Commit 54ead35c authored by nirro's avatar nirro
Browse files

[FAB-10486] e2e test pvtdata remove and add



added e2e test for removal of org from
collection config and then add it back
to the config.

the test verifies that the org has access
to private data that was created only when
the org was part of the collection config

Change-Id: I89e33470b6edab864eba1a499fa134f14e0416a6
Signed-off-by: default avatarnirro <nirro@il.ibm.com>
parent 17de263b
......@@ -31,6 +31,11 @@ var _ = Describe("PrivateData-EndToEnd", func() {
expectedDiscoveredPeers []helpers.DiscoveredPeer
)
// at the beginning of each test under this block, we have 2 collections defined:
// 1. collectionMarbles - Org1 and Org2 are have access to this collection
// 2. collectionMarblePrivateDetails - Org2 and Org3 have access to this collection
// when calling QueryChaincode with first arg "readMarble", it will query collectionMarbles[1]
// when calling QueryChaincode with first arg "readMarblePrivateDetails", it will query collectionMarblePrivateDetails[2]
Describe("collection config is modified", func() {
BeforeEach(func() {
var err error
......@@ -116,6 +121,9 @@ var _ = Describe("PrivateData-EndToEnd", func() {
})
It("verifies access to private data after an org is added to collection config", func() {
// after the upgrade the collections will be updated as follows:
// 1. collectionMarbles - Org1, Org2 and Org3 have access to this collection
// 2. collectionMarblePrivateDetails - Org2 and Org3 have access to this collection
By("upgrading chaincode in order to update collections config")
adminPeer := getPeer(0, 1, testDir)
adminPeer.UpgradeChaincode(d.Chaincode.Name, "2.0", d.Orderer, d.Channel, `{"Args":["init"]}`, `OR ('Org1MSP.member','Org2MSP.member', 'Org3MSP.member')`, filepath.Join("testdata", "collection_configs", "collections_config2.json"))
......@@ -141,8 +149,78 @@ var _ = Describe("PrivateData-EndToEnd", func() {
adminPeer = getPeer(0, 3, testDir)
verifyAccessFailed(d.Chaincode.Name, d.Channel, `{"Args":["readMarble","marble1"]}`, adminPeer, "Failed to get state for marble1")
})
})
It("verifies access to private data after an org is removed from collection config and then added back", func() {
// after the upgrade the collections will be updated as follows:
// 1. collectionMarbles - only Org1 has access to this collection
// 2. collectionMarblePrivateDetails - Org2 and Org3 have access to this collection
By("upgrading chaincode in order to update collections config")
adminPeer := getPeer(0, 1, testDir)
adminPeer.UpgradeChaincode(d.Chaincode.Name, "2.0", d.Orderer, d.Channel, `{"Args":["init"]}`, `OR ('Org1MSP.member','Org2MSP.member', 'Org3MSP.member')`, filepath.Join("testdata", "collection_configs", "collections_config3.json"))
By("invoking initMarble function of the chaincode")
adminPeer = getPeer(0, 2, testDir)
adminRunner := adminPeer.InvokeChaincode(d.Chaincode.Name, d.Channel, `{"Args":["initMarble","marble2","yellow","53","jerry","22"]}`, d.Orderer)
err := helpers.Execute(adminRunner)
Expect(err).NotTo(HaveOccurred())
Expect(adminRunner.Err()).To(gbytes.Say("Chaincode invoke successful."))
By("check that the access of different peers is as defined in collection config")
peerList := []*runner.Peer{getPeer(0, 1, testDir)}
verifyAccess(d.Chaincode.Name, d.Channel, `{"Args":["readMarble","marble2"]}`, peerList, `{"docType":"marble","name":"marble2","color":"yellow","size":53,"owner":"jerry"}`)
peerList = []*runner.Peer{getPeer(0, 2, testDir), getPeer(0, 3, testDir)}
verifyAccess(d.Chaincode.Name, d.Channel, `{"Args":["readMarblePrivateDetails","marble2"]}`, peerList, `{"docType":"marblePrivateDetails","name":"marble2","price":22}`)
By("querying collectionMarblePrivateDetails by peer0.org1, shouldn't have access")
adminPeer = getPeer(0, 1, testDir)
verifyAccessFailed(d.Chaincode.Name, d.Channel, `{"Args":["readMarblePrivateDetails","marble2"]}`, adminPeer, "Private data matching public hash version is not available")
By("querying collectionMarbles by peer0.org2, shouldn't have access")
adminPeer = getPeer(0, 2, testDir)
verifyAccessFailed(d.Chaincode.Name, d.Channel, `{"Args":["readMarble","marble2"]}`, adminPeer, "Failed to get state for marble2")
By("querying collectionMarbles by peer0.org3, shouldn't have access")
adminPeer = getPeer(0, 3, testDir)
verifyAccessFailed(d.Chaincode.Name, d.Channel, `{"Args":["readMarble","marble2"]}`, adminPeer, "Failed to get state for marble2")
By("installing chaincode version 3.0 on all peers")
installChaincodeOnAllPeers(1, 3, d.Chaincode.Name, "3.0",
"github.com/hyperledger/fabric/integration/chaincode/marbles_private/cmd", testDir)
// after the upgrade the collections will be updated as follows:
// 1. collectionMarbles - Org1 and Org2 have access to this collection
// 2. collectionMarblePrivateDetails - Org2 and Org3 have access to this collection
adminPeer.UpgradeChaincode(d.Chaincode.Name, "3.0", d.Orderer, d.Channel, `{"Args":["init"]}`, `OR ('Org1MSP.member','Org2MSP.member', 'Org3MSP.member')`, filepath.Join("testdata", "collection_configs", "collections_config1.json"))
By("invoking initMarble function of the chaincode")
adminPeer = getPeer(0, 2, testDir)
adminRunner = adminPeer.InvokeChaincode(d.Chaincode.Name, d.Channel, `{"Args":["initMarble","marble3","green","17","mark","68"]}`, d.Orderer)
err = helpers.Execute(adminRunner)
Expect(err).NotTo(HaveOccurred())
Expect(adminRunner.Err()).To(gbytes.Say("Chaincode invoke successful."))
By("check that the access of different peers is as defined in collection config")
peerList = []*runner.Peer{getPeer(0, 1, testDir), getPeer(0, 2, testDir)}
verifyAccess(d.Chaincode.Name, d.Channel, `{"Args":["readMarble","marble3"]}`, peerList, `{"docType":"marble","name":"marble3","color":"green","size":17,"owner":"mark"}`)
peerList = []*runner.Peer{getPeer(0, 2, testDir), getPeer(0, 3, testDir)}
verifyAccess(d.Chaincode.Name, d.Channel, `{"Args":["readMarblePrivateDetails","marble3"]}`, peerList, `{"docType":"marblePrivateDetails","name":"marble3","price":68}`)
By("querying collectionMarblePrivateDetails by peer0.org1, shouldn't have access")
adminPeer = getPeer(0, 1, testDir)
verifyAccessFailed(d.Chaincode.Name, d.Channel, `{"Args":["readMarblePrivateDetails","marble3"]}`, adminPeer, "Private data matching public hash version is not available")
By("querying collectionMarbles by peer0.org3, shouldn't have access")
adminPeer = getPeer(0, 3, testDir)
verifyAccessFailed(d.Chaincode.Name, d.Channel, `{"Args":["readMarble","marble3"]}`, adminPeer, "Failed to get state for marble3")
By("querying collectionMarbles by peer0.org2, make sure it still has access to marble1 that was created before peer0.org2 was removed from the config")
verifyAccess(d.Chaincode.Name, d.Channel, `{"Args":["readMarble","marble1"]}`, []*runner.Peer{getPeer(0, 2, testDir)}, `{"docType":"marble","name":"marble1","color":"blue","size":35,"owner":"tom"}`)
By("querying collectionMarbles by peer0.org2, make sure it still doesn't have access to marble2 that was created while peer0.org2 wasn't in the config")
adminPeer = getPeer(0, 2, testDir)
verifyAccessFailed(d.Chaincode.Name, d.Channel, `{"Args":["readMarble","marble2"]}`, adminPeer, "Failed to get state for marble2")
})
})
})
func getPeer(peer int, org int, testDir string) *runner.Peer {
......
[
{
"name": "collectionMarbles",
"policy": "OR('Org1MSP.member')",
"requiredPeerCount": 0,
"maxPeerCount": 2,
"blockToLive":1000000
},
{
"name": "collectionMarblePrivateDetails",
"policy": "OR('Org2MSP.member', 'Org3MSP.member')",
"requiredPeerCount": 1,
"maxPeerCount": 2,
"blockToLive":1000000
}
]
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment