3

我正在尝试通过以下步骤在 Hyperledger Fabric 区块链上开发一个非常简单的示例: INIT:设置一个包含给定资产“A”金额的表,由帐号引用 INVOKE:目前,没有任何内容 QUERY:打印资产余额一个给定的帐户,如果您拥有该帐户,或者您具有允许您查看所有帐户的特定角色。

因此,在我的 membersrvc.yaml 中,我添加了成员​​和属性,如下所示:

    eca:
        affiliations:
           banks_and_institutions:
              banks:
                  - bank_a
                  - bank_b
                  - bank_c
        users:
                # Users for usecase1
                client1: 1 client1 bank_a
                client2: 1 client2 bank_b
                client3: 1 client3 bank_c
                back_office: 1 back_office bank_c
                regulator: 1 regulator bank_c

    aca:
              # User attributes for usercase1
              attribute-entry-1: client1;bank_a;role;client;2015-01-01T00:00:00-03:00;;
              attribute-entry-2: client1;bank_a;account;client1;2015-01-01T00:00:00-03:00;;
              attribute-entry-3: client2;bank_b;role;client;2015-01-01T00:00:00-03:00;;
              attribute-entry-4: client2;bank_b;account;client2;2015-01-01T00:00:00-03:00;;
              attribute-entry-5: client3;bank_c;role;client;2015-01-01T00:00:00-03:00;;
              attribute-entry-6: client3;bank_c;account;client3;2015-01-01T00:00:00-03:00;;
              attribute-entry-7: back_office;bank_c;role;back_office;2015-01-01T00:00:00-03:00;;
              attribute-entry-8: back_office;bank_c;account;back_office;2015-01-01T00:00:00-03:00;;
              attribute-entry-9: regulator;bank_c;role;regulator;2015-01-01T00:00:00-03:00;;
              attribute-entry-10: regulator;bank_c;account;regulator;2015-01-01T00:00:00-03:00;;

          address: localhost:7054
          server-name: acap
          enabled: true

但我的问题是:

如何在链码的查询功能中获取和检查这些信息?

我的意思是,启用安全性并由给定用户启动命令:

peer network login client1 -p client1

peer chaincode query -u client1 -n usecase1 -c '{"Function":"assets", "Args": ["some_username"]}'

能够获得 client1 角色和帐户并应用我的规则。

谢谢 !

4

1 回答 1

2

可以在此处找到如何使用属性的示例:

github.com/hyperledger/fabric/examples/chaincode/go/asset_management_with_roles

在 Query 中,您可以使用 shim 方法 ReadCertAttribute:

callerRole, err := stub.ReadCertAttribute("role")
if err != nil {
   fmt.Printf("Error reading attribute 'role' [%v] \n", err)
   return nil, fmt.Errorf("Failed fetching caller role. Error was [%v]", err)
}

请记住,属性名称应在 Deploy/Query/Invoke 命令中明确声明(“attributes”:[“role”,“account”]):

部署示例:

curl -XPOST -d  '{"jsonrpc": "2.0", "method": "deploy",  "params": {"type": 1,"chaincodeID": {"path": "github.com/PATH/TO/YOUR/CHAINCODE","language": "GOLANG"}, "ctorMsg": {"Function":"init",  "args": ["some_args"] },"secureContext": "client1", "attributes": ["role", "account"]},"id": 0}' http://localhost:7050/chaincode

查询示例:

curl -XPOST -d  '{"jsonrpc": "2.0", "method": "query", "params": {"type": 1, "chaincodeID": {"name": "!!CHAINCODE_ID!!"}, "ctorMsg": {"Function":"assets", "args": ["some_username"]}, "secureContext": "client1", "attributes": ["role", "account"]}, "id": 1}' http://localhost:7050/chaincode
于 2016-09-30T22:04:32.007 回答