[FAB-17575] Encapsulate msp configuration at an organization level

* Fixes bug where CreateChannelTx was passing a single msp configuration used across all orgs Signed-off-by: Danny Cao <[email protected]>
ibrandis · Mar 2, 2020 · e8b882a · e8b882a
1 parent 4e68e59
commit e8b882a
Show file tree

Hide file tree

Showing 8 changed files with 87 additions and 106 deletions.
diff --git a/pkg/config/application.go b/pkg/config/application.go
@@ -11,7 +11,6 @@ import (
 
  "github.com/golang/protobuf/proto"
  cb "github.com/hyperledger/fabric-protos-go/common"
- mb "github.com/hyperledger/fabric-protos-go/msp"
  pb "github.com/hyperledger/fabric-protos-go/peer"
 )
 
@@ -33,7 +32,7 @@ type AnchorPeer struct {
 
 // NewApplicationGroup returns the application component of the channel configuration.
 // By default, tt sets the mod_policy of all elements to "Admins".
-func NewApplicationGroup(application *Application, mspConfig *mb.MSPConfig) (*cb.ConfigGroup, error) {
+func NewApplicationGroup(application *Application) (*cb.ConfigGroup, error) {
  var err error
 
  applicationGroup := newConfigGroup()
@@ -58,7 +57,7 @@ func NewApplicationGroup(application *Application, mspConfig *mb.MSPConfig) (*cb
  }
 
  for _, org := range application.Organizations {
- applicationGroup.Groups[org.Name], err = newOrgConfigGroup(org, mspConfig)
+ applicationGroup.Groups[org.Name], err = newOrgConfigGroup(org)
  if err != nil {
  return nil, fmt.Errorf("org group '%s': %v", org.Name, err)
  }

diff --git a/pkg/config/application_test.go b/pkg/config/application_test.go
@@ -25,9 +25,7 @@ func TestNewApplicationGroup(t *testing.T) {
 
  application := baseApplication()
 
- mspConfig := &mb.MSPConfig{}
-
- applicationGroup, err := NewApplicationGroup(application, mspConfig)
+ applicationGroup, err := NewApplicationGroup(application)
  gt.Expect(err).NotTo(HaveOccurred())
 
  // ApplicationGroup checks
@@ -99,9 +97,7 @@ func TestNewApplicationGroupFailure(t *testing.T) {
  application := baseApplication()
  tt.applicationMod(application)
 
- mspConfig := &mb.MSPConfig{}
-
- configGrp, err := NewApplicationGroup(application, mspConfig)
+ configGrp, err := NewApplicationGroup(application)
  gt.Expect(err).To(MatchError(tt.expectedErr))
  gt.Expect(configGrp).To(BeNil())
  })
@@ -117,9 +113,7 @@ func TestNewApplicationGroupSkipAsForeign(t *testing.T) {
  application.Organizations[0].SkipAsForeign = true
  application.Organizations[1].SkipAsForeign = true
 
- mspConfig := &mb.MSPConfig{}
-
- applicationGroup, err := NewApplicationGroup(application, mspConfig)
+ applicationGroup, err := NewApplicationGroup(application)
  gt.Expect(err).NotTo(HaveOccurred())
  gt.Expect(applicationGroup.Groups["Org1"]).To(Equal(&cb.ConfigGroup{
  ModPolicy: AdminsPolicyKey,
@@ -462,6 +456,7 @@ func baseApplication() *Application {
  AnchorPeers: []*AnchorPeer{
  {Host: "host1", Port: 123},
  },
+ MSPConfig: &mb.FabricMSPConfig{},
  },
  {
  Name: "Org2",
@@ -470,6 +465,7 @@ func baseApplication() *Application {
  AnchorPeers: []*AnchorPeer{
  {Host: "host2", Port: 123},
  },
+ MSPConfig: &mb.FabricMSPConfig{},
  },
  },
  Capabilities: map[string]bool{

diff --git a/pkg/config/config.go b/pkg/config/config.go
@@ -50,9 +50,10 @@ type Resources struct {
 // Organization encodes the organization-level configuration needed in
 // config transactions.
 type Organization struct {
- Name string
- ID string
- Policies map[string]*Policy
+ Name string
+ ID string
+ Policies map[string]*Policy
+ MSPConfig *mb.FabricMSPConfig
 
  AnchorPeers []*AnchorPeer
  OrdererEndpoints []string
@@ -73,7 +74,7 @@ type standardConfigPolicy struct {
 }
 
 // NewCreateChannelTx creates a create channel tx using the provided channel config.
-func NewCreateChannelTx(channelConfig *Channel, mspConfig *mb.FabricMSPConfig) (*cb.Envelope, error) {
+func NewCreateChannelTx(channelConfig *Channel) (*cb.Envelope, error) {
  var err error
 
  if channelConfig == nil {
@@ -86,29 +87,19 @@ func NewCreateChannelTx(channelConfig *Channel, mspConfig *mb.FabricMSPConfig) (
  return nil, errors.New("profile's channel ID is required")
  }
 
- config, err := proto.Marshal(mspConfig)
- if err != nil {
- return nil, fmt.Errorf("failed to marshal msp config: %v", err)
- }
-
- // mspconf defaults type to FABRIC which implements an X.509 based provider
- mspconf := &mb.MSPConfig{
- Config: config,
- }
-
- ct, err := defaultConfigTemplate(channelConfig, mspconf)
+ ct, err := defaultConfigTemplate(channelConfig)
  if err != nil {
  return nil, fmt.Errorf("creating default config template: %v", err)
  }
 
- newChannelConfigUpdate, err := newChannelCreateConfigUpdate(channelID, channelConfig, ct, mspconf)
+ newChannelConfigUpdate, err := newChannelCreateConfigUpdate(channelID, channelConfig, ct)
  if err != nil {
  return nil, fmt.Errorf("creating channel create config update: %v", err)
  }
 
  configUpdate, err := proto.Marshal(newChannelConfigUpdate)
  if err != nil {
- return nil, fmt.Errorf("failed marshalling new channel config update: %v", err)
+ return nil, fmt.Errorf("marshalling new channel config update: %v", err)
  }
 
  newConfigUpdateEnv := &cb.ConfigUpdateEnvelope{
@@ -133,7 +124,7 @@ func SignConfigUpdate(configUpdate *cb.ConfigUpdate, signingIdentity *SigningIde
 
  header, err := proto.Marshal(signatureHeader)
  if err != nil {
- return nil, fmt.Errorf("failed to marshal signature header: %v", err)
+ return nil, fmt.Errorf("marshalling signature header: %v", err)
  }
 
  configSignature := &cb.ConfigSignature{
@@ -142,7 +133,7 @@ func SignConfigUpdate(configUpdate *cb.ConfigUpdate, signingIdentity *SigningIde
 
  configUpdateBytes, err := proto.Marshal(configUpdate)
  if err != nil {
- return nil, fmt.Errorf("failed to marshal config update: %v", err)
+ return nil, fmt.Errorf("marshalling config update: %v", err)
  }
 
  configSignature.Signature, err = signingIdentity.Sign(
@@ -162,7 +153,7 @@ func CreateSignedConfigUpdateEnvelope(configUpdate *cb.ConfigUpdate, signingIden
  signatures ...*cb.ConfigSignature) (*cb.Envelope, error) {
  update, err := proto.Marshal(configUpdate)
  if err != nil {
- return nil, fmt.Errorf("failed to marshal config update: %v", err)
+ return nil, fmt.Errorf("marshalling config update: %v", err)
  }
 
  configUpdateEnvelope := &cb.ConfigUpdateEnvelope{
@@ -189,7 +180,7 @@ func signatureHeader(signingIdentity *SigningIdentity) (*cb.SignatureHeader, err
 
  idBytes, err := proto.Marshal(&mb.SerializedIdentity{Mspid: signingIdentity.MSPID, IdBytes: buffer.Bytes()})
  if err != nil {
- return nil, fmt.Errorf("failed to marshal serialized identity: %v", err)
+ return nil, fmt.Errorf("marshalling serialized identity: %v", err)
  }
 
  nonce, err := newNonce()
@@ -216,7 +207,7 @@ func newNonce() ([]byte, error) {
 }
 
 // newChannelGroup defines the root of the channel configuration.
-func newChannelGroup(channelConfig *Channel, mspConfig *mb.MSPConfig) (*cb.ConfigGroup, error) {
+func newChannelGroup(channelConfig *Channel) (*cb.ConfigGroup, error) {
  var err error
 
  channelGroup := newConfigGroup()
@@ -257,21 +248,21 @@ func newChannelGroup(channelConfig *Channel, mspConfig *mb.MSPConfig) (*cb.Confi
  }
 
  if channelConfig.Orderer != nil {
- channelGroup.Groups[OrdererGroupKey], err = NewOrdererGroup(channelConfig.Orderer, mspConfig)
+ channelGroup.Groups[OrdererGroupKey], err = NewOrdererGroup(channelConfig.Orderer)
  if err != nil {
  return nil, fmt.Errorf("failed to create orderer group: %v", err)
  }
  }
 
  if channelConfig.Application != nil {
- channelGroup.Groups[ApplicationGroupKey], err = NewApplicationGroup(channelConfig.Application, mspConfig)
+ channelGroup.Groups[ApplicationGroupKey], err = NewApplicationGroup(channelConfig.Application)
  if err != nil {
  return nil, fmt.Errorf("failed to create application group: %v", err)
  }
  }
 
  if channelConfig.Consortiums != nil {
- channelGroup.Groups[ConsortiumsGroupKey], err = NewConsortiumsGroup(channelConfig.Consortiums, mspConfig)
+ channelGroup.Groups[ConsortiumsGroupKey], err = NewConsortiumsGroup(channelConfig.Consortiums)
  if err != nil {
  return nil, fmt.Errorf("failed to create consortiums group: %v", err)
  }
@@ -285,7 +276,7 @@ func newChannelGroup(channelConfig *Channel, mspConfig *mb.MSPConfig) (*cb.Confi
 // newOrgConfigGroup returns an config group for a organization.
 // It defines the crypto material for the organization (its MSP).
 // It sets the mod_policy of all elements to "Admins".
-func newOrgConfigGroup(org *Organization, mspConfig *mb.MSPConfig) (*cb.ConfigGroup, error) {
+func newOrgConfigGroup(org *Organization) (*cb.ConfigGroup, error) {
  orgGroup := newConfigGroup()
  orgGroup.ModPolicy = AdminsPolicyKey
 
@@ -297,7 +288,17 @@ func newOrgConfigGroup(org *Organization, mspConfig *mb.MSPConfig) (*cb.ConfigGr
  return nil, err
  }
 
- err := addValue(orgGroup, mspValue(mspConfig), AdminsPolicyKey)
+ conf, err := proto.Marshal(org.MSPConfig)
+ if err != nil {
+ return nil, fmt.Errorf("marshalling msp config: %v", err)
+ }
+
+ // mspConfig defaults type to FABRIC which implements an X.509 based provider
+ mspConfig := &mb.MSPConfig{
+ Config: conf,
+ }
+
+ err = addValue(orgGroup, mspValue(mspConfig), AdminsPolicyKey)
  if err != nil {
  return nil, err
  }
@@ -498,8 +499,8 @@ func mspValue(mspDef *mb.MSPConfig) *standardConfigValue {
 // defaultConfigTemplate generates a config template based on the assumption that
 // the input profile is a channel creation template and no system channel context
 // is available.
-func defaultConfigTemplate(channelConfig *Channel, mspConfig *mb.MSPConfig) (*cb.ConfigGroup, error) {
- channelGroup, err := newChannelGroup(channelConfig, mspConfig)
+func defaultConfigTemplate(channelConfig *Channel) (*cb.ConfigGroup, error) {
+ channelGroup, err := newChannelGroup(channelConfig)
  if err != nil {
  return nil, err
  }
@@ -517,9 +518,8 @@ func defaultConfigTemplate(channelConfig *Channel, mspConfig *mb.MSPConfig) (*cb
 // newChannelCreateConfigUpdate generates a ConfigUpdate which can be sent to the orderer to create a new channel.
 // Optionally, the channel group of the ordering system channel may be passed in, and the resulting ConfigUpdate
 // will extract the appropriate versions from this file.
-func newChannelCreateConfigUpdate(channelID string, channelConfig *Channel, templateConfig *cb.ConfigGroup,
- mspConfig *mb.MSPConfig) (*cb.ConfigUpdate, error) {
- newChannelGroup, err := newChannelGroup(channelConfig, mspConfig)
+func newChannelCreateConfigUpdate(channelID string, channelConfig *Channel, templateConfig *cb.ConfigGroup) (*cb.ConfigUpdate, error) {
+ newChannelGroup, err := newChannelGroup(channelConfig)
  if err != nil {
  return nil, err
  }

diff --git a/pkg/config/config_test.go b/pkg/config/config_test.go
@@ -241,11 +241,10 @@ func TestNewCreateChannelTx(t *testing.T) {
  t.Parallel()
  gt := NewGomegaWithT(t)
 
- mspConfig := &mb.FabricMSPConfig{}
  profile := tt.profileMod()
 
  // creating a create channel transaction
- envelope, err := NewCreateChannelTx(profile, mspConfig)
+ envelope, err := NewCreateChannelTx(profile)
  gt.Expect(err).ToNot(HaveOccurred())
  gt.Expect(envelope).ToNot(BeNil())
 
@@ -481,10 +480,9 @@ func TestNewCreateChannelTxFailure(t *testing.T) {
 
  gt := NewGomegaWithT(t)
 
- mspConfig := &mb.FabricMSPConfig{}
  profile := tt.profileMod()
 
- env, err := NewCreateChannelTx(profile, mspConfig)
+ env, err := NewCreateChannelTx(profile)
  gt.Expect(env).To(BeNil())
  gt.Expect(err).To(MatchError(tt.err))
  })
@@ -563,7 +561,7 @@ func TestCreateSignedConfigUpdateEnvelopeFailures(t *testing.T) {
  configUpdate: nil,
  signingIdentity: signingIdentity,
  configSignature: []*cb.ConfigSignature{configSignature},
- expectedErr: "failed to marshal config update: proto: Marshal called with nil",
+ expectedErr: "marshalling config update: proto: Marshal called with nil",
  },
  }
 
@@ -589,14 +587,16 @@ func baseProfile() *Channel {
  Policies: standardPolicies(),
  Organizations: []*Organization{
  {
- Name: "Org1",
- ID: "Org1MSP",
- Policies: applicationOrgStandardPolicies(),
+ Name: "Org1",
+ ID: "Org1MSP",
+ Policies: applicationOrgStandardPolicies(),
+ MSPConfig: &mb.FabricMSPConfig{},
  },
  {
- Name: "Org2",
- ID: "Org2MSP",
- Policies: applicationOrgStandardPolicies(),
+ Name: "Org2",
+ ID: "Org2MSP",
+ Policies: applicationOrgStandardPolicies(),
+ MSPConfig: &mb.FabricMSPConfig{},
  },
  },
  Capabilities: map[string]bool{
@@ -742,11 +742,9 @@ func TestNewOrgConfigGroup(t *testing.T) {
  "version": "0"
 }
 `
- mspConfig := &mb.MSPConfig{}
-
  org := baseProfile().Application.Organizations[0]
  org.OrdererEndpoints = []string{"123.45.677:8080"}
- configGroup, err := newOrgConfigGroup(org, mspConfig)
+ configGroup, err := newOrgConfigGroup(org)
  gt.Expect(err).NotTo(HaveOccurred())
 
  buf := bytes.Buffer{}
@@ -766,11 +764,9 @@ func TestNewOrgConfigGroup(t *testing.T) {
  err := protolator.DeepMarshalJSON(&expectedBuf, expectedConfigGroup)
  gt.Expect(err).NotTo(HaveOccurred())
 
- mspConfig := &mb.MSPConfig{}
-
  org := baseProfile().Application.Organizations[0]
  org.SkipAsForeign = true
- configGroup, err := newOrgConfigGroup(org, mspConfig)
+ configGroup, err := newOrgConfigGroup(org)
  gt.Expect(err).NotTo(HaveOccurred())
 
  buf := bytes.Buffer{}
@@ -787,23 +783,21 @@ func TestNewOrgConfigGroupFailure(t *testing.T) {
  tests := []struct {
  name string
  organizationMod func(*Organization)
- mspConfig *mb.MSPConfig
  expectedErr string
  }{
  {
  "When failing to add policies",
  func(o *Organization) {
  o.Policies = nil
  },
- &mb.MSPConfig{},
  "no policies defined",
  },
  {
  "When failing to add msp value",
  func(o *Organization) {
+ o.MSPConfig = nil
  },
- nil,
- "marshalling standard config value 'MSP': proto: Marshal called with nil",
+ "marshalling msp config: proto: Marshal called with nil",
  },
  }
 
@@ -815,7 +809,7 @@ func TestNewOrgConfigGroupFailure(t *testing.T) {
  gt := NewGomegaWithT(t)
  baseOrg := baseProfile().Application.Organizations[0]
  tt.organizationMod(baseOrg)
- configGroup, err := newOrgConfigGroup(baseOrg, tt.mspConfig)
+ configGroup, err := newOrgConfigGroup(baseOrg)
  gt.Expect(err).To(MatchError(tt.expectedErr))
  gt.Expect(configGroup).To(BeNil())
  })