diff --git a/common/configtx/tool/provisional/provisional.go b/common/configtx/tool/provisional/provisional.go index a2d2c17fbe6..2a5ee2b55e9 100644 --- a/common/configtx/tool/provisional/provisional.go +++ b/common/configtx/tool/provisional/provisional.go @@ -23,8 +23,10 @@ import ( "github.com/hyperledger/fabric/common/configtx" genesisconfig "github.com/hyperledger/fabric/common/configtx/tool/localconfig" configtxchannel "github.com/hyperledger/fabric/common/configvalues/channel" + configtxapplication "github.com/hyperledger/fabric/common/configvalues/channel/application" configtxorderer "github.com/hyperledger/fabric/common/configvalues/channel/orderer" "github.com/hyperledger/fabric/common/genesis" + "github.com/hyperledger/fabric/common/policies" "github.com/hyperledger/fabric/orderer/common/bootstrap" cb "github.com/hyperledger/fabric/protos/common" ab "github.com/hyperledger/fabric/protos/orderer" @@ -54,6 +56,15 @@ const ( // AcceptAllPolicyKey is the key of the AcceptAllPolicy. AcceptAllPolicyKey = "AcceptAllPolicy" + + // ReadersPolicyKey is the key used for the read policy + ReadersPolicyKey = "Readers" + + // WritersPolicyKey is the key used for the read policy + WritersPolicyKey = "Writers" + + // AdminsPolicyKey is the key used for the read policy + AdminsPolicyKey = "Admins" ) // DefaultChainCreationPolicyNames is the default value of ChainCreatorsKey. @@ -85,8 +96,22 @@ func New(conf *genesisconfig.TopLevel) Generator { configtxorderer.TemplateEgressPolicyNames([]string{AcceptAllPolicyKey}), // Policies - cauthdsl.TemplatePolicy(configtx.NewConfigItemPolicyKey, cauthdsl.RejectAllPolicy), cauthdsl.TemplatePolicy(AcceptAllPolicyKey, cauthdsl.AcceptAllPolicy), + + // Initialize the default Reader/Writer/Admins channel policies + policies.TemplateImplicitMetaAnyPolicy([]string{}, ReadersPolicyKey), + policies.TemplateImplicitMetaAnyPolicy([]string{}, WritersPolicyKey), + policies.TemplateImplicitMetaMajorityPolicy([]string{}, AdminsPolicyKey), + + // Initialize the default Reader/Writer/Admins orderer policies + policies.TemplateImplicitMetaAnyPolicy([]string{configtxorderer.GroupKey}, ReadersPolicyKey), + policies.TemplateImplicitMetaAnyPolicy([]string{configtxorderer.GroupKey}, WritersPolicyKey), + policies.TemplateImplicitMetaMajorityPolicy([]string{configtxorderer.GroupKey}, AdminsPolicyKey), + + // Initialize the default Reader/Writer/Admins application policies + policies.TemplateImplicitMetaAnyPolicy([]string{configtxapplication.GroupKey}, ReadersPolicyKey), + policies.TemplateImplicitMetaAnyPolicy([]string{configtxapplication.GroupKey}, WritersPolicyKey), + policies.TemplateImplicitMetaMajorityPolicy([]string{configtxapplication.GroupKey}, AdminsPolicyKey), }, systemChainGroups: []*cb.ConfigGroup{ diff --git a/common/policies/implicitmeta_util.go b/common/policies/implicitmeta_util.go new file mode 100644 index 00000000000..632e739d975 --- /dev/null +++ b/common/policies/implicitmeta_util.go @@ -0,0 +1,59 @@ +/* +Copyright IBM Corp. 2016 All Rights Reserved. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package policies + +import ( + cb "github.com/hyperledger/fabric/protos/common" + "github.com/hyperledger/fabric/protos/utils" +) + +// TemplateImplicitMetaPolicy creates a policy at the specified path with the given policyName +// It utilizes the policyName for the subPolicyName as well, as this is the standard usage pattern +func TemplateImplicitMetaPolicy(path []string, policyName string, rule cb.ImplicitMetaPolicy_Rule) *cb.ConfigGroup { + root := cb.NewConfigGroup() + group := root + for _, element := range path { + group.Groups[element] = cb.NewConfigGroup() + group = group.Groups[element] + } + + group.Policies[policyName] = &cb.ConfigPolicy{ + Policy: &cb.Policy{ + Type: int32(cb.Policy_IMPLICIT_META), + Policy: utils.MarshalOrPanic(&cb.ImplicitMetaPolicy{ + Rule: rule, + SubPolicy: policyName, + }), + }, + } + return root +} + +// TempateImplicitMetaAnyPolicy returns TemplateImplicitMetaPolicy with cb.ImplicitMetaPolicy_ANY as the rule +func TemplateImplicitMetaAnyPolicy(path []string, policyName string) *cb.ConfigGroup { + return TemplateImplicitMetaPolicy(path, policyName, cb.ImplicitMetaPolicy_ANY) +} + +// TempateImplicitMetaAnyPolicy returns TemplateImplicitMetaPolicy with cb.ImplicitMetaPolicy_ALL as the rule +func TemplateImplicitMetaAllPolicy(path []string, policyName string) *cb.ConfigGroup { + return TemplateImplicitMetaPolicy(path, policyName, cb.ImplicitMetaPolicy_ALL) +} + +// TempateImplicitMetaAnyPolicy returns TemplateImplicitMetaPolicy with cb.ImplicitMetaPolicy_MAJORITY as the rule +func TemplateImplicitMetaMajorityPolicy(path []string, policyName string) *cb.ConfigGroup { + return TemplateImplicitMetaPolicy(path, policyName, cb.ImplicitMetaPolicy_MAJORITY) +}