def pres_def_req(pres_def_handler):
req = rich_schema_pres_def_request()
add_to_idr(pres_def_handler.database_manager.idr_cache, req.identifier,
TRUSTEE)
add_to_idr(pres_def_handler.database_manager.idr_cache, req.endorser,
ENDORSER)
return req
def test_dynamic_validation(
aml_request,
txn_author_agreement_aml_handler: TxnAuthorAgreementAmlHandler,
creator):
add_to_idr(txn_author_agreement_aml_handler.database_manager.idr_cache,
creator, TRUSTEE)
txn_author_agreement_aml_handler.dynamic_validation(aml_request)
def context_req(context_handler):
req = context_request()
add_to_idr(context_handler.database_manager.idr_cache, req.identifier,
TRUSTEE)
add_to_idr(context_handler.database_manager.idr_cache, req.endorser,
ENDORSER)
return req
def encoding_req(encoding_handler):
req = rich_schema_encoding_request()
add_to_idr(encoding_handler.database_manager.idr_cache, req.identifier,
TRUSTEE)
add_to_idr(encoding_handler.database_manager.idr_cache, req.endorser,
ENDORSER)
return req
def test_schema_dynamic_validation_failed_not_authorised(
schema_request, schema_handler):
schema_handler.write_req_validator.validate = get_exception(True)
add_to_idr(schema_handler.database_manager.idr_cache,
schema_request.identifier, None)
with pytest.raises(UnauthorizedClientRequest):
schema_handler.dynamic_validation(schema_request)
def test_dynamic_validation_without_permission(
taa_request, txn_author_agreement_handler: TxnAuthorAgreementHandler,
creator, set_aml):
add_to_idr(txn_author_agreement_handler.database_manager.idr_cache,
creator, STEWARD)
with pytest.raises(UnauthorizedClientRequest,
match="Not enough TRUSTEE signatures"):
txn_author_agreement_handler.dynamic_validation(taa_request, 0)
def test_revoc_reg_def_dynamic_validation_passes(revoc_reg_def_handler,
revoc_reg_def_request):
add_to_idr(revoc_reg_def_handler.database_manager.idr_cache,
revoc_reg_def_request.identifier, TRUSTEE)
cred_def_id = revoc_reg_def_request.operation.get(CRED_DEF_ID)
revoc_reg_def_handler.state.set(
cred_def_id.encode(), encode_state_value("value", "seqNo", "txnTime"))
revoc_reg_def_handler.dynamic_validation(revoc_reg_def_request)
def test_nym_dynamic_validation_for_new_nym(nym_request,
nym_handler: NymHandler, creator):
nym_handler.write_req_validator.validate = get_exception(False)
add_to_idr(nym_handler.database_manager.idr_cache, creator, STEWARD)
nym_handler.dynamic_validation(nym_request)
nym_handler.write_req_validator.validate = get_exception(True)
with pytest.raises(UnauthorizedClientRequest):
nym_handler.dynamic_validation(nym_request)
def test_dynamic_validation_for_existing(handler_and_request):
handler, request = handler_and_request
make_rich_schema_object_exist(handler, request)
add_to_idr(handler.database_manager.idr_cache, request.identifier, TRUSTEE)
add_to_idr(handler.database_manager.idr_cache, request.endorser, ENDORSER)
with pytest.raises(UnauthorizedClientRequest,
match=str(AuthConstraintForbidden())):
handler.dynamic_validation(request, 0)
def test_revoc_reg_def_dynamic_validation_without_permission(
revoc_reg_def_handler, revoc_reg_def_request):
add_to_idr(revoc_reg_def_handler.database_manager.idr_cache,
revoc_reg_def_request.identifier, None)
cred_def_id = revoc_reg_def_request.operation.get(CRED_DEF_ID)
revoc_reg_def_handler.state.set(
cred_def_id.encode(), encode_state_value("value", "seqNo", "txnTime"))
with pytest.raises(UnauthorizedClientRequest,
match="Not enough TRUSTEE signatures"):
revoc_reg_def_handler.dynamic_validation(revoc_reg_def_request)
def test_auth_rule_dynamic_validation(auth_rule_request,
auth_rule_handler: AuthRuleHandler,
creator):
auth_rule_handler.write_req_validator.validate = get_exception(False)
add_to_idr(auth_rule_handler.database_manager.idr_cache, creator, TRUSTEE)
auth_rule_handler.dynamic_validation(auth_rule_request)
auth_rule_handler.write_req_validator.validate = get_exception(True)
with pytest.raises(UnauthorizedClientRequest):
auth_rule_handler.dynamic_validation(auth_rule_request)
def test_revoc_reg_entry_dynamic_validation_passes(revoc_reg_entry_handler,
revoc_reg_entry_request):
add_to_idr(revoc_reg_entry_handler.database_manager.idr_cache,
revoc_reg_entry_request.identifier, TRUSTEE)
revoc_reg_entry_handler.state.set(
revoc_reg_entry_request.operation[REVOC_REG_DEF_ID].encode(),
encode_state_value({VALUE: {
ISSUANCE_TYPE: ISSUANCE_BY_DEFAULT
}}, "seqNo", "txnTime"))
revoc_reg_entry_handler.dynamic_validation(revoc_reg_entry_request, 0)
def test_dynamic_validation(taa_request,
txn_author_agreement_handler: TxnAuthorAgreementHandler,
creator,
set_aml):
txn_author_agreement_handler.write_req_validator.validate = get_exception(False)
add_to_idr(txn_author_agreement_handler.database_manager.idr_cache, creator, STEWARD)
txn_author_agreement_handler.dynamic_validation(taa_request)
txn_author_agreement_handler.write_req_validator.validate = get_exception(True)
with pytest.raises(UnauthorizedClientRequest):
txn_author_agreement_handler.dynamic_validation(taa_request)
def test_attrib_dynamic_validation_fails_not_owner(
attrib_request, attrib_handler: AttributeHandler):
add_to_idr(attrib_handler.database_manager.idr_cache,
attrib_request.operation['dest'], None)
def validate(request, action_list):
if not action_list[0].is_owner:
raise UnauthorizedClientRequest("identifier", "reqId")
attrib_handler.write_req_validator.validate = validate
with pytest.raises(UnauthorizedClientRequest):
attrib_handler.dynamic_validation(attrib_request)
def test_dynamic_validation_for_existing(handler_and_request):
handler, request = handler_and_request
make_rich_schema_object_exist(handler, request)
add_to_idr(handler.database_manager.idr_cache, request.identifier, TRUSTEE)
add_to_idr(handler.database_manager.idr_cache, request.endorser, ENDORSER)
# default auth rules allow editing of CredDef and PresDef by the owner
if isinstance(handler, RichSchemaCredDefHandler) or isinstance(
handler, RichSchemaPresDefHandler):
handler.dynamic_validation(request, 0)
else:
with pytest.raises(UnauthorizedClientRequest,
match=str(AuthConstraintForbidden())):
handler.dynamic_validation(request, 0)
def test_revoc_reg_entry_dynamic_validation_fail_in_strategy(
revoc_reg_entry_handler, revoc_reg_entry_request):
add_to_idr(revoc_reg_entry_handler.database_manager.idr_cache,
revoc_reg_entry_request.identifier, TRUSTEE)
revoc_reg_entry_handler.state.set(
revoc_reg_entry_request.operation[REVOC_REG_DEF_ID].encode(),
encode_state_value({VALUE: {
ISSUANCE_TYPE: ISSUANCE_BY_DEFAULT
}}, "seqNo", "txnTime"))
revoc_reg_entry_request.operation[VALUE] = {ISSUED: [1], REVOKED: [1]}
with pytest.raises(InvalidClientRequest,
match="Can not have an index in both "
"'issued' and 'revoked' lists"):
revoc_reg_entry_handler.dynamic_validation(revoc_reg_entry_request, 0)
def test_claim_def_dynamic_validation_without_permission(
claim_def_request, schema, claim_def_handler: ClaimDefHandler):
claim_def_handler.ledger.appendTxns([schema])
test_identifier = randomString()
idr = claim_def_handler.database_manager.idr_cache
add_to_idr(idr, test_identifier, "")
request = Request(identifier=test_identifier,
reqId=claim_def_request.reqId,
signature="sig",
operation=claim_def_request.operation)
with pytest.raises(UnauthorizedClientRequest,
match="Not enough .* signatures"):
claim_def_handler.dynamic_validation(request, 0)
def cred_def_req(rich_schema_handler, mapping_handler, rich_schema_req, mapping_req):
make_rich_schema_object_exist(rich_schema_handler, rich_schema_req)
make_rich_schema_object_exist(mapping_handler, mapping_req)
req = rich_schema_cred_def_request()
content = copy.deepcopy(json.loads(req.operation[RS_CONTENT]))
content[RS_CRED_DEF_SCHEMA] = rich_schema_req.operation[RS_ID]
content[RS_CRED_DEF_MAPPING] = mapping_req.operation[RS_ID]
req.operation[RS_CONTENT] = json.dumps(content)
add_to_idr(rich_schema_handler.database_manager.idr_cache, req.identifier, TRUSTEE)
add_to_idr(rich_schema_handler.database_manager.idr_cache, req.endorser, ENDORSER)
return req
def test_nym_dynamic_validation_for_existing_nym_fails_with_no_changes(
nym_handler: NymHandler, creator):
nym_request = Request(identifier=creator,
reqId=5,
operation={
'type': NYM,
'dest': randomString()
})
add_to_idr(nym_handler.database_manager.idr_cache,
nym_request.operation['dest'], None)
add_to_idr(nym_handler.database_manager.idr_cache, creator, STEWARD)
nym_handler.write_req_validator.validate = get_exception(True)
with pytest.raises(InvalidClientRequest):
nym_handler.dynamic_validation(nym_request, 0)
def test_claim_def_dynamic_validation_without_permission(claim_def_request, schema_request,
claim_def_handler: ClaimDefHandler):
claim_def_handler.write_request_validator.validate = get_exception(True)
schema = reqToTxn(schema_request)
claim_def_request.operation[REF] = get_seq_no(schema)
claim_def_handler.ledger.appendTxns([schema])
test_identifier = randomString()
idr = claim_def_handler.database_manager.idr_cache
add_to_idr(idr, test_identifier, "")
request = Request(identifier=test_identifier,
reqId=claim_def_request.reqId,
operation=claim_def_request.operation)
with pytest.raises(UnauthorizedClientRequest) as e:
claim_def_handler.dynamic_validation(request)
def mapping_req(rich_schema_handler, encoding_handler, rich_schema_req):
make_rich_schema_object_exist(rich_schema_handler, rich_schema_req)
make_rich_schema_object_exist(encoding_handler, TEST_ENCODING_1)
make_rich_schema_object_exist(encoding_handler, TEST_ENCODING_2)
make_rich_schema_object_exist(encoding_handler, TEST_ENCODING_3)
id = randomString()
content = copy.deepcopy(TEST_MAPPING)
content['@id'] = id
req = rs_req(RICH_SCHEMA_MAPPING, RS_MAPPING_TYPE_VALUE,
content=content, id=id)
add_to_idr(rich_schema_handler.database_manager.idr_cache, req.identifier, TRUSTEE)
add_to_idr(rich_schema_handler.database_manager.idr_cache, req.endorser, ENDORSER)
return req
def test_revoc_reg_entry_dynamic_validation_without_permission(
revoc_reg_entry_handler, revoc_reg_entry_request):
add_to_idr(revoc_reg_entry_handler.database_manager.idr_cache,
revoc_reg_entry_request.identifier, None)
revoc_reg_entry_handler.state.set(
revoc_reg_entry_request.operation[REVOC_REG_DEF_ID].encode(),
encode_state_value({VALUE: {
ISSUANCE_TYPE: ISSUANCE_BY_DEFAULT
}}, "seqNo", "txnTime"))
revoc_reg_entry_request.operation[VALUE] = {ISSUED: [1], REVOKED: [1]}
with pytest.raises(
UnauthorizedClientRequest,
match="1 TRUSTEE signature is required and needs to be owner OR "
"1 STEWARD signature is required and needs to be owner OR "
"1 ENDORSER signature is required and needs to be owner"):
revoc_reg_entry_handler.dynamic_validation(revoc_reg_entry_request, 0)
def test_dynamic_validation_for_existing_metadata(handler_and_request):
handler, request = handler_and_request
make_rich_schema_object_exist(handler, request)
add_to_idr(handler.database_manager.idr_cache, request.identifier, TRUSTEE)
add_to_idr(handler.database_manager.idr_cache, request.endorser, ENDORSER)
request.operation[RS_ID] = randomString()
request.operation[RS_CONTENT] = randomString()
request.reqId = random.randint(10, 1000000000)
with pytest.raises(
InvalidClientRequest,
match=
'An object with rsName="{}", rsVersion="{}" and rsType="{}" already exists. '
'Please choose different rsName, rsVersion or rsType'.format(
request.operation[RS_NAME], request.operation[RS_VERSION],
request.operation[RS_TYPE])):
handler.dynamic_validation(request, 0)
def test_revoc_reg_def_dynamic_validation_fails_no_cred_def(
revoc_reg_def_handler, revoc_reg_def_request):
add_to_idr(revoc_reg_def_handler.database_manager.idr_cache,
revoc_reg_def_request.identifier, TRUSTEE)
operation = revoc_reg_def_request.operation
cred_def_id = operation.get(CRED_DEF_ID)
revoc_def_type = operation.get(REVOC_TYPE)
revoc_def_tag = operation.get(TAG)
assert cred_def_id
assert revoc_def_tag
assert revoc_def_type
revoc_def_id = RevocRegDefHandler.make_state_path_for_revoc_def(
revoc_reg_def_request.identifier, cred_def_id, revoc_def_type,
revoc_def_tag)
revoc_reg_def_handler.state.set(revoc_def_id, "{}")
with pytest.raises(InvalidClientRequest,
match="There is no any CRED_DEF by path"):
revoc_reg_def_handler.dynamic_validation(revoc_reg_def_request)
def test_schema_dynamic_validation_passes(schema_request, schema_handler):
add_to_idr(schema_handler.database_manager.idr_cache,
schema_request.identifier, TRUSTEE)
schema_handler.dynamic_validation(schema_request)
def test_auth_rule_dynamic_validation(auth_rules_request,
auth_rules_handler: AuthRulesHandler,
creator):
add_to_idr(auth_rules_handler.database_manager.idr_cache, creator, TRUSTEE)
def creator(db_manager):
identifier = randomString()
idr = db_manager.idr_cache
add_to_idr(idr, identifier, None)
return identifier
def test_context_dynamic_validation_failed_not_authorised(
context_request, context_handler):
add_to_idr(context_handler.database_manager.idr_cache,
context_request.identifier, None)
with pytest.raises(UnauthorizedClientRequest):
context_handler.dynamic_validation(context_request)
def test_schema_dynamic_validation_passes(schema_request, schema_handler):
schema_handler.write_req_validator.validate = get_exception(False)
add_to_idr(schema_handler.database_manager.idr_cache,
schema_request.identifier, TRUSTEE)
schema_handler.dynamic_validation(schema_request)
def test_schema_dynamic_validation_passes(context_request, context_handler):
add_to_idr(context_handler.database_manager.idr_cache,
context_request.identifier, TRUSTEE)
context_handler.dynamic_validation(context_request)
