Gate values
const (
GateAnd = "And"
GateOr = "Or"
GateOutOf = "OutOf"
)
Role values for principals
const (
RoleAdmin = "admin"
RoleMember = "member"
RoleClient = "client"
RolePeer = "peer"
RoleOrderer = "orderer"
)
AcceptAllPolicy always evaluates to true
var AcceptAllPolicy *cb.SignaturePolicyEnvelope
MarshaledAcceptAllPolicy is the Marshaled version of AcceptAllPolicy
var MarshaledAcceptAllPolicy []byte
MarshaledRejectAllPolicy is the Marshaled version of RejectAllPolicy
var MarshaledRejectAllPolicy []byte
RejectAllPolicy always evaluates to false
var RejectAllPolicy *cb.SignaturePolicyEnvelope
func And(lhs, rhs *cb.SignaturePolicy) *cb.SignaturePolicy
And is a convenience method which utilizes NOutOf to produce And equivalent behavior
func Envelope(policy *cb.SignaturePolicy, identities [][]byte) *cb.SignaturePolicyEnvelope
Envelope builds an envelope message embedding a SignaturePolicy
func FromString(policy string) (*common.SignaturePolicyEnvelope, error)
FromString takes a string representation of the policy, parses it and returns a SignaturePolicyEnvelope that implements that policy. The supported language is as follows:
GATE(P[, P])
where:
- GATE is either "and" or "or" - P is either a principal or another nested call to GATE
A principal is defined as:
where:
- ORG is a string (representing the MSP identifier) - ROLE takes the value of any of the RoleXXX constants representing the required role
func NOutOf(n int32, policies []*cb.SignaturePolicy) *cb.SignaturePolicy
NOutOf creates a policy which requires N out of the slice of policies to evaluate to true
func NewPolicyProvider(deserializer msp.IdentityDeserializer) policies.Provider
NewProviderImpl provides a policy generator for cauthdsl type policies
func Or(lhs, rhs *cb.SignaturePolicy) *cb.SignaturePolicy
Or is a convenience method which utilizes NOutOf to produce Or equivalent behavior
func SignedBy(index int32) *cb.SignaturePolicy
SignedBy creates a SignaturePolicy requiring a given signer's signature
func SignedByAnyAdmin(ids []string) *cb.SignaturePolicyEnvelope
SignedByAnyAdmin returns a policy that requires one valid signature from a admin of any of the orgs whose ids are listed in the supplied string array
func SignedByAnyClient(ids []string) *cb.SignaturePolicyEnvelope
SignedByAnyClient returns a policy that requires one valid signature from a client of any of the orgs whose ids are listed in the supplied string array
func SignedByAnyMember(ids []string) *cb.SignaturePolicyEnvelope
SignedByAnyMember returns a policy that requires one valid signature from a member of any of the orgs whose ids are listed in the supplied string array
func SignedByAnyPeer(ids []string) *cb.SignaturePolicyEnvelope
SignedByAnyPeer returns a policy that requires one valid signature from an orderer of any of the orgs whose ids are listed in the supplied string array
func SignedByMspAdmin(mspId string) *cb.SignaturePolicyEnvelope
SignedByMspAdmin creates a SignaturePolicyEnvelope requiring 1 signature from any admin of the specified MSP
func SignedByMspClient(mspId string) *cb.SignaturePolicyEnvelope
SignedByMspClient creates a SignaturePolicyEnvelope requiring 1 signature from any client of the specified MSP
func SignedByMspMember(mspId string) *cb.SignaturePolicyEnvelope
SignedByMspMember creates a SignaturePolicyEnvelope requiring 1 signature from any member of the specified MSP
func SignedByMspPeer(mspId string) *cb.SignaturePolicyEnvelope
SignedByMspPeer creates a SignaturePolicyEnvelope requiring 1 signature from any peer of the specified MSP
func SignedByNOutOfGivenIdentities(n int32, identities [][]byte) *cb.SignaturePolicyEnvelope
SignedByNOutOfGivenIdentities returns a policy that requires N valid signatures from the given identities.
EnvelopeBasedPolicyProvider allows to create a new policy from SignaturePolicyEnvelope struct instead of []byte
type EnvelopeBasedPolicyProvider struct {
Deserializer msp.IdentityDeserializer
}
func (pp *EnvelopeBasedPolicyProvider) NewPolicy(sigPolicy *cb.SignaturePolicyEnvelope) (policies.Policy, error)
NewPolicy creates a new policy from the policy envelope
type Identity interface {
// SatisfiesPrincipal checks whether this instance matches
// the description supplied in MSPPrincipal. The check may
// involve a byte-by-byte comparison (if the principal is
// a serialized identity) or may require MSP validation
SatisfiesPrincipal(principal *mspp.MSPPrincipal) error
// GetIdentifier returns the identifier of that identity
GetIdentifier() *msp.IdentityIdentifier
}
type IdentityAndSignature interface {
// Identity returns the identity associated to this instance
Identity() (Identity, error)
// Verify returns the validity status of this identity's signature over the message
Verify() error
}