From a733c75989ecac4c5a760ba251bdddc9378a9890 Mon Sep 17 00:00:00 2001 From: huanghaiquan Date: Wed, 18 Sep 2019 18:47:22 +0800 Subject: [PATCH] Improved test cases of RolesAuthorizationTest; --- .../ledger/core/LedgerAdminDataset.java | 4 +- .../core/LedgerSecurityManagerImpl.java | 6 +- .../core/TransactionBatchProcessor.java | 4 +- .../ledger/core/UserRoleDataset.java | 4 +- .../handles/UserAuthorizeOperationHandle.java | 4 +- .../ledger/core/LedgerAdminDatasetTest.java | 14 +- .../ledger/LedgerAdminSettings.java | 2 +- ...gs.java => UserAuthorizationSettings.java} | 2 +- .../transaction/UserAuthorizeOpTemplate.java | 14 +- .../test/ledger/RolesAuthorizationTest.java | 120 +++++++++++++++++- 10 files changed, 140 insertions(+), 34 deletions(-) rename source/ledger/ledger-model/src/main/java/com/jd/blockchain/ledger/{UserRolesSettings.java => UserAuthorizationSettings.java} (97%) diff --git a/source/ledger/ledger-core/src/main/java/com/jd/blockchain/ledger/core/LedgerAdminDataset.java b/source/ledger/ledger-core/src/main/java/com/jd/blockchain/ledger/core/LedgerAdminDataset.java index f7cf951c..dfd06a1e 100644 --- a/source/ledger/ledger-core/src/main/java/com/jd/blockchain/ledger/core/LedgerAdminDataset.java +++ b/source/ledger/ledger-core/src/main/java/com/jd/blockchain/ledger/core/LedgerAdminDataset.java @@ -16,7 +16,7 @@ import com.jd.blockchain.ledger.LedgerMetadata_V2; import com.jd.blockchain.ledger.LedgerSettings; import com.jd.blockchain.ledger.ParticipantNode; import com.jd.blockchain.ledger.RolePrivilegeSettings; -import com.jd.blockchain.ledger.UserRolesSettings; +import com.jd.blockchain.ledger.UserAuthorizationSettings; import com.jd.blockchain.storage.service.ExPolicyKVStorage; import com.jd.blockchain.storage.service.ExPolicyKVStorage.ExPolicy; import com.jd.blockchain.storage.service.VersioningKVStorage; @@ -105,7 +105,7 @@ public class LedgerAdminDataset implements Transactional, LedgerAdminDataQuery, } @Override - public UserRolesSettings getUserRoles() { + public UserAuthorizationSettings getAuthorizations() { return userRoles; } diff --git a/source/ledger/ledger-core/src/main/java/com/jd/blockchain/ledger/core/LedgerSecurityManagerImpl.java b/source/ledger/ledger-core/src/main/java/com/jd/blockchain/ledger/core/LedgerSecurityManagerImpl.java index e0987732..56daa556 100644 --- a/source/ledger/ledger-core/src/main/java/com/jd/blockchain/ledger/core/LedgerSecurityManagerImpl.java +++ b/source/ledger/ledger-core/src/main/java/com/jd/blockchain/ledger/core/LedgerSecurityManagerImpl.java @@ -17,7 +17,7 @@ import com.jd.blockchain.ledger.RolesPolicy; import com.jd.blockchain.ledger.TransactionPermission; import com.jd.blockchain.ledger.UserDoesNotExistException; import com.jd.blockchain.ledger.UserRoles; -import com.jd.blockchain.ledger.UserRolesSettings; +import com.jd.blockchain.ledger.UserAuthorizationSettings; import com.jd.blockchain.utils.Bytes; /** @@ -30,7 +30,7 @@ public class LedgerSecurityManagerImpl implements LedgerSecurityManager { private RolePrivilegeSettings rolePrivilegeSettings; - private UserRolesSettings userRolesSettings; + private UserAuthorizationSettings userRolesSettings; // 用户的权限配置 private Map userPrivilegesCache = new ConcurrentHashMap<>(); @@ -41,7 +41,7 @@ public class LedgerSecurityManagerImpl implements LedgerSecurityManager { private ParticipantDataQuery participantsQuery; private UserAccountQuery userAccountsQuery; - public LedgerSecurityManagerImpl(RolePrivilegeSettings rolePrivilegeSettings, UserRolesSettings userRolesSettings, + public LedgerSecurityManagerImpl(RolePrivilegeSettings rolePrivilegeSettings, UserAuthorizationSettings userRolesSettings, ParticipantDataQuery participantsQuery, UserAccountQuery userAccountsQuery) { this.rolePrivilegeSettings = rolePrivilegeSettings; this.userRolesSettings = userRolesSettings; diff --git a/source/ledger/ledger-core/src/main/java/com/jd/blockchain/ledger/core/TransactionBatchProcessor.java b/source/ledger/ledger-core/src/main/java/com/jd/blockchain/ledger/core/TransactionBatchProcessor.java index a6982585..82b0e6be 100644 --- a/source/ledger/ledger-core/src/main/java/com/jd/blockchain/ledger/core/TransactionBatchProcessor.java +++ b/source/ledger/ledger-core/src/main/java/com/jd/blockchain/ledger/core/TransactionBatchProcessor.java @@ -82,7 +82,7 @@ public class TransactionBatchProcessor implements TransactionBatchProcess { LedgerDataQuery ledgerDataQuery = ledgerRepo.getDataSet(ledgerBlock); LedgerAdminDataQuery previousAdminDataset = ledgerDataQuery.getAdminDataset(); this.securityManager = new LedgerSecurityManagerImpl(previousAdminDataset.getAdminInfo().getRolePrivileges(), - previousAdminDataset.getAdminInfo().getUserRoles(), previousAdminDataset.getParticipantDataset(), + previousAdminDataset.getAdminInfo().getAuthorizations(), previousAdminDataset.getParticipantDataset(), ledgerDataQuery.getUserAccountSet()); this.newBlockEditor = ledgerRepo.createNextBlock(); @@ -98,7 +98,7 @@ public class TransactionBatchProcessor implements TransactionBatchProcess { LedgerAdminDataQuery previousAdminDataset = previousBlockDataset.getAdminDataset(); LedgerSecurityManager securityManager = new LedgerSecurityManagerImpl( previousAdminDataset.getAdminInfo().getRolePrivileges(), - previousAdminDataset.getAdminInfo().getUserRoles(), previousAdminDataset.getParticipantDataset(), + previousAdminDataset.getAdminInfo().getAuthorizations(), previousAdminDataset.getParticipantDataset(), previousBlockDataset.getUserAccountSet()); TransactionBatchProcessor processor = new TransactionBatchProcessor(securityManager, newBlockEditor, ledgerRepo, diff --git a/source/ledger/ledger-core/src/main/java/com/jd/blockchain/ledger/core/UserRoleDataset.java b/source/ledger/ledger-core/src/main/java/com/jd/blockchain/ledger/core/UserRoleDataset.java index 2f4eb514..25ecd85a 100644 --- a/source/ledger/ledger-core/src/main/java/com/jd/blockchain/ledger/core/UserRoleDataset.java +++ b/source/ledger/ledger-core/src/main/java/com/jd/blockchain/ledger/core/UserRoleDataset.java @@ -11,7 +11,7 @@ import com.jd.blockchain.ledger.MerkleProof; import com.jd.blockchain.ledger.RoleSet; import com.jd.blockchain.ledger.RolesPolicy; import com.jd.blockchain.ledger.UserRoles; -import com.jd.blockchain.ledger.UserRolesSettings; +import com.jd.blockchain.ledger.UserAuthorizationSettings; import com.jd.blockchain.storage.service.ExPolicyKVStorage; import com.jd.blockchain.storage.service.VersioningKVEntry; import com.jd.blockchain.storage.service.VersioningKVStorage; @@ -24,7 +24,7 @@ import com.jd.blockchain.utils.Transactional; * @author huanghaiquan * */ -public class UserRoleDataset implements Transactional, MerkleProvable, UserRolesSettings { +public class UserRoleDataset implements Transactional, MerkleProvable, UserAuthorizationSettings { private MerkleDataSet dataset; diff --git a/source/ledger/ledger-core/src/main/java/com/jd/blockchain/ledger/core/handles/UserAuthorizeOperationHandle.java b/source/ledger/ledger-core/src/main/java/com/jd/blockchain/ledger/core/handles/UserAuthorizeOperationHandle.java index 8a50808d..295cb0fb 100644 --- a/source/ledger/ledger-core/src/main/java/com/jd/blockchain/ledger/core/handles/UserAuthorizeOperationHandle.java +++ b/source/ledger/ledger-core/src/main/java/com/jd/blockchain/ledger/core/handles/UserAuthorizeOperationHandle.java @@ -9,7 +9,7 @@ import com.jd.blockchain.ledger.RolesPolicy; import com.jd.blockchain.ledger.UserAuthorizeOperation; import com.jd.blockchain.ledger.UserAuthorizeOperation.UserRolesEntry; import com.jd.blockchain.ledger.UserRoles; -import com.jd.blockchain.ledger.UserRolesSettings; +import com.jd.blockchain.ledger.UserAuthorizationSettings; import com.jd.blockchain.ledger.core.LedgerDataset; import com.jd.blockchain.ledger.core.LedgerQuery; import com.jd.blockchain.ledger.core.MultiIDsPolicy; @@ -36,7 +36,7 @@ public class UserAuthorizeOperationHandle extends AbstractLedgerOperationHandle< // 操作账本; UserRolesEntry[] urcfgs = operation.getUserRolesAuthorizations(); - UserRolesSettings urSettings = newBlockDataset.getAdminDataset().getUserRoles(); + UserAuthorizationSettings urSettings = newBlockDataset.getAdminDataset().getAuthorizations(); RolePrivilegeSettings rolesSettings = newBlockDataset.getAdminDataset().getRolePrivileges(); if (urcfgs != null) { for (UserRolesEntry urcfg : urcfgs) { diff --git a/source/ledger/ledger-core/src/test/java/test/com/jd/blockchain/ledger/core/LedgerAdminDatasetTest.java b/source/ledger/ledger-core/src/test/java/test/com/jd/blockchain/ledger/core/LedgerAdminDatasetTest.java index 684d720a..e7fd2c27 100644 --- a/source/ledger/ledger-core/src/test/java/test/com/jd/blockchain/ledger/core/LedgerAdminDatasetTest.java +++ b/source/ledger/ledger-core/src/test/java/test/com/jd/blockchain/ledger/core/LedgerAdminDatasetTest.java @@ -33,7 +33,7 @@ import com.jd.blockchain.ledger.RolePrivileges; import com.jd.blockchain.ledger.RolesPolicy; import com.jd.blockchain.ledger.TransactionPermission; import com.jd.blockchain.ledger.UserRoles; -import com.jd.blockchain.ledger.UserRolesSettings; +import com.jd.blockchain.ledger.UserAuthorizationSettings; import com.jd.blockchain.ledger.core.CryptoConfig; import com.jd.blockchain.ledger.core.LedgerAdminDataset; import com.jd.blockchain.ledger.core.LedgerConfiguration; @@ -100,7 +100,7 @@ public class LedgerAdminDatasetTest { new TransactionPermission[] { TransactionPermission.DIRECT_OPERATION, TransactionPermission.CONTRACT_OPERATION }); - ledgerAdminDataset.getUserRoles().addUserRoles(parties[0].getAddress(), RolesPolicy.UNION, "DEFAULT"); + ledgerAdminDataset.getAuthorizations().addUserRoles(parties[0].getAddress(), RolesPolicy.UNION, "DEFAULT"); // New created instance is updated until being committed; assertTrue(ledgerAdminDataset.isUpdated()); @@ -148,7 +148,7 @@ public class LedgerAdminDatasetTest { verifyReadonlyState(reloadAdminAccount1); verifyRealoadingRoleAuthorizations(reloadAdminAccount1, ledgerAdminDataset.getRolePrivileges(), - ledgerAdminDataset.getUserRoles()); + ledgerAdminDataset.getAuthorizations()); // -------------- // 重新加载,并进行修改; @@ -168,7 +168,7 @@ public class LedgerAdminDatasetTest { reloadAdminAccount2.getRolePrivileges().disablePermissions("DEFAULT", TransactionPermission.CONTRACT_OPERATION); - reloadAdminAccount2.getUserRoles().addUserRoles(parties[1].getAddress(), RolesPolicy.UNION, "DEFAULT", "ADMIN"); + reloadAdminAccount2.getAuthorizations().addUserRoles(parties[1].getAddress(), RolesPolicy.UNION, "DEFAULT", "ADMIN"); reloadAdminAccount2.commit(); @@ -228,7 +228,7 @@ public class LedgerAdminDatasetTest { } private void verifyRealoadingRoleAuthorizations(LedgerAdminSettings actualAccount, - RolePrivilegeSettings expRolePrivilegeSettings, UserRolesSettings expUserRoleSettings) { + RolePrivilegeSettings expRolePrivilegeSettings, UserAuthorizationSettings expUserRoleSettings) { // 验证基本信息; RolePrivilegeSettings actualRolePrivileges = actualAccount.getRolePrivileges(); RolePrivileges[] expRPs = expRolePrivilegeSettings.getRolePrivileges(); @@ -242,12 +242,12 @@ public class LedgerAdminDatasetTest { assertArrayEquals(expRP.getTransactionPrivilege().toBytes(), actualRP.getTransactionPrivilege().toBytes()); } - UserRolesSettings actualUserRoleSettings = actualAccount.getUserRoles(); + UserAuthorizationSettings actualUserRoleSettings = actualAccount.getAuthorizations(); UserRoles[] expUserRoles = expUserRoleSettings.getUserRoles(); assertEquals(expUserRoles.length, actualUserRoleSettings.getUserCount()); for (UserRoles expUR : expUserRoles) { - UserRoles actualUR = actualAccount.getUserRoles().getUserRoles(expUR.getUserAddress()); + UserRoles actualUR = actualAccount.getAuthorizations().getUserRoles(expUR.getUserAddress()); assertNotNull(actualUR); assertEquals(expUR.getPolicy(), actualUR.getPolicy()); String[] expRoles = expUR.getRoles(); diff --git a/source/ledger/ledger-model/src/main/java/com/jd/blockchain/ledger/LedgerAdminSettings.java b/source/ledger/ledger-model/src/main/java/com/jd/blockchain/ledger/LedgerAdminSettings.java index 1c8cc9ff..2f4420fe 100644 --- a/source/ledger/ledger-model/src/main/java/com/jd/blockchain/ledger/LedgerAdminSettings.java +++ b/source/ledger/ledger-model/src/main/java/com/jd/blockchain/ledger/LedgerAdminSettings.java @@ -2,7 +2,7 @@ package com.jd.blockchain.ledger; public interface LedgerAdminSettings extends LedgerAdminInfo { - UserRolesSettings getUserRoles(); + UserAuthorizationSettings getAuthorizations(); RolePrivilegeSettings getRolePrivileges(); } diff --git a/source/ledger/ledger-model/src/main/java/com/jd/blockchain/ledger/UserRolesSettings.java b/source/ledger/ledger-model/src/main/java/com/jd/blockchain/ledger/UserAuthorizationSettings.java similarity index 97% rename from source/ledger/ledger-model/src/main/java/com/jd/blockchain/ledger/UserRolesSettings.java rename to source/ledger/ledger-model/src/main/java/com/jd/blockchain/ledger/UserAuthorizationSettings.java index af822b82..95e8755e 100644 --- a/source/ledger/ledger-model/src/main/java/com/jd/blockchain/ledger/UserRolesSettings.java +++ b/source/ledger/ledger-model/src/main/java/com/jd/blockchain/ledger/UserAuthorizationSettings.java @@ -4,7 +4,7 @@ import java.util.Collection; import com.jd.blockchain.utils.Bytes; -public interface UserRolesSettings { +public interface UserAuthorizationSettings { /** * 单一用户可被授权的角色数量的最大值; diff --git a/source/ledger/ledger-model/src/main/java/com/jd/blockchain/transaction/UserAuthorizeOpTemplate.java b/source/ledger/ledger-model/src/main/java/com/jd/blockchain/transaction/UserAuthorizeOpTemplate.java index 2575fdd5..ca66a6d9 100644 --- a/source/ledger/ledger-model/src/main/java/com/jd/blockchain/transaction/UserAuthorizeOpTemplate.java +++ b/source/ledger/ledger-model/src/main/java/com/jd/blockchain/transaction/UserAuthorizeOpTemplate.java @@ -22,8 +22,8 @@ public class UserAuthorizeOpTemplate implements UserAuthorizer, UserAuthorizeOpe DataContractRegistry.register(UserRolesEntry.class); } - private Set userAuthMap = Collections - .synchronizedSet(new LinkedHashSet()); + private Set userAuthMap = Collections + .synchronizedSet(new LinkedHashSet()); public UserAuthorizeOpTemplate() { } @@ -32,8 +32,8 @@ public class UserAuthorizeOpTemplate implements UserAuthorizer, UserAuthorizeOpe } @Override - public UserRolesAuthorization[] getUserRolesAuthorizations() { - return ArrayUtils.toArray(userAuthMap, UserRolesAuthorization.class); + public AuthorizationDataEntry[] getUserRolesAuthorizations() { + return ArrayUtils.toArray(userAuthMap, AuthorizationDataEntry.class); } @Override @@ -43,7 +43,7 @@ public class UserAuthorizeOpTemplate implements UserAuthorizer, UserAuthorizeOpe @Override public UserRolesAuthorizer forUser(Bytes... userAddresses) { - UserRolesAuthorization userRolesAuth = new UserRolesAuthorization(userAddresses); + AuthorizationDataEntry userRolesAuth = new AuthorizationDataEntry(userAddresses); userAuthMap.add(userRolesAuth); return userRolesAuth; } @@ -54,7 +54,7 @@ public class UserAuthorizeOpTemplate implements UserAuthorizer, UserAuthorizeOpe return forUser(addresses); } - private class UserRolesAuthorization implements UserRolesAuthorizer, UserRolesEntry { + private class AuthorizationDataEntry implements UserRolesAuthorizer, UserRolesEntry { private Bytes[] userAddress; @@ -63,7 +63,7 @@ public class UserAuthorizeOpTemplate implements UserAuthorizer, UserAuthorizeOpe private Set authRoles = new LinkedHashSet(); private Set unauthRoles = new LinkedHashSet(); - private UserRolesAuthorization(Bytes[] userAddress) { + private AuthorizationDataEntry(Bytes[] userAddress) { this.userAddress = userAddress; } diff --git a/source/test/test-ledger/src/test/java/test/com/jd/blockchain/test/ledger/RolesAuthorizationTest.java b/source/test/test-ledger/src/test/java/test/com/jd/blockchain/test/ledger/RolesAuthorizationTest.java index 0e015086..8402a07a 100644 --- a/source/test/test-ledger/src/test/java/test/com/jd/blockchain/test/ledger/RolesAuthorizationTest.java +++ b/source/test/test-ledger/src/test/java/test/com/jd/blockchain/test/ledger/RolesAuthorizationTest.java @@ -9,6 +9,7 @@ import java.io.IOException; import java.io.InputStream; import java.util.Arrays; import java.util.HashSet; +import java.util.Iterator; import java.util.Set; import org.junit.Test; @@ -36,9 +37,12 @@ import com.jd.blockchain.ledger.TransactionBuilder; import com.jd.blockchain.ledger.TransactionPermission; import com.jd.blockchain.ledger.TransactionRequest; import com.jd.blockchain.ledger.TransactionRequestBuilder; +import com.jd.blockchain.ledger.TransactionResponse; +import com.jd.blockchain.ledger.TransactionState; import com.jd.blockchain.ledger.UserAuthorizeOperation; import com.jd.blockchain.ledger.UserRegisterOperation; import com.jd.blockchain.ledger.UserRoles; +import com.jd.blockchain.ledger.core.DataAccount; import com.jd.blockchain.ledger.core.DefaultOperationHandleRegisteration; import com.jd.blockchain.ledger.core.LedgerInitializer; import com.jd.blockchain.ledger.core.LedgerManager; @@ -46,6 +50,7 @@ import com.jd.blockchain.ledger.core.LedgerQuery; import com.jd.blockchain.ledger.core.LedgerRepository; import com.jd.blockchain.ledger.core.OperationHandleRegisteration; import com.jd.blockchain.ledger.core.TransactionBatchProcessor; +import com.jd.blockchain.ledger.core.UserAccount; import com.jd.blockchain.service.TransactionBatchResult; import com.jd.blockchain.service.TransactionBatchResultHandle; import com.jd.blockchain.storage.service.KVStorageService; @@ -79,6 +84,8 @@ public class RolesAuthorizationTest { private static final BlockchainKeypair DEFAULT_USER; private static final BlockchainKeypair GUEST_USER; + // 预置的新普通用户; + private static final BlockchainKeypair NEW_USER = BlockchainKeyGenerator.getInstance().generate(); // 预置的数据账户; private static final BlockchainIdentity DATA_ACCOUNT_ID = BlockchainKeyGenerator.getInstance().generate() .getIdentity(); @@ -107,24 +114,123 @@ public class RolesAuthorizationTest { public void test() { MemoryKVStorage storage = new MemoryKVStorage(); LedgerBlock genesisBlock = initLedger(storage); + final HashDigest ledgerHash = genesisBlock.getHash(); LedgerManager ledgerManager = new LedgerManager(); - LedgerRepository ledger = ledgerManager.register(genesisBlock.getHash(), storage); + LedgerRepository ledger = ledgerManager.register(ledgerHash, storage); // 验证角色和用户的权限配置; assertUserRolesPermissions(ledger); - // 预置数据; - TransactionRequest tx = buildRequest(ledger.getHash(), ADMIN_USER, ADMIN_USER, new TransactionDefiner() { + // 预置数据:准备一个新用户和数据账户; + TransactionRequest predefinedTx = buildRequest(ledger.getHash(), ADMIN_USER, ADMIN_USER, + new TransactionDefiner() { + @Override + public void define(TransactionBuilder txBuilder) { + txBuilder.security().roles().configure("NORMAL").enable(LedgerPermission.REGISTER_DATA_ACCOUNT) + .disable(LedgerPermission.REGISTER_USER) + .enable(TransactionPermission.CONTRACT_OPERATION); + + txBuilder.users().register(NEW_USER.getIdentity()); + + txBuilder.security().authorziations().forUser(NEW_USER.getAddress()).authorize("NORMAL"); + + txBuilder.dataAccounts().register(DATA_ACCOUNT_ID); + } + }); + + TransactionBatchResult procResult = executeTransactions(ledger, predefinedTx); + + //断言预定义数据的交易和区块成功; + assertBlock(1, procResult); + assertTransactionAllSuccess(procResult); + + //断言预定义的数据符合预期; + assertPredefineData(ledgerHash, storage); + + // 用不具备“注册用户”权限的用户,注册另一个新用户,预期交易失败; + BlockchainKeypair tempUser = BlockchainKeyGenerator.getInstance().generate(); + TransactionRequest tx = buildRequest(ledger.getHash(), NEW_USER, ADMIN_USER, new TransactionDefiner() { @Override public void define(TransactionBuilder txBuilder) { - txBuilder.dataAccounts().register(DATA_ACCOUNT_ID); + txBuilder.users().register(tempUser.getIdentity()); } }); - TransactionBatchResult procResult = executeTransactions(ledger, tx); - assertEquals(1, procResult.getBlock().getHeight()); + procResult = executeTransactions(ledger, tx); + assertBlock(2, procResult); + + assertTransactionAllFail(procResult, TransactionState.REJECTED_BY_SECURITY_POLICY); + } + + /** + * 断言区块高度; + * + * @param blockHeight + * @param procResult + */ + private void assertBlock(long blockHeight, TransactionBatchResult procResult) { + assertEquals(blockHeight, procResult.getBlock().getHeight()); + } + /** + * 断言全部交易结果都是成功的; + * + * @param procResult + */ + private void assertTransactionAllSuccess(TransactionBatchResult procResult) { + + Iterator responses = procResult.getResponses(); + while (responses.hasNext()) { + TransactionResponse transactionResponse = (TransactionResponse) responses.next(); + + assertEquals(true, transactionResponse.isSuccess()); + assertEquals(TransactionState.SUCCESS, transactionResponse.getExecutionState()); + assertEquals(procResult.getBlock().getHash(), transactionResponse.getBlockHash()); + assertEquals(procResult.getBlock().getHeight(), transactionResponse.getBlockHeight()); + } + } + + /** + * 断言全部交易结果都是失败的; + * + * @param procResult + */ + private void assertTransactionAllFail(TransactionBatchResult procResult, TransactionState txState) { + Iterator responses = procResult.getResponses(); + while (responses.hasNext()) { + TransactionResponse transactionResponse = (TransactionResponse) responses.next(); + + assertEquals(false, transactionResponse.isSuccess()); + assertEquals(txState, transactionResponse.getExecutionState()); + } + } + + /** + * 断言预定义的数据符合预期; + * + * @param ledgerHash + * @param storage + */ + private void assertPredefineData(HashDigest ledgerHash, MemoryKVStorage storage) { + LedgerManager ledgerManager = new LedgerManager(); + LedgerRepository ledger = ledgerManager.register(ledgerHash, storage); + UserAccount newUser = ledger.getUserAccountSet().getUser(NEW_USER.getAddress()); + assertNotNull(newUser); + DataAccount dataAccount = ledger.getDataAccountSet().getDataAccount(DATA_ACCOUNT_ID.getAddress()); + assertNotNull(dataAccount); + + UserRoles userRoles = ledger.getAdminSettings().getAuthorizations().getUserRoles(NEW_USER.getAddress()); + assertNotNull(userRoles); + assertEquals(1, userRoles.getRoleCount()); + assertEquals("NORMAL", userRoles.getRoles()[0]); + + RolePrivileges normalRole = ledger.getAdminSettings().getRolePrivileges().getRolePrivilege("NORMAL"); + assertNotNull(normalRole); + assertEquals(true, normalRole.getLedgerPrivilege().isEnable(LedgerPermission.REGISTER_DATA_ACCOUNT)); + assertEquals(false, normalRole.getLedgerPrivilege().isEnable(LedgerPermission.REGISTER_USER)); + assertEquals(true, normalRole.getTransactionPrivilege().isEnable(TransactionPermission.CONTRACT_OPERATION)); + assertEquals(false, normalRole.getTransactionPrivilege().isEnable(TransactionPermission.DIRECT_OPERATION)); } private TransactionBatchResult executeTransactions(LedgerRepository ledger, TransactionRequest... transactions) { @@ -192,7 +298,7 @@ public class RolesAuthorizationTest { if (roles == null) { roles = new String[0]; } - UserRoles userRoles = ledger.getAdminSettings().getUserRoles().getUserRoles(address); + UserRoles userRoles = ledger.getAdminSettings().getAuthorizations().getUserRoles(address); assertNotNull(userRoles); assertEquals(policy, userRoles.getPolicy());