Skip to content

Commit

Permalink
[FAB-17515] Support configuring BlockValidation policy for orderer group
Browse files Browse the repository at this point in the history 
Before we used to hardcode the BlockValidation policy to an ImplicitMetaAnyPolicy.

Signed-off-by: Danny Cao <dcao@us.ibm.com>
Signed-off-by: Will Lahti <wtlahti@us.ibm.com>
  • Loading branch information
@wlahti @sykesm
wlahti authored and sykesm committed Feb 25, 2020
1 parent 29c58ac commit 87df051
Show file tree
Hide file tree
Showing 2 changed files with 18 additions and 7 deletions.
15 changes: 10 additions & 5 deletions common/tools/configtxgen/encoder/encoder.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -109,6 +109,15 @@ func addImplicitMetaPolicyDefaults(cg *cb.ConfigGroup) {
addPolicy(cg, policies.ImplicitMetaAnyPolicy(channelconfig.WritersPolicyKey), channelconfig.AdminsPolicyKey)
}

// addOrdererImplicitMetaPolicyDefaults adds the orderer's Readers/Writers/Admins/BlockValidation policies, with Any/Any/Majority/Any rules respectively.
func addOrdererImplicitMetaPolicyDefaults(cg *cb.ConfigGroup) {
cg.Policies[BlockValidationPolicyKey] = &cb.ConfigPolicy{
Policy: policies.ImplicitMetaAnyPolicy(channelconfig.WritersPolicyKey).Value(),
ModPolicy: channelconfig.AdminsPolicyKey,
}
addImplicitMetaPolicyDefaults(cg)
}

// addSignaturePolicyDefaults adds the Readers/Writers/Admins policies as signature policies requiring one signature from the given mspID.
// If devMode is set to true, the Admins policy will accept arbitrary user certs for admin functions, otherwise it requires the cert satisfies
// the admin role principal.
Expand Down Expand Up @@ -186,16 +195,12 @@ func NewOrdererGroup(conf *genesisconfig.Orderer) (*cb.ConfigGroup, error) {
ordererGroup := cb.NewConfigGroup()
if len(conf.Policies) == 0 {
logger.Warningf("Default policy emission is deprecated, please include policy specifications for the orderer group in configtx.yaml")
addImplicitMetaPolicyDefaults(ordererGroup)
addOrdererImplicitMetaPolicyDefaults(ordererGroup)
} else {
if err := addPolicies(ordererGroup, conf.Policies, channelconfig.AdminsPolicyKey); err != nil {
return nil, errors.Wrapf(err, "error adding policies to orderer group")
}
}
ordererGroup.Policies[BlockValidationPolicyKey] = &cb.ConfigPolicy{
Policy: policies.ImplicitMetaAnyPolicy(channelconfig.WritersPolicyKey).Value(),
ModPolicy: channelconfig.AdminsPolicyKey,
}
addValue(ordererGroup, channelconfig.BatchSizeValue(
conf.BatchSize.MaxMessageCount,
conf.BatchSize.AbsoluteMaxBytes,
Expand Down
10 changes: 8 additions & 2 deletions common/tools/configtxgen/encoder/encoder_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -190,9 +190,15 @@ var _ = Describe("Encoder", func() {
It("translates the config into a config group", func() {
cg, err := encoder.NewOrdererGroup(conf)
Expect(err).NotTo(HaveOccurred())
Expect(len(cg.Policies)).To(Equal(2)) // BlockValidation automatically added
Expect(len(cg.Policies)).To(Equal(1))
Expect(cg.Policies["SamplePolicy"]).NotTo(BeNil())
Expect(cg.Policies["BlockValidation"]).NotTo(BeNil())
Expect(cg.Policies["SamplePolicy"].Policy).To(Equal(&cb.Policy{
Type: int32(cb.Policy_IMPLICIT_META),
Value: utils.MarshalOrPanic(&cb.ImplicitMetaPolicy{
SubPolicy: "Admins",
Rule: cb.ImplicitMetaPolicy_ANY,
}),
}))
Expect(len(cg.Groups)).To(Equal(1))
Expect(cg.Groups["SampleOrg"]).NotTo(BeNil())
Expect(len(cg.Values)).To(Equal(5))
Expand Down

0 comments on commit 87df051

Please sign in to comment.