def test_reject_all_rules_from_auth_rules_txn(looper, sdk_wallet_trustee, sdk_pool_handle): _, before_resp = sdk_send_and_check_get_auth_rule_request( looper, sdk_pool_handle, sdk_wallet_trustee)[0] rules = [ generate_auth_rule(ADD_PREFIX, NYM, ROLE, "wrong_new_value"), generate_auth_rule(EDIT_PREFIX, NYM, ROLE, TRUST_ANCHOR, TRUSTEE) ] with pytest.raises(RequestNackedException): sdk_send_and_check_auth_rules_request(looper, sdk_pool_handle, sdk_wallet_trustee, rules=rules) _, after_resp = sdk_send_and_check_get_auth_rule_request( looper, sdk_pool_handle, sdk_wallet_trustee)[0] assert before_resp["result"][DATA] == after_resp["result"][DATA]
def test_reqnack_auth_rules_transaction_with_wrong_key(looper, sdk_wallet_trustee, sdk_pool_handle): with pytest.raises(RequestNackedException) as e: sdk_send_and_check_auth_rules_request( looper, sdk_pool_handle, sdk_wallet_trustee, [generate_auth_rule(auth_type="*")]) e.match("InvalidClientRequest") e.match("is not found in authorization map")
def generate_auth_rule_operation(auth_action=ADD_PREFIX, auth_type=NYM, field=ROLE, new_value=ENDORSER, old_value=None, constraint=None): op = generate_auth_rule(auth_action, auth_type, field, new_value, old_value, constraint) op[TXN_TYPE] = AUTH_RULE return op
def sdk_send_and_check_auth_rules_request_invalid(looper, sdk_pool_handle, sdk_wallet_trustee, rules=None, no_wait=False): if rules is None: rules = [ generate_auth_rule(ADD_PREFIX, NYM, ROLE, ENDORSER), generate_auth_rule(EDIT_PREFIX, NYM, ROLE, ENDORSER, TRUSTEE) ] op = {RULES: rules, TXN_TYPE: AUTH_RULES} req_obj = sdk_gen_request(op, identifier=sdk_wallet_trustee[1]) req = sdk_sign_and_submit_req_obj(looper, sdk_pool_handle, sdk_wallet_trustee, req_obj) if no_wait: return req resp = sdk_get_and_check_replies(looper, [req]) return resp
def test_reqnack_auth_rules_add_transaction_with_wrong_format( looper, sdk_wallet_trustee, sdk_pool_handle): with pytest.raises(RequestNackedException) as e: sdk_send_and_check_auth_rules_request_invalid( looper, sdk_pool_handle, sdk_wallet_trustee, [generate_auth_rule(old_value="*")]) e.match("InvalidClientRequest") e.match("Transaction for change authentication " "rule for {}={} must not contain field {}".format( AUTH_ACTION, ADD_PREFIX, OLD_VALUE))
def test_auth_rules_transaction(looper, sdk_wallet_trustee, sdk_pool_handle): rule = generate_auth_rule() key = dict(rule) key.pop(CONSTRAINT) sdk_send_and_check_auth_rules_request(looper, sdk_pool_handle, sdk_wallet_trustee, rules=[rule]) after_resp = _send_and_check_get_auth_rule(looper, sdk_pool_handle, sdk_wallet_trustee, key) assert [rule] == after_resp[0][1]["result"][DATA]
def test_reject_with_unacceptable_role_in_constraint(looper, sdk_wallet_trustee, sdk_pool_handle): rule = generate_auth_rule() unacceptable_role = 'olololo' rule[CONSTRAINT][ROLE] = unacceptable_role with pytest.raises(RequestNackedException) as e: sdk_send_and_check_auth_rules_request(looper, sdk_pool_handle, sdk_wallet_trustee, rules=[rule]) e.match('client request invalid') e.match('Role {} is not acceptable'.format(unacceptable_role))
def test_reqnack_auth_rules_edit_transaction_with_wrong_format( looper, sdk_wallet_trustee, sdk_pool_handle): rule = generate_auth_rule(auth_action=EDIT_PREFIX) rule.pop(OLD_VALUE) with pytest.raises(RequestNackedException) as e: sdk_send_and_check_auth_rules_request_invalid(looper, sdk_pool_handle, sdk_wallet_trustee, rules=[rule]) e.match("InvalidClientRequest") e.match("Transaction for change authentication " "rule for {}={} must contain field {}".format( AUTH_ACTION, EDIT_PREFIX, OLD_VALUE))
def get_changed_auth_rules(self): constraint = AuthConstraint(role=None, sig_count=1, need_to_be_owner=False) rules = [ generate_auth_rule(auth_action=EDIT_PREFIX, auth_type=AUTH_RULES, field='*', old_value='*', new_value='*', constraint=constraint.as_dict) ] operation = {RULES: rules, TXN_TYPE: AUTH_RULES} request = sdk_gen_request(operation, identifier=self.trustee_wallet[1]) return json.dumps(request.as_dict)
def get_default_auth_rules(self): action = AuthActionEdit(txn_type=AUTH_RULES, field='*', old_value='*', new_value='*') constraint = auth_map.auth_map.get(action.get_action_id()) rules = [ generate_auth_rule(auth_action=EDIT_PREFIX, auth_type=AUTH_RULES, field='*', old_value='*', new_value='*', constraint=constraint.as_dict) ] operation = {RULES: rules, TXN_TYPE: AUTH_RULES} request = sdk_gen_request(operation, identifier=self.new_default_wallet[1]) return json.dumps(request.as_dict)