如何解决如何在 Hyperledger Fabric 上向管理员添加属性值?
基于 fabcar-sample (v1.4),我开发了一个应用程序,我想在其中为管理员和用户使用属性值。我在注册管理员时遇到了如何添加属性值的问题。我不知道是否可以为管理员添加属性值。在我看到的示例中,仅从注册用户中添加。在 fabcar 示例中,与用户相比,管理员似乎是刚刚注册而不是注册。
- registerUser.js
const gateway = new Gateway();
await gateway.connect(ccpPath,{ wallet,identity: 'admin',discovery: { enabled: true,asLocalhost: true } });
console.log('Create a new gateway for connecting to our peer node');
// Get the CA client object from the gateway for interacting with the CA.
const ca = gateway.getClient().getCertificateAuthority();
const adminIdentity = gateway.getCurrentIdentity();
console.log('Get the CA client object from the gateway for interacting with the CA');
const aff = adminIdentity.getAffiliation();
const secret = await ca.register({ affiliation: aff,enrollmentID: username,role: 'client',attrs: [ {"name": "email","value": "myemail@test.com","ecert": true} ] },adminIdentity);
const enrollment = await ca.enroll({ enrollmentID: username,enrollmentSecret: secret,attr_reqs: [{ name: "email",optional: false }]});
- enrollAdmin.js
const caInfo = ccp.certificateAuthorities[ca_info];
const caTLSCACerts = caInfo.tlsCACerts.pem;
const ca = new FabricCAServices(caInfo.url,{ trustedRoots: caTLSCACerts,verify: false },caInfo.caName);
// Create a new file system based wallet for managing identities.
const walletPath = path.join(process.cwd(),wallet_info);
const wallet = new FileSystemWallet(walletPath);
const enrollment = await ca.enroll({ enrollmentID: username,enrollmentSecret:'adminpw'});
const identity = X509WalletMixin.createIdentity(MSP,enrollment.certificate,enrollment.key.toBytes());
await wallet.import(username,identity);
- smartcontract.go
func (c *SmartContract) getEmail(stub shim.ChaincodeStubInterface) (string,error) {
email,ok,err := cid.GetAttributeValue(stub,"email")
if err != nil {
return "",err
}
if !ok {
return "",errors.New("email attribute is missing")
}
return email,nil
}
知道如何在没有像用户一样注册管理员的情况下在管理员上添加属性值吗?
解决方法
在admin
客户端的情况下,执行fabric-ca-server
时,可以在配置中设置该值。大多数示例仅通过使用 -b
选项处理 ID 和密码。喜欢fabric-ca-server start -b admin:adminpw -d
可以在 fabric-ca-server-config.yaml
文件中更改默认配置。
fabric-ca-server-config.yaml 链接是fabric-samples v2.0,但是fabric-ca没有变化(v1.4),配置形式相同。
您可以在此文件中添加 admin's attr
。
[编辑] 我按照指南文档写的,但是我确认它不起作用。在对代码进行深入分析后,我确认并更正了正则表达式无法正常工作。
hf.Registrar.Attributes: "*"
到
hf.Registrar.Attributes: "email,hf.Registrar.Roles,hf.Registrar.DelegateRoles,hf.Revoker,hf.IntermediateCA,hf.GenCRL,hf.Registrar.Attributes,hf.AffiliationMgr"
在 fabric-ca-server-config.yaml 中
这是示例。
- docker-compose-ca.yaml
version: '3'
services:
ca.org1.example.com:
image: hyperledger/fabric-ca:1.4
environment:
- FABRIC_CA_HOME=/etc/hyperledger/fabric-ca-server
- FABRIC_CA_SERVER_CA_NAME=ca.org1.example.com
- FABRIC_CA_SERVER_TLS_ENABLED=true
- FABRIC_CA_SERVER_TLS_CERTFILE=/etc/hyperledger/fabric-ca-server-config/ca.org1.example.com-cert.pem
- FABRIC_CA_SERVER_TLS_KEYFILE=/etc/hyperledger/fabric-ca-server-config/<your_ca_org1_private_key>
- FABRIC_CA_SERVER_PORT=7054
ports:
- "7054:7054"
command: sh -c 'fabric-ca-server start -d'
volumes:
# mounting fabric-ca-server-config.yaml file
- ./fabric-ca-server-config.yaml:/etc/hyperledger/fabric-ca-server/fabric-ca-server-config.yaml
- ./crypto-config/peerOrganizations/org1.example.com/ca/:/etc/hyperledger/fabric-ca-server-config
container_name: ca.org1.example.com
- fabric-ca-server-config.yaml
...
registry:
maxenrollments: -1
identities:
- name: test
pass: testpw
type: client
affiliation: ""
attrs:
# <add_your_attrs>
email: "myemail@test.com"
hf.Registrar.Roles: "*"
hf.Registrar.DelegateRoles: "*"
hf.Revoker: true
hf.IntermediateCA: true
hf.GenCRL: true
hf.Registrar.Attributes: "email,hf.AffiliationMgr"
hf.AffiliationMgr: true
...
- enrollAdmin.js
...
// Enroll the admin user,and import the new identity into the wallet.
// with attrs
const enrollment = await ca.enroll({ enrollmentID: 'test',enrollmentSecret: 'testpw',attr_reqs: [{ name: "email",optional: false }] });
const x509Identity = {
credentials: {
certificate: enrollment.certificate,privateKey: enrollment.key.toBytes(),},mspId: 'Org1MSP',type: 'X.509',};
await wallet.put('admin',x509Identity);
console.log('Successfully enrolled admin user "admin" and imported it into the wallet');
...
node enrollAdmin.js
Successfully enrolled admin user "admin" and imported it into the wallet
它有效!
[注意] 如果您不想接触 docker 或配置,可以添加另一个管理员来工作。
- registerAndEnrollAdmin.js
...
// Register the user,enroll the user,and import the new identity into the wallet.
const adminUser = await provider.getUserContext(adminIdentity,'admin');
const secret = await ca.register({
affiliation: 'org1.department1',enrollmentID: 'admin2',role: 'client',attrs: [ {"name": "hf.Registrar.Roles","value": "client,orderer,peer"},{"name": "hf.Registrar.DelegateRoles",{"name": "hf.Revoker","value": "true"},{"name": "email","value": "test@example.com"},{"name": "hf.Registrar.Attributes","value": "email,hf.Registrar.Attributes"} ] },adminUser);
const enrollment = await ca.enroll({
enrollmentID: 'admin2',enrollmentSecret: secret,optional: false }]
});
...
然后您可以使用 admin2
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。