Skip to content

Commit

Permalink
Merge pull request hyperledger#1130 from anikitinDSR/fix_existing_nym…
Browse files Browse the repository at this point in the history
…_validation

[INDY-1939] Add tests for demotes checking
  • Loading branch information
andkononykhin authored Jan 16, 2019
2 parents 2a27782 + 0e7fa92 commit f394697
Show file tree
Hide file tree
Showing 6 changed files with 215 additions and 1 deletion.
8 changes: 8 additions & 0 deletions indy_common/authorize/auth_map.py
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,11 @@
old_value=TRUST_ANCHOR,
new_value=TRUST_ANCHOR)

sameRoleNetworkMonitor = AuthActionEdit(txn_type=NYM,
field=ROLE,
old_value=NETWORK_MONITOR,
new_value=NETWORK_MONITOR)

sameRoleNone = AuthActionEdit(txn_type=NYM,
field=ROLE,
old_value='',
Expand Down Expand Up @@ -206,6 +211,9 @@
sameRoleNone.get_action_id(): AuthConstraint(role='*',
sig_count=1,
need_to_be_owner=True),
sameRoleNetworkMonitor.get_action_id(): AuthConstraint(role="*",
sig_count=1,
need_to_be_owner=True),
keyRotation.get_action_id(): AuthConstraint(role='*',
sig_count=1,
need_to_be_owner=True),
Expand Down
40 changes: 40 additions & 0 deletions indy_common/test/auth/test_auth_nym_with_new_auth_map.py
Original file line number Diff line number Diff line change
Expand Up @@ -94,3 +94,43 @@ def test_change_verkey(write_request_validation, req, is_owner):
old_value="_verkey".format(req.identifier),
new_value='new_value',
is_owner=is_owner)])


def test_same_role_trustee(write_request_validation, req, is_owner):
authorized = is_owner
assert authorized == write_request_validation(req,
[AuthActionEdit(txn_type=NYM,
field=ROLE,
old_value=TRUSTEE,
new_value=TRUSTEE,
is_owner=is_owner)])


def test_same_role_steward(write_request_validation, req, is_owner):
authorized = is_owner
assert authorized == write_request_validation(req,
[AuthActionEdit(txn_type=NYM,
field=ROLE,
old_value=STEWARD,
new_value=STEWARD,
is_owner=is_owner)])


def test_same_role_trust_acnhor(write_request_validation, req, is_owner):
authorized = is_owner
assert authorized == write_request_validation(req,
[AuthActionEdit(txn_type=NYM,
field=ROLE,
old_value=TRUST_ANCHOR,
new_value=TRUST_ANCHOR,
is_owner=is_owner)])


def test_same_role_network_monitor(write_request_validation, req, is_owner):
authorized = is_owner
assert authorized == write_request_validation(req,
[AuthActionEdit(txn_type=NYM,
field=ROLE,
old_value=NETWORK_MONITOR,
new_value=NETWORK_MONITOR,
is_owner=is_owner)])
2 changes: 1 addition & 1 deletion indy_node/test/conftest.py
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@
from plenum.test.conftest import sdk_pool_handle as plenum_pool_handle, sdk_pool_data, sdk_wallet_steward, \
sdk_wallet_handle, sdk_wallet_data, sdk_steward_seed, sdk_wallet_client, sdk_wallet_trustee, \
sdk_trustee_seed, trustee_data, sdk_client_seed, poolTxnClientData, poolTxnClientNames, \
sdk_wallet_stewards, create_node_and_not_start
sdk_wallet_stewards, create_node_and_not_start, sdk_wallet_handle

Logger.setLogLevel(logging.NOTSET)

Expand Down
6 changes: 6 additions & 0 deletions indy_node/test/nym_txn/conftest.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
import pytest


@pytest.fixture(scope="function", params=[False, True])
def with_verkey(request):
return request.param
78 changes: 78 additions & 0 deletions indy_node/test/nym_txn/test_demote_network_monitor.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,78 @@
import pytest
from indy import did

from indy_common.constants import NETWORK_MONITOR
from indy_node.test.validator_info.helper import sdk_get_validator_info
from plenum.common.constants import STEWARD_STRING
from plenum.common.exceptions import RequestRejectedException
from plenum.test.helper import sdk_sign_and_submit_op, sdk_get_and_check_replies
from plenum.test.pool_transactions.helper import sdk_add_new_nym


def test_network_monitor_suspension_by_another_steward(looper,
sdk_pool_handle,
sdk_wallet_steward,
sdk_wallet_trustee,
sdk_wallet_handle,
with_verkey):
new_steward_did, new_steward_verkey = looper.loop.run_until_complete(
did.create_and_store_my_did(sdk_wallet_trustee[0], "{}"))
new_network_monitor_did, new_network_monitor_verkey = looper.loop.run_until_complete(
did.create_and_store_my_did(sdk_wallet_steward[0], "{}"))

"""Adding new steward"""
sdk_add_new_nym(looper, sdk_pool_handle,
sdk_wallet_trustee, 'newSteward', STEWARD_STRING, verkey=new_steward_verkey, dest=new_steward_did)

"""Adding NETWORK_MONITOR role by first steward"""
op = {'type': '1',
'dest': new_network_monitor_did,
'role': NETWORK_MONITOR,
'verkey': new_network_monitor_verkey}
req = sdk_sign_and_submit_op(looper, sdk_pool_handle, (sdk_wallet_handle, new_steward_did), op)
sdk_get_and_check_replies(looper, [req])

"""Check that get_validator_info command works for NETWORK_MONITOR role"""
sdk_get_validator_info(looper, (sdk_wallet_handle, new_network_monitor_did), sdk_pool_handle)

"""Blacklisting network_monitor by new steward"""
op = {'type': '1',
'dest': new_network_monitor_did,
'role': None}
if with_verkey:
op['verkey'] = new_network_monitor_verkey
req = sdk_sign_and_submit_op(looper, sdk_pool_handle, (sdk_wallet_handle, new_steward_did), op)
if with_verkey:
with pytest.raises(RequestRejectedException):
sdk_get_and_check_replies(looper, [req])
else:
sdk_get_and_check_replies(looper, [req])
with pytest.raises(RequestRejectedException):
sdk_get_validator_info(looper, (sdk_wallet_handle, new_network_monitor_did), sdk_pool_handle)


def test_network_monitor_suspension_by_itself(looper,
sdk_pool_handle,
sdk_wallet_steward,
sdk_wallet_handle,
with_verkey):
new_network_monitor_did, new_network_monitor_verkey = looper.loop.run_until_complete(
did.create_and_store_my_did(sdk_wallet_steward[0], "{}"))

"""Adding NETWORK_MONITOR role by steward"""
op = {'type': '1',
'dest': new_network_monitor_did,
'role': NETWORK_MONITOR,
'verkey': new_network_monitor_verkey}
req = sdk_sign_and_submit_op(looper, sdk_pool_handle, (sdk_wallet_handle, sdk_wallet_steward[1]), op)
sdk_get_and_check_replies(looper, [req])

"""Blacklisting network_monitor by itself"""
op = {'type': '1',
'dest': new_network_monitor_did,
'role': None}
if with_verkey:
op['verkey'] = new_network_monitor_verkey
req = sdk_sign_and_submit_op(looper, sdk_pool_handle, (sdk_wallet_handle, new_network_monitor_did), op)
with pytest.raises(RequestRejectedException):
sdk_get_and_check_replies(looper, [req])
82 changes: 82 additions & 0 deletions indy_node/test/nym_txn/test_nym_blacklisting.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,82 @@
import pytest
from indy import did

from indy_common.constants import TRUST_ANCHOR_STRING
from plenum.common.constants import TRUSTEE_STRING, STEWARD_STRING
from plenum.common.exceptions import RequestRejectedException
from plenum.test.helper import sdk_get_and_check_replies, sdk_sign_and_submit_op
from plenum.test.pool_transactions.helper import sdk_add_new_nym


def test_steward_suspension_by_another_trustee(looper,
sdk_pool_handle,
sdk_wallet_trustee,
sdk_wallet_handle,
with_verkey):
new_trustee_did, new_trustee_verkey = looper.loop.run_until_complete(
did.create_and_store_my_did(sdk_wallet_trustee[0], "{}"))
new_steward_did, new_steward_verkey = looper.loop.run_until_complete(
did.create_and_store_my_did(sdk_wallet_trustee[0], "{}"))

"""Adding new steward"""
sdk_add_new_nym(looper, sdk_pool_handle,
sdk_wallet_trustee, 'newSteward', STEWARD_STRING, verkey=new_steward_verkey, dest=new_steward_did)

"""Adding new trustee"""
sdk_add_new_nym(looper, sdk_pool_handle,
sdk_wallet_trustee, 'newTrustee', TRUSTEE_STRING, verkey=new_trustee_verkey, dest=new_trustee_did)

"""Blacklisting new steward by new trustee"""
op = {'type': '1',
'dest': new_steward_did,
'role': None}
if with_verkey:
op['verkey'] = new_steward_verkey
req = sdk_sign_and_submit_op(looper, sdk_pool_handle, (sdk_wallet_handle, new_trustee_did), op)
if with_verkey:
with pytest.raises(RequestRejectedException):
sdk_get_and_check_replies(looper, [req])
else:
sdk_get_and_check_replies(looper, [req])


def test_steward_cannot_create_trust_anchors_after_demote (looper,
sdk_pool_handle,
sdk_wallet_trustee,
sdk_wallet_handle):
new_steward_did, new_steward_verkey = looper.loop.run_until_complete(
did.create_and_store_my_did(sdk_wallet_trustee[0], "{}"))
new_ta_did, new_ta_verkey = looper.loop.run_until_complete(
did.create_and_store_my_did(sdk_wallet_trustee[0], "{}"))
new_ta_2_did, new_ta_2_verkey = looper.loop.run_until_complete(
did.create_and_store_my_did(sdk_wallet_trustee[0], "{}"))

"""Adding new steward"""
sdk_add_new_nym(looper, sdk_pool_handle,
sdk_wallet_trustee,
'newSteward',
STEWARD_STRING,
verkey=new_steward_verkey, dest=new_steward_did)

"""Adding new TA"""
sdk_add_new_nym(looper, sdk_pool_handle,
(sdk_wallet_handle, new_steward_did),
'newSteward',
TRUST_ANCHOR_STRING,
verkey=new_ta_verkey, dest=new_ta_did)

"""Blacklisting new steward by trustee"""
op = {'type': '1',
'dest': new_steward_did,
'role': None}
req = sdk_sign_and_submit_op(looper, sdk_pool_handle, sdk_wallet_trustee, op)
sdk_get_and_check_replies(looper, [req])

"""Try to add new TA by previous demoted steward"""
with pytest.raises(RequestRejectedException):
sdk_add_new_nym(looper, sdk_pool_handle,
(sdk_wallet_handle, new_steward_did),
'newSteward',
TRUST_ANCHOR_STRING,
verkey=new_ta_2_verkey, dest=new_ta_2_did)

0 comments on commit f394697

Please sign in to comment.