func (sc *SimpleCollection) MemberOrgs() map[string]struct{}

MemberOrgs returns the MSP IDs that are part of this collection

func (*SimpleCollection) RequiredPeerCount

func (sc *SimpleCollection) RequiredPeerCount() int

RequiredPeerCount returns the minimum number of peers required to send private data to

func (*SimpleCollection) Setup

func (sc *SimpleCollection) Setup(collectionConfig *peer.StaticCollectionConfig, deserializer msp.IdentityDeserializer) error

Setup configures a simple collection object based on a given StaticCollectionConfig proto that has all the necessary information

type SimpleCollectionPersistenceConfigs

type SimpleCollectionPersistenceConfigs struct {
	// contains filtered or unexported fields
}

func (*SimpleCollectionPersistenceConfigs) BlockToLive

func (s *SimpleCollectionPersistenceConfigs) BlockToLive() uint64

BlockToLive return collection's block to live configuration

type SimpleCollectionStore

type SimpleCollectionStore struct {
	// contains filtered or unexported fields
}

func NewSimpleCollectionStore

func NewSimpleCollectionStore(qeFactory QueryExecutorFactory, ccInfoProvider ChaincodeInfoProvider) *SimpleCollectionStore

func (*SimpleCollectionStore) AccessFilter

func (c *SimpleCollectionStore) AccessFilter(channelName string, collectionPolicyConfig *peer.CollectionPolicyConfig) (Filter, error)

func (*SimpleCollectionStore) RetrieveCollection

func (c *SimpleCollectionStore) RetrieveCollection(cc CollectionCriteria) (Collection, error)

func (*SimpleCollectionStore) RetrieveCollectionAccessPolicy

func (c *SimpleCollectionStore) RetrieveCollectionAccessPolicy(cc CollectionCriteria) (CollectionAccessPolicy, error)

func (*SimpleCollectionStore) RetrieveCollectionConfig

func (c *SimpleCollectionStore) RetrieveCollectionConfig(cc CollectionCriteria) (*peer.StaticCollectionConfig, error)

RetrieveCollectionConfig retrieves a collection's config

func (*SimpleCollectionStore) RetrieveCollectionConfigPackage

func (c *SimpleCollectionStore) RetrieveCollectionConfigPackage(cc CollectionCriteria) (*peer.CollectionConfigPackage, error)

func (*SimpleCollectionStore) RetrieveCollectionPersistenceConfigs

func (c *SimpleCollectionStore) RetrieveCollectionPersistenceConfigs(cc CollectionCriteria) (CollectionPersistenceConfigs, error)

RetrieveCollectionPersistenceConfigs retrieves the collection's persistence related configurations

func (*SimpleCollectionStore) RetrieveReadWritePermission

func (c *SimpleCollectionStore) RetrieveReadWritePermission(
	cc CollectionCriteria,
	signedProposal *pb.SignedProposal,
	qe ledger.QueryExecutor,
) (bool, bool, error)

RetrieveReadWritePermission retrieves the read-write persmission of the creator of the signedProposal for a given collection using collection access policy and flags such as memberOnlyRead & memberOnlyWrite

type State

type State interface {
	// GetState retrieves the value for the given key in the given namespace
	GetState(namespace string, key string) ([]byte, error)
}

State retrieves data from the state.

Directories

Path Synopsis
Code generated by counterfeiter.
Code generated by counterfeiter.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL