Documentation ¶
Index ¶
- func BuildCollectionKVSKey(ccname string) string
- func GetCCNameFromCollectionConfigKey(key string) string
- func IsCollectionConfigKey(key string) bool
- func ParseCollectionConfig(colBytes []byte) (*peer.CollectionConfigPackage, error)
- func RetrieveCollectionConfigPackageFromState(cc CollectionCriteria, state State) (*peer.CollectionConfigPackage, error)
- type ChaincodeInfoProvider
- type Collection
- type CollectionAccessPolicy
- type CollectionCriteria
- type CollectionFilter
- type CollectionPersistenceConfigs
- type CollectionStore
- type Filter
- type IdentityDeserializerFactory
- type IdentityDeserializerFactoryFunc
- type MembershipProvider
- type NoSuchCollectionError
- type QueryExecutorFactory
- type SimpleCollection
- func (sc *SimpleCollection) AccessFilter() Filter
- func (sc *SimpleCollection) CollectionID() string
- func (sc *SimpleCollection) IsMemberOnlyRead() bool
- func (sc *SimpleCollection) IsMemberOnlyWrite() bool
- func (sc *SimpleCollection) MaximumPeerCount() int
- func (sc *SimpleCollection) MemberOrgs() map[string]struct{}
- func (sc *SimpleCollection) RequiredPeerCount() int
- func (sc *SimpleCollection) Setup(collectionConfig *peer.StaticCollectionConfig, ...) error
- type SimpleCollectionPersistenceConfigs
- type SimpleCollectionStore
- func (c *SimpleCollectionStore) AccessFilter(channelName string, collectionPolicyConfig *peer.CollectionPolicyConfig) (Filter, error)
- func (c *SimpleCollectionStore) RetrieveCollection(cc CollectionCriteria) (Collection, error)
- func (c *SimpleCollectionStore) RetrieveCollectionAccessPolicy(cc CollectionCriteria) (CollectionAccessPolicy, error)
- func (c *SimpleCollectionStore) RetrieveCollectionConfig(cc CollectionCriteria) (*peer.StaticCollectionConfig, error)
- func (c *SimpleCollectionStore) RetrieveCollectionConfigPackage(cc CollectionCriteria) (*peer.CollectionConfigPackage, error)
- func (c *SimpleCollectionStore) RetrieveCollectionPersistenceConfigs(cc CollectionCriteria) (CollectionPersistenceConfigs, error)
- func (c *SimpleCollectionStore) RetrieveReadWritePermission(cc CollectionCriteria, signedProposal *pb.SignedProposal, ...) (bool, bool, error)
- type State
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func BuildCollectionKVSKey ¶
BuildCollectionKVSKey constructs the collection config key for a given chaincode name
func GetCCNameFromCollectionConfigKey ¶ added in v1.3.0
GetCCNameFromCollectionConfigKey returns the chaincode name given a collection config key
func IsCollectionConfigKey ¶
IsCollectionConfigKey detects if a key is a collection key
func ParseCollectionConfig ¶ added in v1.3.0
func ParseCollectionConfig(colBytes []byte) (*peer.CollectionConfigPackage, error)
ParseCollectionConfig parses the collection configuration from the given serialized representation.
func RetrieveCollectionConfigPackageFromState ¶ added in v1.3.0
func RetrieveCollectionConfigPackageFromState(cc CollectionCriteria, state State) (*peer.CollectionConfigPackage, error)
RetrieveCollectionConfigPackageFromState retrieves the collection config package from the given key from the given state
Types ¶
type ChaincodeInfoProvider ¶
type ChaincodeInfoProvider interface { // ChaincodeInfo returns the info about a deployed chaincode. ChaincodeInfo(channelName, chaincodeName string, qe ledger.SimpleQueryExecutor) (*ledger.DeployedChaincodeInfo, error) // CollectionInfo returns the proto msg that defines the named collection. // This function can be used for both explicit and implicit collections. CollectionInfo(channelName, chaincodeName, collectionName string, qe ledger.SimpleQueryExecutor) (*peer.StaticCollectionConfig, error) // AllCollectionsConfigPkg returns a combined collection config pkg that contains both explicit and implicit collections AllCollectionsConfigPkg(channelName, chaincodeName string, qe ledger.SimpleQueryExecutor) (*peer.CollectionConfigPackage, error) }
ChaincodeInfoProvider provides information about deployed chaincode. LSCC module is expected to provide an implementation for this dependencys
type Collection ¶
type Collection interface { // CollectionID returns this collection's ID CollectionID() string // MemberOrgs returns the collection's members as MSP IDs. This serves as // a human-readable way of quickly identifying who is part of a collection. MemberOrgs() map[string]struct{} }
Collection defines a common interface for collections
type CollectionAccessPolicy ¶
type CollectionAccessPolicy interface { // AccessFilter returns a member filter function for a collection AccessFilter() Filter // The minimum number of peers private data will be sent to upon // endorsement. The endorsement would fail if dissemination to at least // this number of peers is not achieved. RequiredPeerCount() int // The maximum number of peers that private data will be sent to // upon endorsement. This number has to be bigger than RequiredPeerCount(). MaximumPeerCount() int // MemberOrgs returns the collection's members as MSP IDs. This serves as // a human-readable way of quickly identifying who is part of a collection. MemberOrgs() map[string]struct{} // IsMemberOnlyRead returns a true if only collection members can read // the private data IsMemberOnlyRead() bool // IsMemberOnlyWrite returns a true if only collection members can write // the private data IsMemberOnlyWrite() bool }
CollectionAccessPolicy encapsulates functions for the access policy of a collection
type CollectionCriteria ¶
CollectionCriteria defines an element of a private data that corresponds to a certain transaction and collection
type CollectionFilter ¶ added in v1.3.0
type CollectionFilter interface { // AccessFilter retrieves the collection's filter that matches a given channel and a collectionPolicyConfig AccessFilter(channelName string, collectionPolicyConfig *peer.CollectionPolicyConfig) (Filter, error) }
type CollectionPersistenceConfigs ¶ added in v1.3.0
type CollectionPersistenceConfigs interface { // BlockToLive returns the number of blocks after which the collection data expires. // For instance if the value is set to 10, a key last modified by block number 100 // will be purged at block number 111. A zero value is treated same as MaxUint64 BlockToLive() uint64 }
CollectionPersistenceConfigs encapsulates configurations related to persistence of a collection
type CollectionStore ¶
type CollectionStore interface { // RetrieveCollection retrieves the collection in the following way: // If the TxID exists in the ledger, the collection that is returned has the // latest configuration that was committed into the ledger before this txID // was committed. // Else - it's the latest configuration for the collection. RetrieveCollection(CollectionCriteria) (Collection, error) // RetrieveCollectionAccessPolicy retrieves a collection's access policy RetrieveCollectionAccessPolicy(CollectionCriteria) (CollectionAccessPolicy, error) // RetrieveCollectionConfig retrieves a collection's config RetrieveCollectionConfig(CollectionCriteria) (*peer.StaticCollectionConfig, error) // RetrieveCollectionConfigPackage retrieves the whole configuration package // for the chaincode with the supplied criteria RetrieveCollectionConfigPackage(CollectionCriteria) (*peer.CollectionConfigPackage, error) // RetrieveCollectionPersistenceConfigs retrieves the collection's persistence related configurations RetrieveCollectionPersistenceConfigs(CollectionCriteria) (CollectionPersistenceConfigs, error) // RetrieveReadWritePermission retrieves the read-write persmission of the creator of the // signedProposal for a given collection using collection access policy and flags such as // memberOnlyRead & memberOnlyWrite RetrieveReadWritePermission(CollectionCriteria, *pb.SignedProposal, ledger.QueryExecutor) (bool, bool, error) CollectionFilter }
CollectionStore provides various APIs to retrieves stored collections and perform membership check & read permission check based on the collection's properties. TODO: Refactor CollectionStore - FAB-13082 (1) function such as RetrieveCollection() and RetrieveCollectionConfigPackage() are
never used except in mocks and test files.
(2) in gossip, at least in 7 different places, the following 3 operations
are repeated which can be avoided by introducing a API called IsAMemberOf(). (i) retrieves collection access policy by calling RetrieveCollectionAccessPolicy() (ii) get the access filter func from the collection access policy (iii) create the evaluation policy and check for membership
(3) we would need a cache in collection store to avoid repeated crypto operation.
This would be simple to implement when we introduce IsAMemberOf() APIs.
type Filter ¶
type Filter func(protoutil.SignedData) bool
Filter defines a rule that filters peers according to data signed by them. The Identity in the SignedData is a SerializedIdentity of a peer. The Data is a message the peer signed, and the Signature is the corresponding Signature on that Data. Returns: True, if the policy holds for the given signed data.
False otherwise
type IdentityDeserializerFactory ¶
type IdentityDeserializerFactory interface {
GetIdentityDeserializer(chainID string) msp.IdentityDeserializer
}
IdentityDeserializerFactory creates msp.IdentityDeserializer for a chain.
type IdentityDeserializerFactoryFunc ¶
type IdentityDeserializerFactoryFunc func(chainID string) msp.IdentityDeserializer
IdentityDeserializerFactoryFunc is a function adapater for IdentityDeserializerFactory.
func (IdentityDeserializerFactoryFunc) GetIdentityDeserializer ¶
func (i IdentityDeserializerFactoryFunc) GetIdentityDeserializer(chainID string) msp.IdentityDeserializer
type MembershipProvider ¶ added in v1.3.0
type MembershipProvider struct { IdentityDeserializerFactory func(chainID string) msp.IdentityDeserializer // contains filtered or unexported fields }
MembershipProvider can be used to check whether a peer is eligible to a collection or not
func NewMembershipInfoProvider ¶ added in v1.3.0
func NewMembershipInfoProvider(mspID string, selfSignedData protoutil.SignedData, identityDeserializerFunc func(chainID string) msp.IdentityDeserializer) *MembershipProvider
NewMembershipInfoProvider returns MembershipProvider
func (*MembershipProvider) AmMemberOf ¶ added in v1.3.0
func (m *MembershipProvider) AmMemberOf(channelName string, collectionPolicyConfig *peer.CollectionPolicyConfig) (bool, error)
AmMemberOf checks whether the current peer is a member of the given collection config. If getPolicy returns an error, it will drop the error and return false - same as a RejectAll policy. It is used when a chaincode is upgraded to see if the peer's org has become eligible after a collection change.
type NoSuchCollectionError ¶
type NoSuchCollectionError CollectionCriteria
func (NoSuchCollectionError) Error ¶
func (f NoSuchCollectionError) Error() string
type QueryExecutorFactory ¶
type QueryExecutorFactory interface {
NewQueryExecutor() (ledger.QueryExecutor, error)
}
A QueryExecutorFactory is responsible for creating ledger.QueryExectuor instances.
type SimpleCollection ¶
type SimpleCollection struct {
// contains filtered or unexported fields
}
SimpleCollection implements a collection with static properties and a public member set
func NewSimpleCollection ¶
func NewSimpleCollection(collectionConfig *peer.StaticCollectionConfig, deserializer msp.IdentityDeserializer) (*SimpleCollection, error)
NewSimpleCollection returns a simple collection object based on a given StaticCollectionConfig proto that has all the necessary information
func (*SimpleCollection) AccessFilter ¶
func (sc *SimpleCollection) AccessFilter() Filter
AccessFilter returns the member filter function that evaluates signed data against the member access policy of this collection
func (*SimpleCollection) CollectionID ¶
func (sc *SimpleCollection) CollectionID() string
CollectionID returns the collection's ID
func (*SimpleCollection) IsMemberOnlyRead ¶ added in v1.4.1
func (sc *SimpleCollection) IsMemberOnlyRead() bool
IsMemberOnlyRead returns whether only collection member has the read permission
func (*SimpleCollection) IsMemberOnlyWrite ¶
func (sc *SimpleCollection) IsMemberOnlyWrite() bool
IsMemberOnlyWrite returns whether only collection member has the write permission
func (*SimpleCollection) MaximumPeerCount ¶
func (sc *SimpleCollection) MaximumPeerCount() int
MaximumPeerCount returns the maximum number of peers to which the private data will be sent
func (*SimpleCollection) MemberOrgs ¶
func (sc *SimpleCollection) MemberOrgs() map[string]struct{}
MemberOrgs returns the MSP IDs that are part of this collection
func (*SimpleCollection) RequiredPeerCount ¶
func (sc *SimpleCollection) RequiredPeerCount() int
RequiredPeerCount returns the minimum number of peers required to send private data to
func (*SimpleCollection) Setup ¶
func (sc *SimpleCollection) Setup(collectionConfig *peer.StaticCollectionConfig, deserializer msp.IdentityDeserializer) error
Setup configures a simple collection object based on a given StaticCollectionConfig proto that has all the necessary information
type SimpleCollectionPersistenceConfigs ¶ added in v1.3.0
type SimpleCollectionPersistenceConfigs struct {
// contains filtered or unexported fields
}
func (*SimpleCollectionPersistenceConfigs) BlockToLive ¶ added in v1.3.0
func (s *SimpleCollectionPersistenceConfigs) BlockToLive() uint64
BlockToLive return collection's block to live configuration
type SimpleCollectionStore ¶
type SimpleCollectionStore struct {
// contains filtered or unexported fields
}
func NewSimpleCollectionStore ¶
func NewSimpleCollectionStore(qeFactory QueryExecutorFactory, ccInfoProvider ChaincodeInfoProvider) *SimpleCollectionStore
func (*SimpleCollectionStore) AccessFilter ¶
func (c *SimpleCollectionStore) AccessFilter(channelName string, collectionPolicyConfig *peer.CollectionPolicyConfig) (Filter, error)
func (*SimpleCollectionStore) RetrieveCollection ¶
func (c *SimpleCollectionStore) RetrieveCollection(cc CollectionCriteria) (Collection, error)
func (*SimpleCollectionStore) RetrieveCollectionAccessPolicy ¶
func (c *SimpleCollectionStore) RetrieveCollectionAccessPolicy(cc CollectionCriteria) (CollectionAccessPolicy, error)
func (*SimpleCollectionStore) RetrieveCollectionConfig ¶
func (c *SimpleCollectionStore) RetrieveCollectionConfig(cc CollectionCriteria) (*peer.StaticCollectionConfig, error)
RetrieveCollectionConfig retrieves a collection's config
func (*SimpleCollectionStore) RetrieveCollectionConfigPackage ¶
func (c *SimpleCollectionStore) RetrieveCollectionConfigPackage(cc CollectionCriteria) (*peer.CollectionConfigPackage, error)
func (*SimpleCollectionStore) RetrieveCollectionPersistenceConfigs ¶
func (c *SimpleCollectionStore) RetrieveCollectionPersistenceConfigs(cc CollectionCriteria) (CollectionPersistenceConfigs, error)
RetrieveCollectionPersistenceConfigs retrieves the collection's persistence related configurations
func (*SimpleCollectionStore) RetrieveReadWritePermission ¶
func (c *SimpleCollectionStore) RetrieveReadWritePermission( cc CollectionCriteria, signedProposal *pb.SignedProposal, qe ledger.QueryExecutor, ) (bool, bool, error)
RetrieveReadWritePermission retrieves the read-write persmission of the creator of the signedProposal for a given collection using collection access policy and flags such as memberOnlyRead & memberOnlyWrite