def _build_principal(self, identity):
if 'role' not in identity:
raise Exception('NOT IMPLEMENTED')
newPrincipal = msp_principal_pb2.MSPPrincipal()
newPrincipal.principal_classification = \
msp_principal_pb2.MSPPrincipal.ROLE
newRole = msp_principal_pb2.MSPRole()
roleName = identity['role']['name']
if roleName == 'peer':
newRole.role = msp_principal_pb2.MSPRole.PEER
elif roleName == 'member':
newRole.role = msp_principal_pb2.MSPRole.MEMBER
elif roleName == 'admin':
newRole.role = msp_principal_pb2.MSPRole.ADMIN
else:
raise Exception(f'Invalid role name found: must'
f' be one of "peer", "member" or'
f' "admin", but found "{roleName}"')
mspid = identity['role']['mspId']
if not mspid or not isinstance(mspid, str):
raise Exception(f'Invalid mspid found: "{mspid}"')
newRole.msp_identifier = mspid.encode()
newPrincipal.principal = newRole.SerializeToString()
return newPrincipal
def decode_MSP_principal(proto_msp_principal):
"""Decodes MSP Principal
Args:
proto_msp_principal (str): Bytes for MSP Principals
Returns: deserialized MSP Principal based on classification.
"""
msp_principal = {}
msp_principal['principal_classification'] = \
proto_msp_principal.principal_classification
if (msp_principal['principal_classification'] ==
msp_principal_pb2.MSPPrincipal.ROLE):
msp_principal['principal_classification'] = 'ROLE'
proto_principal = msp_principal_pb2.MSPRole()
proto_principal.ParseFromString(proto_msp_principal.principal)
msp_principal['principal'] = {}
msp_principal['principal']['msp_identifier'] = \
proto_principal.msp_identifier
if proto_principal.role == 0:
msp_principal['principal']['role'] = 'MEMBER'
elif proto_principal.role == 1:
msp_principal['principal']['role'] = 'ADMIN'
else:
pass
elif (msp_principal['principal_classification'] ==
msp_principal_pb2.MSPPrincipal.ORGANIZATION_UNIT):
msp_principal['principal_classification'] = 'ORGANIZATION_UNIT'
proto_principal = msp_principal_pb2.OrganizationUnit()
proto_principal.ParseFromString(proto_msp_principal.principal)
msp_principal['principal'] = {}
msp_principal['principal']['msp_identifier'] = \
proto_principal.msp_identifier
msp_principal['principal']['organizational_unit_identifier'] = \
proto_principal.organizational_unit_identifier
msp_principal['principal']['certifiers_identifier'] = \
proto_principal.certifiers_identifier
else:
# Case of IDENTITY
msp_principal = decode_identity(proto_msp_principal.principal)
return msp_principal
def _build_policy(self, policy, msps=None, returnProto=False):
proto_signature_policy_envelope = \
policies_pb2.SignaturePolicyEnvelope()
if policy:
self._check_policy(policy)
proto_signature_policy_envelope.version = 0
proto_signature_policy_envelope.rule.CopyFrom(
self._get_policy(policy['policy']))
proto_signature_policy_envelope.identities.extend(
[self._build_principal(x) for x in policy['identities']])
else:
# TODO need to support MSPManager
# no policy was passed in, construct a 'Signed By any member
# of an organization by mspid' policy
# construct a list of msp principals to select from using the
# 'n out of' operator
# for not making it fail with current code
return proto_b('')
principals = []
signedBys = []
index = 0
if msps is None:
msps = []
for msp in msps:
onePrn = msp_principal_pb2.MSPPrincipal()
onePrn.principal_classification = \
msp_principal_pb2.MSPPrincipal.ROLE
memberRole = msp_principal_pb2.MSPRole()
memberRole.role = msp_principal_pb2.MSPRole.MEMBER
memberRole.msp_identifier = msp
onePrn.principal = memberRole.SerializeToString()
principals.append(onePrn)
signedBy = policies_pb2.SignaturePolicy()
index += 1
signedBy.signed_by = index
signedBys.append(signedBy)
if len(principals) == 0:
raise Exception('Verifying MSPs not found in the'
' channel object, make sure'
' "initialize()" is called first.')
oneOfAny = policies_pb2.SignaturePolicy.NOutOf()
oneOfAny.n = 1
oneOfAny.rules.extend(signedBys)
noutof = policies_pb2.SignaturePolicy()
noutof.n_out_of.CopyFrom(oneOfAny)
proto_signature_policy_envelope.version = 0
proto_signature_policy_envelope.rule.CopyFrom(noutof)
proto_signature_policy_envelope.identities.extend(principals)
if returnProto:
return proto_signature_policy_envelope
return proto_signature_policy_envelope.SerializeToString()