user_mgmt_i

package
v0.0.0-...-aeb4a1d Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 5, 2022 License: Apache-2.0 Imports: 20 Imported by: 0

Documentation

Overview

Package user_mgmt_i manages users and groups. It stores users/groups as assets and maintains a graph of user/group relationships.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ConvertAdminPathToPrivateKeyPath 

func ConvertAdminPathToPrivateKeyPath(adminPath []string) (keyPath []string, err error)

ConvertAdminPathToPrivateKeyPath returns a keyPath to get a user's private key. KeyPath can be passed to AssetManger's GetAssetKey function.

func ConvertAdminPathToSymKeyPath 

func ConvertAdminPathToSymKeyPath(adminPath []string) (keyPath []string, err error)

ConvertAdminPathToSymKeyPath returns a keyPath to get a user's sym key. KeyPath can be passed to AssetManger's GetAssetKey function.

func ConvertFromAsset 

func ConvertFromAsset(asset *data_model.Asset) data_model.User

ConvertFromAsset converts an asset object to a user object.

func ConvertToAsset 

func ConvertToAsset(user data_model.User) data_model.Asset

ConvertToAsset converts a user object to an asset object.

func GetCallerData 

func GetCallerData(stub cached_stub.CachedStubInterface) (data_model.User, error)

GetCallerData gets keys from TMAP and returns the caller's data from the ledger.

func GetOrg 

func GetOrg(stub cached_stub.CachedStubInterface, caller data_model.User, args []string) ([]byte, error)

GetOrg returns an organization.

args = [orgId]

func GetOrgs 

func GetOrgs(stub cached_stub.CachedStubInterface, caller data_model.User, args []string) ([]byte, error)

GetOrgs returns a list of all organizations.

args = []

func GetUser 

func GetUser(stub cached_stub.CachedStubInterface, caller data_model.User, args []string) ([]byte, error)

GetUser returns a user.

args = [userId]

func GetUserAssetID 

func GetUserAssetID(userID string) string

GetUserAssetID returns the asset ID for the stored user object identified by the given userID.

func GetUserData 

func GetUserData(stub cached_stub.CachedStubInterface, caller data_model.User, userID string, options ...interface{}) (data_model.User, error)

GetUserData finds, decrypts, and returns a User for the given userId. The user's public key will always be included. If the private and/or sym keys cannot be retrieved, they will be left blank, and no error will be returned. If userId is same as callerId, User object is copied from caller object.

options can be passed in any of the following orders:

keyPath []String keyPath []String, keyPath2 []string includePrivateAndSymKeys bool includePrivateAndSymKeys bool, keyPath []string includePrivateAndSymKeys bool, keyPath []string, keyPath2 []string includePrivateAndSymKeys bool, includePrivateData bool includePrivateAndSymKeys bool, includePrivateData bool, keyPath []string includePrivateAndSymKeys bool, includePrivateData bool, keyPath []string, keyPath2 []string

If includePrivateAndSymKeys (default false) is true, attempts to include the user's private and sym keys as well. If includePrivateData (default false) is false, the user's private data will not be decrypted. if keyPath (default nil) is passed in, user's symKey will be retrieved using this keyPath. The first element of keyPath must be the caller's key, and the last element must be the user's sym key. keyPaths is always the last option if it's specified. KeyPath2 is for the user's private key.

func GetUserIter 

func GetUserIter(
	stub cached_stub.CachedStubInterface,
	caller data_model.User,
	startValues []string,
	endValues []string,
	decryptPrivateData bool,
	returnOnlyPrivateAssets bool,
	assetKeyPath interface{},
	previousKey string,
	limit int,
	filterRule *simple_rule.Rule) (asset_manager.AssetIteratorInterface, error)

GetUserIter returns an interator of user objects

func GetUserKeys 

func GetUserKeys(stub cached_stub.CachedStubInterface, caller data_model.User, userId string, keyPaths ...[]string) (*data_model.Keys, error)

GetUserKeys returns a user's private, public, and sym keys. Caller must have access to the user's private key. keyPaths is optional. First keyPath is for private key, second keyPath is for symkey. If only one keyPath is passed in, it's for the private key. The sym key is obtained from the private key.

func GetUserPrivateKey 

func GetUserPrivateKey(stub cached_stub.CachedStubInterface, caller data_model.User, userId string, keyPath ...[]string) (data_model.Key, error)

GetUserPrivateKey returns a user's private key. Caller must have access to the user's private key. keyPath is optional. Default keyPath = [caller privkey, user privhashkey, user privkey] If keyPath is passed in, use this keyPath to get the private key.

func GetUserPublicKey 

func GetUserPublicKey(stub cached_stub.CachedStubInterface, caller data_model.User, userId string) (data_model.Key, error)

GetUserPublicKey returns the user's public key. If you already have the user, call GetPublicKey(user) instead.

func GetUserSymKey 

func GetUserSymKey(stub cached_stub.CachedStubInterface, caller data_model.User, userId string, keyPath ...[]string) (data_model.Key, error)

GetUserSymKey returns a user's sym key. keyPath is an optional parameter; if passed in, this keyPath is used to get the symKey. Caller must have access to the user's private key.

func GetUsers 

func GetUsers(stub cached_stub.CachedStubInterface, caller data_model.User, args []string) ([]byte, error)

GetUsers returns a list of all member users for a given orgId, optionally filtered by role.

args = [orgId, role]

func GiveAdminPermissionOfGroup 

func GiveAdminPermissionOfGroup(stub cached_stub.CachedStubInterface, caller data_model.User, userID string, groupID string) error

GiveAdminPermissionOfGroup gives user admin permission to group. Caller must be admin of group.

func GiveAuditorPermissionOfGroup 

func GiveAuditorPermissionOfGroup(stub cached_stub.CachedStubInterface, caller, auditor, group data_model.User) error

GiveAuditorPermissionOfGroup gives audit permission to an audit group. Caller must be admin of group.

func GiveAuditorPermissionOfGroupById 

func GiveAuditorPermissionOfGroupById(stub cached_stub.CachedStubInterface, caller data_model.User, auditorID string, groupID string, keyPaths ...[]string) error

GiveAuditorPermissionOfGroupById gives audit permission to an audit group. Caller must be direct or indirect admin of group.

func Init 

func Init(stub cached_stub.CachedStubInterface, logLevel ...shim.LoggingLevel) ([]byte, error)

Init sets up the user_mgmt package by building an index table for users.

func IsParentGroup 

func IsParentGroup(stub cached_stub.CachedStubInterface, caller data_model.User, parentGroupID string, childGroupID string) bool

IsParentGroup returns true if parentGroup is a direct or indirect parent of childGroup, false otherwise.

func PutUserInGroup 

func PutUserInGroup(stub cached_stub.CachedStubInterface, caller data_model.User, userID string, groupID string, isAdmin bool, keyPaths ...[]string) error

PutUserInGroup adds the user as a member of the group. If the user is already a member of the group, then the admin status can be updated. Admins have read/write access to any assets that the group has read/write access to. Members have read access to assets that the group has read access to. userID must be the ID of a user, not a group. groupID must be the ID of a group, not a user. If isAdmin is true, user will be given write access to group assets. Caller must be an admin of the group in order to add members and admins. keyPaths are optional parameters. If passed in, they are used to get group's keys. The first keyPath is for getting the group symKey, and the second keyPath is for getting the group privateKey.

func PutUserInOrg 

func PutUserInOrg(stub cached_stub.CachedStubInterface, caller data_model.User, args []string) ([]byte, error)

PutUserInOrg is a proxy function for PutUserInGroup. Call if you need to call PutUserInGroup directly from Invoke in a solution.

args = [ userID, orgID, isAdmin]

func RegisterAuditor 

func RegisterAuditor(stub cached_stub.CachedStubInterface, caller data_model.User, args []string) ([]byte, error)

RegisterAuditor registers an auditor user. Caller's role must be "system".

args = [userBytes, allowAccess]

If allowAccess is true and a new user is being registered, gives the caller access to the user's private key.

func RegisterOrg 

func RegisterOrg(stub cached_stub.CachedStubInterface, caller data_model.User, args []string) ([]byte, error)

RegisterOrg registers or updates an organization (a group user). Encrypts org keys with org public key. Encrypts org private key with org public key. Saves org data with org sym key. Creates org admin user. If makeCaller is true and this is a new org, caller will be added as an admin of the org.

args = [ orgBytes, makeCallerAdmin ]

func RegisterOrgAdmin 

func RegisterOrgAdmin(stub cached_stub.CachedStubInterface, caller data_model.User, args []string) ([]byte, error)

RegisterOrgAdmin registers an org admin user. Caller's role must be "system".

args: [userBytes, allowAccess]

If allowAccess is true and a new user is being registered, gives the caller access to the user's private key. DEPRECATED use RegisterOrg() and/or GiveAdminPermissionOfGroup()

func RegisterOrgWithParams 

func RegisterOrgWithParams(stub cached_stub.CachedStubInterface, caller data_model.User, org data_model.User, makeCallerAdmin bool) error

RegisterOrgWithParams validates and creates/updates an org. The caller will be added as an admin of the org if this is a new org and makeCallerAdmin is true.

func RegisterSubgroup 

func RegisterSubgroup(stub cached_stub.CachedStubInterface, caller data_model.User, args []string) ([]byte, error)

RegisterSubgroup registers a new group as a subgroup of an existing group. Admins of the parent group are admins of the subgroup. Members of the subgroup are members of parent group. Auditors of the parent group are auditors of the subgroup. Subgroups can only have one parent group.

args = [subgroup, parentGroupID]

subgroup is the subgroup to be registered. parentGroupID is the id of the parent group.

func RegisterSubgroupWithParams 

func RegisterSubgroupWithParams(stub cached_stub.CachedStubInterface, caller data_model.User, subgroup data_model.User, parentGroupID string, keyPaths ...[]string) error

RegisterSubgroupWithParams registers a new group as a subgroup of an existing group. "WithParams" functions should only be called from within the chaincode.

subgroup is the subgroup to register. parentGroupID is the id of the parent group. keyPaths (optional) keyPath to symkey, keyPath to privKey

func RegisterSystemAdmin 

func RegisterSystemAdmin(stub cached_stub.CachedStubInterface, caller data_model.User, args []string) ([]byte, error)

RegisterSystemAdmin registers a system admin user. Caller's role must be "system".

args = [userBytes, allowAccess]

If allowAccess is true and a new user is being registered, gives the caller access to the user's private key.

func RegisterUser 

func RegisterUser(stub cached_stub.CachedStubInterface, caller data_model.User, args []string) ([]byte, error)

RegisterUser registers or updates a user.

args = [ user, allowAccess ]

user is the data_model.User to add or update. If allowAccess is true and a new user is being registered, gives the caller access to the user's private key. If allowAccess is true and a new group is being registered, makes the caller an admin of the group.

func RegisterUserWithParams 

func RegisterUserWithParams(stub cached_stub.CachedStubInterface, caller data_model.User, user data_model.User, allowAccess bool) error

RegisterUserWithParams registers or updates a user. user - the user object to add/update allowAccess - [users] if true, gives the caller access to the user's private key (only applies for a new user, not an update of an existing user) allowAccess - [groups] if true, makes the caller an admin of the group (only applies for a new group, not an update of an existing group)

func RemoveAdminPermissionOfGroup 

func RemoveAdminPermissionOfGroup(stub cached_stub.CachedStubInterface, caller data_model.User, args []string) ([]byte, error)

RemoveAdminPermissionOfGroup removes admin permission from user who is a member of group. Caller must be admin of group.

args = [userID, groupID]

func RemoveAdminPermissionOfGroupWithParams 

func RemoveAdminPermissionOfGroupWithParams(stub cached_stub.CachedStubInterface, caller data_model.User, userID string, groupID string, keyPaths ...[]string) error

RemoveAdminPermissionOfGroupWithParams removes admin permission from user who is a member of group. "WithParams" functions should only be called from within the chaincode.

keyPaths is optional : symkeyPath, privkeyPath

func RemoveAuditorPermissionOfGroup 

func RemoveAuditorPermissionOfGroup(stub cached_stub.CachedStubInterface, caller data_model.User, auditorID string, groupID string) error

RemoveAuditorPermissionOfGroup removes an auditor's permission to audit group. Caller must be admin of group.

func RemoveSubgroupFromGroup 

func RemoveSubgroupFromGroup(stub cached_stub.CachedStubInterface, caller data_model.User, subgroupID string, groupID string, keyPaths ...[]string) error

RemoveSubgroupFromGroup removes a subgroup from a group.

subgroupID is the id of the subgroup to remove from group. groupID is the id of the group that the subgroup currently belongs to. keyPaths are optional parameters. If passed in, they are used to get the parent group's keys. The first keyPath is for getting the parent group symKey, and the second keyPath is for getting the parent group privateKey.

func RemoveUserFromGroup 

func RemoveUserFromGroup(stub cached_stub.CachedStubInterface, caller data_model.User, args []string) ([]byte, error)

RemoveUserFromGroup removes a user from a group.

args = [userID, groupID, removeSubGroup(optional: default=false)] If removeFromSubGroup is true, it will also traverse the org tree, and remove the user from all subgroups of groupID. This operation might take a long time to process. Default value of removeFromSubGroup is false.

func RemoveUserFromGroupWithParams 

func RemoveUserFromGroupWithParams(stub cached_stub.CachedStubInterface, caller data_model.User, userID string, groupID string, keyPaths ...[]string) error

RemoveUserFromGroupWithParams removes a user from a group. "WithParams" functions should only be called from within the chaincode.

func SlowGetGroupAdminIDs 

func SlowGetGroupAdminIDs(stub cached_stub.CachedStubInterface, groupID string) ([]string, error)

SlowGetGroupAdminIDs returns a list of group admin ids.

func SlowGetGroupMemberIDs 

func SlowGetGroupMemberIDs(stub cached_stub.CachedStubInterface, groupID string) ([]string, error)

SlowGetGroupMemberIDs returns a list of group member ids, including admins.

func SlowGetMyGroupIDs 

func SlowGetMyGroupIDs(stub cached_stub.CachedStubInterface, caller data_model.User, userID string, adminOnly bool) ([]string, error)

SlowGetMyGroupIDs returns a list of group ids of which user is a direct or indirect member. If adminOnly is true, only returns group ids of which user is a direct or indirect admin.

func SlowGetSubgroups 

func SlowGetSubgroups(stub cached_stub.CachedStubInterface, groupID string) ([]string, error)

GetSubgroups returns a list of ids of group's child groups.

func UpdateOrg 

func UpdateOrg(stub cached_stub.CachedStubInterface, caller data_model.User, args []string) ([]byte, error)

UpdateOrg updates an organization.

args = [orgBytes]

Types

This section is empty.

Source Files

View all Source files

Directories

Path Synopsis
common package contains global_data and functions to be shared across bchcls common packages.
 common package contains global_data and functions to be shared across bchcls common packages.
user_mgmt_g

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.