def test_network_monitor_suspension_by_itself(looper, sdk_pool_handle,
sdk_wallet_steward,
sdk_wallet_handle, with_verkey):
new_network_monitor_did, new_network_monitor_verkey = looper.loop.run_until_complete(
did.create_and_store_my_did(sdk_wallet_steward[0], "{}"))
"""Adding NETWORK_MONITOR role by steward"""
op = {
'type': '1',
'dest': new_network_monitor_did,
'role': NETWORK_MONITOR,
'verkey': new_network_monitor_verkey
}
req = sdk_sign_and_submit_op(looper, sdk_pool_handle,
(sdk_wallet_handle, sdk_wallet_steward[1]),
op)
sdk_get_and_check_replies(looper, [req])
"""Blacklisting network_monitor by itself"""
op = {'type': '1', 'dest': new_network_monitor_did, 'role': None}
if with_verkey:
op['verkey'] = new_network_monitor_verkey
req = sdk_sign_and_submit_op(looper, sdk_pool_handle,
(sdk_wallet_handle, new_network_monitor_did),
op)
with pytest.raises(RequestRejectedException):
sdk_get_and_check_replies(looper, [req])
def test_authentication(looper, pre_reqs, registration, sdk_wallet_client,
sdk_pool_handle):
_, core_authnr, req_authnr = pre_reqs
# Remove simple_authnr
req_authnr._authenticators = req_authnr._authenticators[:-1]
# Exception for unknown txn type
op = {
TXN_TYPE: 'random_txn_type',
f.LEDGER_ID.nm: DOMAIN_LEDGER_ID,
DATA: 1
}
# Just creating the request
req = sdk_sign_and_submit_op(looper, sdk_pool_handle, sdk_wallet_client,
op)
with pytest.raises(NoAuthenticatorFound):
req_authnr.authenticate(req[0])
# Empty set for query txn type
op = {TXN_TYPE: GET_TXN, f.LEDGER_ID.nm: DOMAIN_LEDGER_ID, DATA: 1}
# Just creating the request
req = sdk_sign_and_submit_op(looper, sdk_pool_handle, sdk_wallet_client,
op)
assert set() == req_authnr.authenticate(req[0])
# identifier for write type
wh, did = sdk_wallet_client
req = new_client_request(None, randomString(), looper, sdk_wallet_client)
core_authnr.addIdr(
did,
looper.loop.run_until_complete(key_for_did(sdk_pool_handle, wh, did)))
assert req_authnr.authenticate(json.loads(req)) == {
did,
}
def test_new_DID_cannot_update_another_DID(looper,
sdk_pool_handle,
sdk_wallet_trustee,
sdk_wallet_handle):
"""Create trustee"""
trustee_did, trustee_verkey = looper.loop.run_until_complete(
did.create_and_store_my_did(sdk_wallet_trustee[0], "{}"))
"""Add trustee to ledger"""
sdk_add_new_nym(looper, sdk_pool_handle,
sdk_wallet_trustee, 'newTrustee', TRUSTEE_STRING, verkey=trustee_verkey, dest=trustee_did)
"""new DID (no role)"""
new_no_role_did, new_no_role_verkey = looper.loop.run_until_complete(
did.create_and_store_my_did(sdk_wallet_trustee[0], "{}"))
"""Adding new DID (no role) to ledger"""
sdk_add_new_nym(looper, sdk_pool_handle,
sdk_wallet_trustee,
'noRole',
verkey=new_no_role_verkey, dest=new_no_role_did)
"""Nym transaction to update Trustee DID that makes no change to verkey or role"""
op = {'type': '1',
'dest': trustee_did
}
"""Submitting the transaction fails"""
with pytest.raises(RequestRejectedException):
req = sdk_sign_and_submit_op(looper, sdk_pool_handle, sdk_wallet_trustee, op)
sdk_get_and_check_replies(looper, [req])
def test_steward_suspension_by_another_trustee(looper, sdk_pool_handle,
sdk_wallet_trustee,
sdk_wallet_handle, with_verkey):
new_trustee_did, new_trustee_verkey = looper.loop.run_until_complete(
did.create_and_store_my_did(sdk_wallet_trustee[0], "{}"))
new_steward_did, new_steward_verkey = looper.loop.run_until_complete(
did.create_and_store_my_did(sdk_wallet_trustee[0], "{}"))
"""Adding new steward"""
sdk_add_new_nym(looper,
sdk_pool_handle,
sdk_wallet_trustee,
'newSteward',
STEWARD_STRING,
verkey=new_steward_verkey,
dest=new_steward_did)
"""Adding new trustee"""
sdk_add_new_nym(looper,
sdk_pool_handle,
sdk_wallet_trustee,
'newTrustee',
TRUSTEE_STRING,
verkey=new_trustee_verkey,
dest=new_trustee_did)
"""Blacklisting new steward by new trustee"""
op = {'type': '1', 'dest': new_steward_did, 'role': None}
if with_verkey:
op['verkey'] = new_steward_verkey
req = sdk_sign_and_submit_op(looper, sdk_pool_handle,
(sdk_wallet_handle, new_trustee_did), op)
if with_verkey:
with pytest.raises(RequestRejectedException):
sdk_get_and_check_replies(looper, [req])
else:
sdk_get_and_check_replies(looper, [req])
def test_nym_addition_fails_with_empty_verkey(looper, sdk_pool_handle,
sdk_wallet_trustee):
op = add_nym_operation(seed=b'a secret trust anchor seed......')
op[VERKEY] = ''
req = sdk_sign_and_submit_op(looper, sdk_pool_handle, sdk_wallet_trustee, op)
sdk_get_bad_response(looper, [req], RequestNackedException,
'Neither a full verkey nor an abbreviated one')
def do_edit_revoc_reg_def(self, origin_rrd_req, wallet):
origin_rrd_req[OPERATION][VALUE][TAILS_HASH] = randomString(20)
resp = sdk_sign_and_submit_op(self.looper,
self.sdk_pool_handle,
wallet,
op=origin_rrd_req[OPERATION])
sdk_get_and_check_replies(self.looper, [resp])
def test_network_monitor_suspension_by_another_steward(looper, sdk_pool_handle,
sdk_wallet_steward,
sdk_wallet_trustee,
sdk_wallet_handle,
with_verkey):
new_steward_did, new_steward_verkey = looper.loop.run_until_complete(
did.create_and_store_my_did(sdk_wallet_trustee[0], "{}"))
new_network_monitor_did, new_network_monitor_verkey = looper.loop.run_until_complete(
did.create_and_store_my_did(sdk_wallet_steward[0], "{}"))
"""Adding new steward"""
sdk_add_new_nym(looper,
sdk_pool_handle,
sdk_wallet_trustee,
'newSteward',
STEWARD_STRING,
verkey=new_steward_verkey,
dest=new_steward_did)
"""Adding NETWORK_MONITOR role by first steward"""
op = {
'type': '1',
'dest': new_network_monitor_did,
'role': NETWORK_MONITOR,
'verkey': new_network_monitor_verkey
}
req = sdk_sign_and_submit_op(looper, sdk_pool_handle,
(sdk_wallet_handle, new_steward_did), op)
sdk_get_and_check_replies(looper, [req])
"""Check that get_validator_info command works for NETWORK_MONITOR role"""
sdk_get_validator_info(looper,
(sdk_wallet_handle, new_network_monitor_did),
sdk_pool_handle)
"""Blacklisting network_monitor by new steward"""
op = {'type': '1', 'dest': new_network_monitor_did, 'role': None}
if with_verkey:
op['verkey'] = new_network_monitor_verkey
req = sdk_sign_and_submit_op(looper, sdk_pool_handle,
(sdk_wallet_handle, new_steward_did), op)
if with_verkey:
with pytest.raises(RequestRejectedException):
sdk_get_and_check_replies(looper, [req])
else:
sdk_get_and_check_replies(looper, [req])
with pytest.raises(RequestRejectedException):
sdk_get_validator_info(
looper, (sdk_wallet_handle, new_network_monitor_did),
sdk_pool_handle)
def sign_submit_check(looper, sdk_pool_handle, signer, dest, action_id, op):
req = sdk_sign_and_submit_op(looper, sdk_pool_handle, signer.wallet_did, op)
if auth_check(action_id, signer, dest):
sdk_get_and_check_replies(looper, [req])
else:
with pytest.raises(RequestRejectedException) as excinfo:
sdk_get_and_check_replies(looper, [req])
excinfo.match('UnauthorizedClientRequest')
def do_edit_claim_def(self, wallet, tag, schema_json):
reply = sdk_send_claim_def(self.looper, self.sdk_pool_handle, wallet,
tag, schema_json)
req = reply[0][0]
req[OPERATION][DATA]['primary']['n'] = 'abc'
resp = sdk_sign_and_submit_op(self.looper,
self.sdk_pool_handle,
wallet,
op=req[OPERATION])
sdk_get_and_check_replies(self.looper, [resp])
def test_authentication(looper, pre_reqs, registration,
sdk_wallet_client,
sdk_pool_handle):
_, core_authnr, req_authnr = pre_reqs
# Remove simple_authnr
req_authnr._authenticators = req_authnr._authenticators[:-1]
# Exception for unknown txn type
op = {
TXN_TYPE: 'random_txn_type',
f.LEDGER_ID.nm: DOMAIN_LEDGER_ID,
DATA: 1
}
# Just creating the request
req = sdk_sign_and_submit_op(looper, sdk_pool_handle,
sdk_wallet_client, op)
with pytest.raises(NoAuthenticatorFound):
req_authnr.authenticate(req[0])
# Empty set for query txn type
op = {
TXN_TYPE: GET_TXN,
f.LEDGER_ID.nm: DOMAIN_LEDGER_ID,
DATA: 1
}
# Just creating the request
req = sdk_sign_and_submit_op(looper, sdk_pool_handle,
sdk_wallet_client, op)
assert set() == req_authnr.authenticate(req[0])
# identifier for write type
wh, did = sdk_wallet_client
req = new_client_request(None, randomString(), looper, sdk_wallet_client)
core_authnr.addIdr(did,
looper.loop.run_until_complete(key_for_did(sdk_pool_handle, wh, did)))
assert req_authnr.authenticate(json.loads(req)) == {did, }
def test_check_rule_for_edit_action_changing(looper, sdk_wallet_trustee,
sdk_wallet_steward,
sdk_pool_handle):
wh, _ = sdk_wallet_trustee
new_steward_did, new_steward_verkey = create_verkey_did(looper, wh)
"""Adding new steward for old auth rules"""
sdk_add_new_nym(looper,
sdk_pool_handle,
sdk_wallet_trustee,
'newSteward1',
STEWARD_STRING,
dest=new_steward_did,
verkey=new_steward_verkey)
constraint = AuthConstraint(role=STEWARD, sig_count=1)
"""Change role from steward to '' (blacklisting STEWARD) can only STEWARD"""
sdk_send_and_check_auth_rule_request(looper,
sdk_pool_handle,
sdk_wallet_trustee,
auth_action=EDIT_PREFIX,
auth_type=NYM,
field=ROLE,
new_value='',
old_value=STEWARD,
constraint=constraint.as_dict)
op = {'type': '1', 'dest': new_steward_did, 'role': None}
with pytest.raises(RequestRejectedException,
match="Not enough STEWARD signatures"):
"""Blacklisting new steward by TRUSTEE"""
req = sdk_sign_and_submit_op(looper, sdk_pool_handle,
sdk_wallet_trustee, op)
sdk_get_and_check_replies(looper, [req])
"""We change auth rules and for now only steward can add new steward"""
req = sdk_sign_and_submit_op(looper, sdk_pool_handle, sdk_wallet_steward,
op)
sdk_get_and_check_replies(looper, [req])
def test_auth_rule_transaction_for_edit(looper, txnPoolNodeSet,
sdk_wallet_trustee, sdk_wallet_steward,
sdk_pool_handle):
constraint = AuthConstraint(role=STEWARD,
sig_count=1,
need_to_be_owner=False)
req1 = build_auth_rule_request_json(looper,
sdk_wallet_trustee[1],
auth_action=ADD_PREFIX,
auth_type=CLAIM_DEF,
field='*',
new_value='*',
constraint=constraint.as_dict)
send_and_check(looper, sdk_pool_handle, req1, wallet=sdk_wallet_trustee)
constraint = AuthConstraint(role=TRUSTEE,
sig_count=1,
need_to_be_owner=False)
req2 = build_auth_rule_request_json(looper,
sdk_wallet_trustee[1],
auth_action=EDIT_PREFIX,
auth_type=CLAIM_DEF,
field='*',
old_value='*',
new_value='*',
constraint=constraint.as_dict)
send_and_check(looper, sdk_pool_handle, req2, wallet=sdk_wallet_trustee)
schema_json = get_schema_json(looper, sdk_pool_handle, sdk_wallet_trustee)
reply = sdk_send_claim_def(looper, sdk_pool_handle, sdk_wallet_steward,
'tag_1', schema_json)
req = reply[0][0]
req[OPERATION][DATA]['primary']['n'] = 'abc'
with pytest.raises(RequestRejectedException):
resp = sdk_sign_and_submit_op(looper,
sdk_pool_handle,
sdk_wallet_steward,
op=req[OPERATION])
sdk_get_and_check_replies(looper, [resp])
def create_new_did(looper, sdk_pool_handle, creator, role, skipverkey=False):
op = {
'type': NYM,
'role': role.value
}
new_did_verkey = None
if skipverkey:
new_did, _ = createHalfKeyIdentifierAndAbbrevVerkey()
op.update({'dest': new_did})
else:
new_did, new_did_verkey = looper.loop.run_until_complete(
create_and_store_my_did(creator.wallet_handle, "{}"))
op.update({'dest': new_did, 'verkey': new_did_verkey})
req = sdk_sign_and_submit_op(looper, sdk_pool_handle, creator.wallet_did, op)
sdk_get_and_check_replies(looper, [req])
return DIDWallet(did=new_did, role=role, verkey=new_did_verkey,
creator=creator, wallet_handle=creator.wallet_handle)
def test_steward_cannot_create_endorsers_after_demote(looper, sdk_pool_handle,
sdk_wallet_trustee,
sdk_wallet_handle):
new_steward_did, new_steward_verkey = looper.loop.run_until_complete(
did.create_and_store_my_did(sdk_wallet_trustee[0], "{}"))
new_ta_did, new_ta_verkey = looper.loop.run_until_complete(
did.create_and_store_my_did(sdk_wallet_trustee[0], "{}"))
new_ta_2_did, new_ta_2_verkey = looper.loop.run_until_complete(
did.create_and_store_my_did(sdk_wallet_trustee[0], "{}"))
"""Adding new steward"""
sdk_add_new_nym(looper,
sdk_pool_handle,
sdk_wallet_trustee,
'newSteward',
STEWARD_STRING,
verkey=new_steward_verkey,
dest=new_steward_did)
"""Adding new TA"""
sdk_add_new_nym(looper,
sdk_pool_handle, (sdk_wallet_handle, new_steward_did),
'newSteward',
ENDORSER_STRING,
verkey=new_ta_verkey,
dest=new_ta_did)
"""Blacklisting new steward by trustee"""
op = {'type': '1', 'dest': new_steward_did, 'role': None}
req = sdk_sign_and_submit_op(looper, sdk_pool_handle, sdk_wallet_trustee,
op)
sdk_get_and_check_replies(looper, [req])
"""Try to add new TA by previous demoted steward"""
with pytest.raises(RequestRejectedException):
sdk_add_new_nym(looper,
sdk_pool_handle, (sdk_wallet_handle, new_steward_did),
'newSteward',
ENDORSER_STRING,
verkey=new_ta_2_verkey,
dest=new_ta_2_did)
def sdk_suspend_role(looper, sdk_pool_handle, sdk_wallet_sender, susp_did):
op = {'type': '1',
'dest': susp_did,
'role': None}
req = sdk_sign_and_submit_op(looper, sdk_pool_handle, sdk_wallet_sender, op)
sdk_get_and_check_replies(looper, [req])
def sdk_suspend_role(looper, sdk_pool_handle, sdk_wallet_sender, susp_did):
op = {'type': '1', 'dest': susp_did, 'role': None}
req = sdk_sign_and_submit_op(looper, sdk_pool_handle, sdk_wallet_sender,
op)
sdk_get_and_check_replies(looper, [req])
def sdk_submit_operation_and_get_replies(looper, sdk_pool_handle, sdk_wallet_sender, operation):
req = sdk_sign_and_submit_op(looper, sdk_pool_handle, sdk_wallet_sender, operation)
return sdk_get_and_check_replies(looper, [req])
def sdk_submit_operation_and_get_result(looper, sdk_pool_handle, sdk_wallet_sender, operation):
req = sdk_sign_and_submit_op(looper, sdk_pool_handle, sdk_wallet_sender, operation)
replies = sdk_get_and_check_replies(looper, [req])
assert len(replies) == 1
return replies[0][1]['result']
