运行asset_management.go与运行简单的chaincode(例如chaincode_example02.go)有何不同 [英] How is running the asset_management.go different from running a simple chaincode like chaincode_example02.go

问题描述

(据我所知)用于部署/调用链码的简单工作流程是:

The simple workflow for deploying/invoking a chaincode (to my knowledge) is :

1. 在区块链上部署链码(智能合约)

1. Deploy a chaincode(smart contract) on the blockchain

• 这会在所有运行了链码的对等方上打开一个docker容器

• 这种类型的函数会更改链码状态下的变量值

对于 asset_management.go ，可以通过在asset_management chaincode目录中运行go test来测试chaincode.但这并没有真正调出运行asset_management链代码的docker容器(或者是?).

For asset_management.go, the chaincode can be tested by running go test in the asset_management chaincode directory . But this does not really bring up a docker container(or does it ?) that runs the asset_management chaincode.

什么是部署/调用此链代码的正确方法，它与使用REST接口部署/调用链代码有何不同(就像我们对

Whats the right way to deploy/invoke this chaincode and how is it different from deploying/invoking chaincodes using the REST interface(like we do for chaincode_example02)

推荐答案

想要手动运行"asset_management_with_roles"的任何人的步骤列表:

The list of steps for anybody who would like to run "asset_management_with_roles" manually:

1. 签出结构，从"devenv"文件夹运行流浪汉

1. Checkout Fabric, run vagrant from "devenv" folder

ssh到启动的容器.

ssh to the started container.

重置Fabric的配置:

Reset Fabric’s configuration:

rm /var/hyperledger/production

在membersrvc.yaml中启用属性证书授权

Enable attribute certificate authority in membersrvc.yaml

aca.enabled: true

在core.yaml中启用安全性

Enable security in core.yaml

security.enable: true

在core.yaml中将节点"的日志级别切换为调试"(可选.如果您知道证书，则不需要)

Switch log level for "node" to "debug" in core.yaml (optional. not necessary if you know the certificates)

logging.node: debug 

在后台运行membersrvc:

Run membersrvc in background:

nohup membersrvc &> /tmp/membersrvc.log &

运行对等服务

Run peer service

peer node start

验证用户"assigner，bob，alice"是否在membersrvc.yaml中，根据此示例中的注释，我们将使用:

Verify if users "assigner, bob, alice" are in membersrvc.yaml, according to the comment in this example we will work with:

// This example implements asset transfer using attributes support and specifically Attribute Based Access Control (ABAC). // There are three users in this example: // - alice // - bob // - assigner // // This users are defined in the section eca" of asset.yaml file. // In the section aca" of asset.yaml file two attributes are defined to this users: // The first attribute is called ‘role' with this values: // - alice has role = client // - bob has role = client // - assigner has role = assigner // // The second attribute is called ‘account' with this values: // - alice has account = 12345-56789 // - bob has account = 23456-67890

// This example implements asset transfer using attributes support and specifically Attribute Based Access Control (ABAC). // There are three users in this example: // - alice // - bob // - assigner // // This users are defined in the section "eca" of asset.yaml file. // In the section "aca" of asset.yaml file two attributes are defined to this users: // The first attribute is called ‘role' with this values: // - alice has role = client // - bob has role = client // - assigner has role = assigner // // The second attribute is called ‘account' with this values: // - alice has account = 12345-56789 // - bob has account = 23456-67890

打开另一个带有vagrant的ssh终端并登录到网络:

Open another ssh terminal with vagrant and login to the network:

peer network login assigner -p Tc43PeqBl11
peer network login bob -p NOE63pEQbL25
peer network login alice -p CMS10pEQlB16

8.使用分配者"安全上下文将链码部署到网络:

8. Deploy chaincode to the network using "assigner" security context:

curl -XPOST -d ‘{"jsonrpc": "2.0", "method": "deploy", "params": {"type": 1,"chaincodeID": {"path": "github.com/hyperledger/fabric/examples/chaincode/go/asset_management_with_roles","language": "GOLANG"}, "ctorMsg": { "args": ["init"] }, "metadata":[97, 115, 115, 105, 103, 110, 101, 114] ,"secureContext": "assigner"} ,"id": 0}' http://localhost:7050/chaincode

元数据包含utf-8编码的字符串"assigner".该字符串将保存在分类帐中，只有具有这种角色的用户才能在智能合约中执行分配"功能.

metadata contains utf-8 encoded string "assigner". This string will be saved in a ledger and only user with such role will be able to execute "assign" function in smart contract.

为了使示例易于阅读，让我们将链码ID保存在本地变量中:

In order to keep example readable lets save chaincode id in local variable:

export HASH=7adc030881c07c39d2edac0b1560bf7cf2b7f0a4bce74fe7e6144e3f36e1bf2d176093d4c23ba58712a9589d9600e6d9ef596a1521a4c5227c222d8af2bf16c8

1. 从这一刻开始，用户分配者"可以为bob和alice创建新资产，我们只需要查找其证书即可.
   让我们对"bob" securityContext下的任何随机资产名称运行查询命令:

1. Starting from this moment user "assigner" can create new assets for bob and alice, we just have to find their certificates.
   let’s run query command for any random asset name under "bob" securityContext:

curl -XPOST -d '{"jsonrpc": "2.0", "method": "query", "params": {"type": 1, "chaincodeID": {"name": "'"$HASH"'"}, "ctorMsg": {"args": ["query", "myasset"]}, "secureContext": "bob", "attributes": ["role", "account"]}, "id": 1}' http://localhost:7050/chaincode

(重要提示:如果没有attributes: [role, account]，则不会将任何属性加载到交易证书中)

(IMPORTANT: without "attributes": ["role", "account"] no attributes will be loaded into transactions certificate)

只要以调试模式启动对等"，bob的证书就会打印在对等日志输出中.尝试找到"[client.bob]添加新证书"行并复制证书值:

As far as "peer" is started in debug mode, bob’s certificate will be printed in peer log output. Try to find row "[client.bob] Adding new Cert" and copy certificate value:

30 82 02 90 30 82 02 37 a0 03 02 01 02 02 10 2f 9e 4e da c9 e9 4e 97 b1 58 24 78 4e 15 05 f4 30 0a 06 08 2a 86 48 ce 3d 04 03 03 30 31 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 14 30 12 06 03 55 04 0a 13 0b 48 79 70 65 72 6c 65 64 67 65 72 31 0c 30 0a 06 03 55 04 03 13 03 74 63 61 30 1e 17 0d 31 36 30 39 31 39 32 31 32 34 31 39 5a 17 0d 31 36 31 32 31 38 32 31 32 34 31 39 5a 30 45 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 14 30 12 06 03 55 04 0a 13 0b 48 79 70 65 72 6c 65 64 67 65 72 31 20 30 1e 06 03 55 04 03 13 17 54 72 61 6e 73 61 63 74 69 6f 6e 20 43 65 72 74 69 66 69 63 61 74 65 30 59 30 13 06 07 2a 86 48 ce 3d 02 01 06 08 2a 86 48 ce 3d 03 01 07 03 42 00 04 78 8f f2 11 55 a3 5a 8d f1 b5 4f 38 e4 94 e4 67 b0 47 7f e0 07 04 b8 fb 12 ee 86 17 8a 05 55 e3 98 f6 c1 af 59 ee 2d 54 a9 c5 36 22 cd fa a8 1b ce ba e0 26 fd 73 40 af 20 5d 15 65 89 9c 62 64 a3 82 01 1b 30 82 01 17 30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 07 80 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 0d 06 03 55 1d 0e 04 06 04 04 01 02 03 04 30 0f 06 03 55 1d 23 04 08 30 06 80 04 01 02 03 04 30 10 06 06 2a 03 04 05 06 0a 04 06 63 6c 69 65 6e 74 30 15 06 06 2a 03 04 05 06 0b 04 0b 32 33 34 35 36 2d 36 37 38 39 30 30 4d 06 06 2a 03 04 05 06 07 01 01 ff 04 40 fc c2 07 dd ee ac 8c 76 84 12 07 d2 e0 a6 da b3 06 c9 5b 5b 41 57 a3 f3 a2 f7 59 e2 ed 02 02 7e 56 46 f5 bc 24 00 0a 2e 18 b4 a6 b7 a6 c3 8d ca 15 13 a7 98 42 98 8f 9b 85 a2 d1 6a 77 0d da e8 30 3a 06 06 2a 03 04 05 06 08 04 30 ff d2 ab 7f c8 2d 98 c4 3f c9 f7 05 12 07 01 3a 36 69 f8 ee d1 c4 27 16 48 3e ee ed db b9 b6 3c d6 e5 1a 3e 0b 7d f0 19 1c 81 03 12 f6 7b d5 3e 30 23 06 06 2a 03 04 05 06 09 04 19 30 30 48 45 41 44 72 6f 6c 65 2d 3e 31 23 61 63 63 6f 75 6e 74 2d 3e 32 23 30 0a 06 08 2a 86 48 ce 3d 04 03 03 03 47 00 30 44 02 20 49 52 26 bd b8 f4 a0 98 c6 ff fc 56 3e b5 b0 12 ee ec b7 46 90 55 b1 17 99 29 fe df 80 2e 95 b9 02 20 3b 7f dd 32 88 56 ae a1 14 60 54 60 95 61 fb d1 bc 0c f7 e0 61 f2 e9 0b 46 35 6a 36 61 c9 b8 f0

证书应基于base64编码.作为一种选择，我们可以使用 http://tomeko.net/online_tools/hex_to_base64.php?lang = en

Certificate should be based64 encoded. As an option we can use http://tomeko.net/online_tools/hex_to_base64.php?lang=en

将证书插入十六进制字符串"字段，单击转换"按钮，结果将在输出(base64)"中:

Insert certificate into "Hex string" field, click "convert" button, and result will be in "Output (base64)":

MIICkjCCAjigAwIBAgIRAO9nis6q+khvv6TMvhKbmacwCgYIKoZIzj0EAwMwMTELMAkGA1UEBhMCVVMxFDASBgNVBAoTC0h5cGVybGVkZ2VyMQwwCgYDVQQDEwN0Y2EwHhcNMTYwOTE5MjAyMDE5WhcNMTYxMjE4MjAyMDE5WjBFMQswCQYDVQQGEwJVUzEUMBIGA1UEChMLSHlwZXJsZWRnZXIxIDAeBgNVBAMTF1RyYW5zYWN0aW9uIENlcnRpZmljYXRlMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEqop3N0IpJaLVaRuYioSuHPvyWX3OY9vo4I1YYw1YophcFGFt3fN0X6bDlufUZ5/u81JMmZHozduREnNzM1n+gaOCARswggEXMA4GA1UdDwEB/wQEAwIHgDAMBgNVHRMBAf8EAjAAMA0GA1UdDgQGBAQBAgMEMA8GA1UdIwQIMAaABAECAwQwEAYGKgMEBQYKBAZjbGllbnQwFQYGKgMEBQYLBAsyMzQ1Ni02Nzg5MDBNBgYqAwQFBgcBAf8EQNbPDmdWcOogMkZrlxbRJw/06jg4Ai88KW2+BsuxUnIH5FSa3OY7ZsXJLpceIN4SeEWKDKDsIPCo2wm6cUMYApIwOgYGKgMEBQYIBDDikSBKFYtTmYZRhtVDPhnIoSvefWHQ5Vx5oahIRbG8d/w4J1YTrtVoEwa2jikAqJowIwYGKgMEBQYJBBkwMEhFQURyb2xlLT4xI2FjY291bnQtPjIjMAoGCCqGSM49BAMDA0gAMEUCIQCrUQw2moOA5RFEx/780so4uEOV5esX3fy/It0t2la7gQIgGGVoDoM2kSxWH7TtV4T8W4pY6tN/LXu8XpKWb8+eF0k=

分配"方法需要2个参数，即资产和所有者证书的名称.可以使用以下方法创建新资产:

"assign" method expects 2 parameters the Name for asset and owner certificate. New asset can be created using:

curl -XPOST -d '{"jsonrpc": "2.0", "method": "invoke", "params": {"type": 1, "chaincodeID": {"name": "'"$HASH"'"}, "ctorMsg": {"args": ["assign", "myasset", "MIICkjCCAjigAwIBAgIRAO9nis6q+khvv6TMvhKbmacwCgYIKoZIzj0EAwMwMTELMAkGA1UEBhMCVVMxFDASBgNVBAoTC0h5cGVybGVkZ2VyMQwwCgYDVQQDEwN0Y2EwHhcNMTYwOTE5MjAyMDE5WhcNMTYxMjE4MjAyMDE5WjBFMQswCQYDVQQGEwJVUzEUMBIGA1UEChMLSHlwZXJsZWRnZXIxIDAeBgNVBAMTF1RyYW5zYWN0aW9uIENlcnRpZmljYXRlMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEqop3N0IpJaLVaRuYioSuHPvyWX3OY9vo4I1YYw1YophcFGFt3fN0X6bDlufUZ5/u81JMmZHozduREnNzM1n+gaOCARswggEXMA4GA1UdDwEB/wQEAwIHgDAMBgNVHRMBAf8EAjAAMA0GA1UdDgQGBAQBAgMEMA8GA1UdIwQIMAaABAECAwQwEAYGKgMEBQYKBAZjbGllbnQwFQYGKgMEBQYLBAsyMzQ1Ni02Nzg5MDBNBgYqAwQFBgcBAf8EQNbPDmdWcOogMkZrlxbRJw/06jg4Ai88KW2+BsuxUnIH5FSa3OY7ZsXJLpceIN4SeEWKDKDsIPCo2wm6cUMYApIwOgYGKgMEBQYIBDDikSBKFYtTmYZRhtVDPhnIoSvefWHQ5Vx5oahIRbG8d/w4J1YTrtVoEwa2jikAqJowIwYGKgMEBQYJBBkwMEhFQURyb2xlLT4xI2FjY291bnQtPjIjMAoGCCqGSM49BAMDA0gAMEUCIQCrUQw2moOA5RFEx/780so4uEOV5esX3fy/It0t2la7gQIgGGVoDoM2kSxWH7TtV4T8W4pY6tN/LXu8XpKWb8+eF0k="]}, "metadata":[97, 115, 115, 105, 103, 110, 101, 114], "secureContext": "assigner", "attributes": ["role", "account"]}, "id": 1}' http://localhost:7050/chaincode

尝试再次针对bob运行步骤9中的查询:

Try to run the query from step 9 for bob again:

curl -XPOST -d ‘{"jsonrpc": "2.0", "method": "query", "params": {"type": 1, "chaincodeID": {"name": "'"$HASH"'"}, "ctorMsg": {"args": ["query", "myasset"]}, "secureContext": "bob", "attributes": ["role", "account"]}, "id": 1}' http://localhost:7050/chaincode

您将看到"myasset"已经创建，并且属于帐户"23456-67890"

and you will see that "myasset" is already created, and belongs to account "23456-67890"

使用相同的方法，我们可以找到alice的证书，并将所有者更改为"myasset".

Using the same approach we can find certificate for alice and change the owner for "myasset".

这篇关于运行asset_management.go与运行简单的chaincode(例如chaincode_example02.go)有何不同的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！