[FAB-18268] Add SetPolicies() to easily replace multiple policies in …

…an existing configuration with the given policies (#39) * [FAB-18268] Modify setPolicies() to replace all policies in an existing configuration with the given ones Currently, setPolicies() upserts policies in an existing configuration with the given ones. This speficifation makes it difficult to remove multiple policies that are not needed. In preparation for supporting SetPolicies() for groups and orgs, this patch modifies setPolicies() to clear all existing policies in an existing configuration and then replace them with the given policies. Signed-off-by: Tatsuya Sato <[email protected]> * [FAB-18268] Add SetPolicies() to ChannelGroup This patch adds SetPolicies() to easily replace multiple policies for a channel group in an existing configuration with the given ones. Signed-off-by: Tatsuya Sato <[email protected]> * [FAB-18268] Add SetPolicies() to ApplicationGroup This patch adds SetPolicies() to easily replace multiple policies for an application group in an existing configuration with the given ones. Signed-off-by: Tatsuya Sato <[email protected]> * [FAB-18268] Add SetPolicies() to OrdererGroup This patch adds SetPolicies() to easily replace multiple policies for an orderer group in an existing configuration with the given ones. Signed-off-by: Tatsuya Sato <[email protected]> * [FAB-18268] Add SetPolicies() to ApplicationOrg This patch adds SetPolicies() to easily replace multiple policies for an application org in an existing configuration with the given ones. Signed-off-by: Tatsuya Sato <[email protected]> * [FAB-18268] Add SetPolicies() to OrdererOrg This patch adds SetPolicies() to easily replace multiple policies for an orderer org in an existing configuration with the given ones. Signed-off-by: Tatsuya Sato <[email protected]> * [FAB-18268] Add SetPolicies() to ConsortiumOrg This patch adds SetPolicies() to easily replace multiple policies for a consortium org in an existing configuration with the given ones. Signed-off-by: Tatsuya Sato <[email protected]> * Fix some typos in comments Signed-off-by: Tatsuya Sato <[email protected]>
hyperledger · Oct 13, 2020 · 0571449 · 0571449
1 parent a053a30
commit 0571449
Show file tree

Hide file tree

Showing 9 changed files with 714 additions and 13 deletions.
diff --git a/configtx/application.go b/configtx/application.go
@@ -139,7 +139,7 @@ func (a *ApplicationGroup) Capabilities() ([]string, error) {
 }
 
 // AddCapability sets capability to the provided channel config.
-// If the provided capability already exist in current configuration, this action
+// If the provided capability already exists in current configuration, this action
 // will be a no-op.
 func (a *ApplicationGroup) AddCapability(capability string) error {
 	capabilities, err := a.Capabilities()
@@ -177,7 +177,7 @@ func (a *ApplicationGroup) Policies() (map[string]Policy, error) {
 }
 
 // SetPolicy sets the specified policy in the application group's config policy map.
-// If the policy already exist in current configuration, its value will be overwritten.
+// If the policy already exists in current configuration, its value will be overwritten.
 func (a *ApplicationGroup) SetPolicy(modPolicy, policyName string, policy Policy) error {
 	err := setPolicy(a.applicationGroup, modPolicy, policyName, policy)
 	if err != nil {
@@ -187,6 +187,17 @@ func (a *ApplicationGroup) SetPolicy(modPolicy, policyName string, policy Policy
 	return nil
 }
 
+// SetPolicies sets the specified policies in the application group's config policy map.
+// If the policies already exist in current configuration, the values will be replaced with new policies.
+func (a *ApplicationGroup) SetPolicies(modPolicy string, policies map[string]Policy) error {
+	err := setPolicies(a.applicationGroup, policies, modPolicy)
+	if err != nil {
+		return fmt.Errorf("failed to set policies: %v", err)
+	}
+
+	return nil
+}
+
 // RemovePolicy removes an existing policy from an application's configuration.
 // Removal will panic if the application group does not exist.
 func (a *ApplicationGroup) RemovePolicy(policyName string) error {
@@ -200,13 +211,13 @@ func (a *ApplicationGroup) RemovePolicy(policyName string) error {
 }
 
 // Policies returns the map of policies for a specific application org in
-// the updated config..
+// the updated config.
 func (a *ApplicationOrg) Policies() (map[string]Policy, error) {
 	return getPolicies(a.orgGroup.Policies)
 }
 
 // SetPolicy sets the specified policy in the application org group's config policy map.
-// If an Organization policy already exist in current configuration, its value will be overwritten.
+// If an Organization policy already exists in current configuration, its value will be overwritten.
 func (a *ApplicationOrg) SetPolicy(modPolicy, policyName string, policy Policy) error {
 	err := setPolicy(a.orgGroup, modPolicy, policyName, policy)
 	if err != nil {
@@ -216,6 +227,17 @@ func (a *ApplicationOrg) SetPolicy(modPolicy, policyName string, policy Policy)
 	return nil
 }
 
+// SetPolicies sets the specified policies in the application org group's config policy map.
+// If the policies already exist in current configuration, the values will be replaced with new policies.
+func (a *ApplicationOrg) SetPolicies(modPolicy string, policies map[string]Policy) error {
+	err := setPolicies(a.orgGroup, policies, modPolicy)
+	if err != nil {
+		return fmt.Errorf("failed to set policies: %v", err)
+	}
+
+	return nil
+}
+
 // RemovePolicy removes an existing policy from an application organization.
 func (a *ApplicationOrg) RemovePolicy(policyName string) error {
 	policies, err := a.Policies()
@@ -357,7 +379,7 @@ func (a *ApplicationGroup) ACLs() (map[string]string, error) {
 }
 
 // SetACLs sets ACLS to an existing channel config application.
-// If an ACL already exist in current configuration, it will be replaced with new ACL.
+// If an ACL already exists in current configuration, it will be replaced with new ACL.
 func (a *ApplicationGroup) SetACLs(acls map[string]string) error {
 	err := setValue(a.applicationGroup, aclValues(acls), AdminsPolicyKey)
 	if err != nil {

diff --git a/configtx/application_test.go b/configtx/application_test.go
@@ -1760,6 +1760,124 @@ func TestSetApplicationOrgPolicyFailures(t *testing.T) {
 	gt.Expect(err).To(MatchError("failed to set policy 'TestPolicy': unknown policy type: "))
 }
 
+func TestSetApplicationOrgPolicies(t *testing.T) {
+	t.Parallel()
+	gt := NewGomegaWithT(t)
+
+	channelGroup := newConfigGroup()
+	applicationGroup := newConfigGroup()
+
+	application, _ := baseApplication(t)
+
+	for _, org := range application.Organizations {
+		org.Policies = applicationOrgStandardPolicies()
+		org.Policies["TestPolicy_Remove"] = org.Policies[EndorsementPolicyKey]
+
+		orgGroup, err := newOrgConfigGroup(org)
+		gt.Expect(err).NotTo(HaveOccurred())
+
+		applicationGroup.Groups[org.Name] = orgGroup
+	}
+	channelGroup.Groups[ApplicationGroupKey] = applicationGroup
+	config := &cb.Config{
+		ChannelGroup: channelGroup,
+	}
+
+	c := New(config)
+
+	applicationOrg1 := c.Application().Organization("Org1")
+	policies := map[string]Policy{
+		ReadersPolicyKey: {
+			Type: ImplicitMetaPolicyType,
+			Rule: "ANY Readers",
+		},
+		WritersPolicyKey: {
+			Type: ImplicitMetaPolicyType,
+			Rule: "ANY Writers",
+		},
+		AdminsPolicyKey: {
+			Type: ImplicitMetaPolicyType,
+			Rule: "MAJORITY Admins",
+		},
+		EndorsementPolicyKey: {
+			Type: ImplicitMetaPolicyType,
+			Rule: "MAJORITY Endorsement",
+		},
+		LifecycleEndorsementPolicyKey: {
+			Type: ImplicitMetaPolicyType,
+			Rule: "MAJORITY Endorsement",
+		},
+		"TestPolicy_Add1": {
+			Type: ImplicitMetaPolicyType,
+			Rule: "MAJORITY Endorsement",
+		},
+		"TestPolicy_Add2": {
+			Type: ImplicitMetaPolicyType,
+			Rule: "MAJORITY Endorsement",
+		},
+	}
+	err := applicationOrg1.SetPolicies(AdminsPolicyKey, policies)
+	gt.Expect(err).NotTo(HaveOccurred())
+
+	updatedPolicies, err := applicationOrg1.Policies()
+	gt.Expect(err).NotTo(HaveOccurred())
+	gt.Expect(updatedPolicies).To(Equal(policies))
+
+	originalPolicies := c.original.ChannelGroup.Groups[ApplicationGroupKey].Groups["Org1"].Policies
+	gt.Expect(originalPolicies).To(Equal(applicationGroup.Groups["Org1"].Policies))
+}
+
+func TestSetApplicationOrgPoliciesFailures(t *testing.T) {
+	t.Parallel()
+	gt := NewGomegaWithT(t)
+
+	channelGroup := newConfigGroup()
+	applicationGroup := newConfigGroup()
+
+	application, _ := baseApplication(t)
+	for _, org := range application.Organizations {
+		org.Policies = applicationOrgStandardPolicies()
+
+		orgGroup, err := newOrgConfigGroup(org)
+		gt.Expect(err).NotTo(HaveOccurred())
+
+		applicationGroup.Groups[org.Name] = orgGroup
+	}
+	channelGroup.Groups[ApplicationGroupKey] = applicationGroup
+	config := &cb.Config{
+		ChannelGroup: channelGroup,
+	}
+
+	c := New(config)
+
+	policies := map[string]Policy{
+		ReadersPolicyKey: {
+			Type: ImplicitMetaPolicyType,
+			Rule: "ANY Readers",
+		},
+		WritersPolicyKey: {
+			Type: ImplicitMetaPolicyType,
+			Rule: "ANY Writers",
+		},
+		AdminsPolicyKey: {
+			Type: ImplicitMetaPolicyType,
+			Rule: "MAJORITY Admins",
+		},
+		EndorsementPolicyKey: {
+			Type: ImplicitMetaPolicyType,
+			Rule: "MAJORITY Endorsement",
+		},
+		LifecycleEndorsementPolicyKey: {
+			Type: ImplicitMetaPolicyType,
+			Rule: "MAJORITY Endorsement",
+		},
+		"TestPolicy": {},
+	}
+
+	err := c.Application().Organization("Org1").SetPolicies(AdminsPolicyKey, policies)
+	gt.Expect(err).To(MatchError("failed to set policies: unknown policy type: "))
+}
+
 func TestSetApplicationPolicy(t *testing.T) {
 	t.Parallel()
 	gt := NewGomegaWithT(t)
@@ -1829,6 +1947,96 @@ func TestSetApplicationPolicyFailures(t *testing.T) {
 	gt.Expect(err).To(MatchError("failed to set policy 'TestPolicy': unknown policy type: "))
 }
 
+func TestSetApplicationPolicies(t *testing.T) {
+	t.Parallel()
+	gt := NewGomegaWithT(t)
+
+	channelGroup := newConfigGroup()
+	application, _ := baseApplication(t)
+	application.Policies["TestPolicy_Remove"] = application.Policies[ReadersPolicyKey]
+
+	applicationGroup, err := newApplicationGroupTemplate(application)
+	gt.Expect(err).NotTo(HaveOccurred())
+
+	channelGroup.Groups[ApplicationGroupKey] = applicationGroup
+	config := &cb.Config{
+		ChannelGroup: channelGroup,
+	}
+
+	c := New(config)
+
+	newPolicies := map[string]Policy{
+		ReadersPolicyKey: {
+			Type: ImplicitMetaPolicyType,
+			Rule: "ANY Readers",
+		},
+		WritersPolicyKey: {
+			Type: ImplicitMetaPolicyType,
+			Rule: "ANY Writers",
+		},
+		AdminsPolicyKey: {
+			Type: ImplicitMetaPolicyType,
+			Rule: "MAJORITY Admins",
+		},
+		"TestPolicy_Add1": {
+			Type: ImplicitMetaPolicyType,
+			Rule: "MAJORITY Endorsement",
+		},
+		"TestPolicy_Add2": {
+			Type: ImplicitMetaPolicyType,
+			Rule: "MAJORITY Endorsement",
+		},
+	}
+
+	a := c.Application()
+	err = a.SetPolicies(AdminsPolicyKey, newPolicies)
+	gt.Expect(err).NotTo(HaveOccurred())
+
+	updatedPolicies, err := a.Policies()
+	gt.Expect(err).NotTo(HaveOccurred())
+	gt.Expect(updatedPolicies).To(Equal(newPolicies))
+
+	originalPolicies := c.original.ChannelGroup.Groups[ApplicationGroupKey].Policies
+	gt.Expect(originalPolicies).To(Equal(applicationGroup.Policies))
+}
+
+func TestSetApplicationPoliciesFailures(t *testing.T) {
+	t.Parallel()
+	gt := NewGomegaWithT(t)
+
+	channelGroup := newConfigGroup()
+	application, _ := baseApplication(t)
+
+	applicationGroup, err := newApplicationGroupTemplate(application)
+	gt.Expect(err).NotTo(HaveOccurred())
+
+	channelGroup.Groups[ApplicationGroupKey] = applicationGroup
+	config := &cb.Config{
+		ChannelGroup: channelGroup,
+	}
+
+	c := New(config)
+
+	newPolicies := map[string]Policy{
+		ReadersPolicyKey: {
+			Type: ImplicitMetaPolicyType,
+			Rule: "ANY Readers",
+		},
+		WritersPolicyKey: {
+			Type: ImplicitMetaPolicyType,
+			Rule: "ANY Writers",
+		},
+		AdminsPolicyKey: {
+			Type: ImplicitMetaPolicyType,
+			Rule: "MAJORITY Admins",
+		},
+		"TestPolicy": {},
+	}
+
+	err = c.Application().SetPolicies(AdminsPolicyKey, newPolicies)
+	gt.Expect(err).To(MatchError("failed to set policies: unknown policy type: "))
+}
+
 func TestAppOrgRemoveApplicationPolicy(t *testing.T) {
 	t.Parallel()
 	gt := NewGomegaWithT(t)

diff --git a/configtx/channel.go b/configtx/channel.go
@@ -84,11 +84,17 @@ func (c *ChannelGroup) Policies() (map[string]Policy, error) {
 }
 
 // SetPolicy sets the specified policy in the channel group's config policy map.
-// If the policy already exist in current configuration, its value will be overwritten.
+// If the policy already exists in current configuration, its value will be overwritten.
 func (c *ChannelGroup) SetPolicy(modPolicy, policyName string, policy Policy) error {
 	return setPolicy(c.channelGroup, modPolicy, policyName, policy)
 }
 
+// SetPolicies sets the specified policies in the channel group's config policy map.
+// If the policies already exist in current configuration, the values will be replaced with new policies.
+func (c *ChannelGroup) SetPolicies(modPolicy string, policies map[string]Policy) error {
+	return setPolicies(c.channelGroup, policies, modPolicy)
+}
+
 // RemovePolicy removes an existing channel level policy.
 func (c *ChannelGroup) RemovePolicy(policyName string) error {
 	policies, err := c.Policies()
@@ -112,7 +118,7 @@ func (c *ChannelGroup) Capabilities() ([]string, error) {
 }
 
 // AddCapability adds capability to the provided channel config.
-// If the provided capability already exist in current configuration, this action
+// If the provided capability already exists in current configuration, this action
 // will be a no-op.
 func (c *ChannelGroup) AddCapability(capability string) error {
 	capabilities, err := c.Capabilities()