def test_reject_all_rules_from_auth_rules_txn(looper, sdk_wallet_trustee,
sdk_pool_handle):
_, before_resp = sdk_send_and_check_get_auth_rule_request(
looper, sdk_pool_handle, sdk_wallet_trustee)[0]
rules = [
generate_auth_rule(ADD_PREFIX, NYM, ROLE, "wrong_new_value"),
generate_auth_rule(EDIT_PREFIX, NYM, ROLE, TRUST_ANCHOR, TRUSTEE)
]
with pytest.raises(RequestNackedException):
sdk_send_and_check_auth_rules_request(looper,
sdk_pool_handle,
sdk_wallet_trustee,
rules=rules)
_, after_resp = sdk_send_and_check_get_auth_rule_request(
looper, sdk_pool_handle, sdk_wallet_trustee)[0]
assert before_resp["result"][DATA] == after_resp["result"][DATA]
def test_reqnack_auth_rules_transaction_with_wrong_key(looper,
sdk_wallet_trustee,
sdk_pool_handle):
with pytest.raises(RequestNackedException) as e:
sdk_send_and_check_auth_rules_request(
looper, sdk_pool_handle, sdk_wallet_trustee,
[generate_auth_rule(auth_type="*")])
e.match("InvalidClientRequest")
e.match("is not found in authorization map")
def generate_auth_rule_operation(auth_action=ADD_PREFIX,
auth_type=NYM,
field=ROLE,
new_value=ENDORSER,
old_value=None,
constraint=None):
op = generate_auth_rule(auth_action, auth_type, field, new_value,
old_value, constraint)
op[TXN_TYPE] = AUTH_RULE
return op
def sdk_send_and_check_auth_rules_request_invalid(looper,
sdk_pool_handle,
sdk_wallet_trustee,
rules=None,
no_wait=False):
if rules is None:
rules = [
generate_auth_rule(ADD_PREFIX, NYM, ROLE, ENDORSER),
generate_auth_rule(EDIT_PREFIX, NYM, ROLE, ENDORSER, TRUSTEE)
]
op = {RULES: rules, TXN_TYPE: AUTH_RULES}
req_obj = sdk_gen_request(op, identifier=sdk_wallet_trustee[1])
req = sdk_sign_and_submit_req_obj(looper, sdk_pool_handle,
sdk_wallet_trustee, req_obj)
if no_wait:
return req
resp = sdk_get_and_check_replies(looper, [req])
return resp
def test_reqnack_auth_rules_add_transaction_with_wrong_format(
looper, sdk_wallet_trustee, sdk_pool_handle):
with pytest.raises(RequestNackedException) as e:
sdk_send_and_check_auth_rules_request_invalid(
looper, sdk_pool_handle, sdk_wallet_trustee,
[generate_auth_rule(old_value="*")])
e.match("InvalidClientRequest")
e.match("Transaction for change authentication "
"rule for {}={} must not contain field {}".format(
AUTH_ACTION, ADD_PREFIX, OLD_VALUE))
def test_auth_rules_transaction(looper, sdk_wallet_trustee, sdk_pool_handle):
rule = generate_auth_rule()
key = dict(rule)
key.pop(CONSTRAINT)
sdk_send_and_check_auth_rules_request(looper,
sdk_pool_handle,
sdk_wallet_trustee,
rules=[rule])
after_resp = _send_and_check_get_auth_rule(looper, sdk_pool_handle,
sdk_wallet_trustee, key)
assert [rule] == after_resp[0][1]["result"][DATA]
def test_reject_with_unacceptable_role_in_constraint(looper,
sdk_wallet_trustee,
sdk_pool_handle):
rule = generate_auth_rule()
unacceptable_role = 'olololo'
rule[CONSTRAINT][ROLE] = unacceptable_role
with pytest.raises(RequestNackedException) as e:
sdk_send_and_check_auth_rules_request(looper,
sdk_pool_handle,
sdk_wallet_trustee,
rules=[rule])
e.match('client request invalid')
e.match('Role {} is not acceptable'.format(unacceptable_role))
def test_reqnack_auth_rules_edit_transaction_with_wrong_format(
looper, sdk_wallet_trustee, sdk_pool_handle):
rule = generate_auth_rule(auth_action=EDIT_PREFIX)
rule.pop(OLD_VALUE)
with pytest.raises(RequestNackedException) as e:
sdk_send_and_check_auth_rules_request_invalid(looper,
sdk_pool_handle,
sdk_wallet_trustee,
rules=[rule])
e.match("InvalidClientRequest")
e.match("Transaction for change authentication "
"rule for {}={} must contain field {}".format(
AUTH_ACTION, EDIT_PREFIX, OLD_VALUE))
def get_changed_auth_rules(self):
constraint = AuthConstraint(role=None,
sig_count=1,
need_to_be_owner=False)
rules = [
generate_auth_rule(auth_action=EDIT_PREFIX,
auth_type=AUTH_RULES,
field='*',
old_value='*',
new_value='*',
constraint=constraint.as_dict)
]
operation = {RULES: rules, TXN_TYPE: AUTH_RULES}
request = sdk_gen_request(operation, identifier=self.trustee_wallet[1])
return json.dumps(request.as_dict)
def get_default_auth_rules(self):
action = AuthActionEdit(txn_type=AUTH_RULES,
field='*',
old_value='*',
new_value='*')
constraint = auth_map.auth_map.get(action.get_action_id())
rules = [
generate_auth_rule(auth_action=EDIT_PREFIX,
auth_type=AUTH_RULES,
field='*',
old_value='*',
new_value='*',
constraint=constraint.as_dict)
]
operation = {RULES: rules, TXN_TYPE: AUTH_RULES}
request = sdk_gen_request(operation,
identifier=self.new_default_wallet[1])
return json.dumps(request.as_dict)
