From 1c8af68de56962768472a71222a195461154e631 Mon Sep 17 00:00:00 2001 From: Yoav Tock Date: Mon, 2 Jan 2023 18:03:24 +0200 Subject: [PATCH] Encode keys in URLs with base64url raw (#477) Signed-off-by: Yoav Tock --- .gitignore | 6 ++ internal/httphandler/data_request_handler.go | 1 + .../httphandler/data_request_handler_test.go | 62 +++++++++++-- .../ledger_request_handler_test.go | 4 +- internal/httphandler/utils.go | 57 ++++++++++-- internal/utils/http.go | 14 +++ pkg/constants/http.go | 86 ++++++++++++------- pkg/constants/http_test.go | 24 +++--- pkg/server/server_test.go | 2 +- test/data/data_tx_test.go | 4 +- test/queries/ledger_test.go | 8 +- test/queries/provenance_acl_test.go | 4 +- test/queries/provenance_switch_off_test.go | 2 +- test/queries/range_query_test.go | 4 +- test/setup/config_writer.go | 3 - test/user/user_db_acl_test.go | 2 +- 16 files changed, 206 insertions(+), 77 deletions(-) diff --git a/.gitignore b/.gitignore index 945a83ec..ac88657a 100644 --- a/.gitignore +++ b/.gitignore @@ -18,3 +18,9 @@ cmd/bdb/bdb #IDE artifacts .idea + +#Documentation with docusaurus +.docusaurus +node_modules +yarn.lock + diff --git a/internal/httphandler/data_request_handler.go b/internal/httphandler/data_request_handler.go index 0a1806fe..1ffdbc1a 100644 --- a/internal/httphandler/data_request_handler.go +++ b/internal/httphandler/data_request_handler.go @@ -1,5 +1,6 @@ // Copyright IBM Corp. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 + package httphandler import ( diff --git a/internal/httphandler/data_request_handler_test.go b/internal/httphandler/data_request_handler_test.go index 8eac24c8..3d5ea13f 100644 --- a/internal/httphandler/data_request_handler_test.go +++ b/internal/httphandler/data_request_handler_test.go @@ -40,6 +40,19 @@ func TestDataRequestHandler_DataQuery(t *testing.T) { Key: "foo", }) + sigAbc := testutils.SignatureFromQuery(t, aliceSigner, &types.GetDataQuery{ + UserId: submittingUserName, + DbName: dbName, + Key: "abc/def", + }) + + sigKey1 := testutils.SignatureFromQuery(t, aliceSigner, &types.GetDataQuery{ + UserId: submittingUserName, + DbName: dbName, + Key: "key1", + }) + + testCases := []struct { name string requestFactory func() (*http.Request, error) @@ -83,6 +96,41 @@ func TestDataRequestHandler_DataQuery(t *testing.T) { }, expectedStatusCode: http.StatusOK, }, + { + name: "valid get data request - non URL", + expectedResponse: &types.GetDataResponseEnvelope{ + Response: &types.GetDataResponse{ + Header: &types.ResponseHeader{ + NodeId: "testNodeID", + }, + Value: []byte("bar"), + Metadata: &types.Metadata{ + Version: &types.Version{ + TxNum: 1, + BlockNum: 1, + }, + }, + }, + Signature: []byte{0, 0, 0}, + }, + requestFactory: func() (*http.Request, error) { + req, err := http.NewRequest(http.MethodGet, constants.URLForGetData(dbName, "abc/def"), nil) + if err != nil { + return nil, err + } + req.Header.Set(constants.UserHeader, submittingUserName) + req.Header.Set(constants.SignatureHeader, base64.StdEncoding.EncodeToString(sigAbc)) + return req, nil + }, + dbMockFactory: func(response *types.GetDataResponseEnvelope) bcdb.DB { + db := &mocks.DB{} + db.On("GetCertificate", submittingUserName).Return(aliceCert, nil) + db.On("GetData", dbName, submittingUserName, "abc/def").Return(response, nil) + db.On("IsDBExists", dbName).Return(true) + return db + }, + expectedStatusCode: http.StatusOK, + }, { name: "submitting user is not eligible to update the key", requestFactory: func() (*http.Request, error) { @@ -102,29 +150,29 @@ func TestDataRequestHandler_DataQuery(t *testing.T) { return db }, expectedStatusCode: http.StatusForbidden, - expectedErr: "error while processing 'GET /data/test_database/foo' because access forbidden", + expectedErr: "error while processing 'GET /data/test_database/Zm9v' because access forbidden", // "Zm9v" is base64url of "foo" }, { name: "failed to get data", requestFactory: func() (*http.Request, error) { - req, err := http.NewRequest(http.MethodGet, constants.URLForGetData(dbName, "foo"), nil) + req, err := http.NewRequest(http.MethodGet, constants.URLForGetData(dbName, "key1"), nil) if err != nil { return nil, err } req.Header.Set(constants.UserHeader, submittingUserName) - req.Header.Set(constants.SignatureHeader, base64.StdEncoding.EncodeToString(sigFoo)) + req.Header.Set(constants.SignatureHeader, base64.StdEncoding.EncodeToString(sigKey1)) return req, nil }, dbMockFactory: func(response *types.GetDataResponseEnvelope) bcdb.DB { db := &mocks.DB{} db.On("GetCertificate", submittingUserName).Return(aliceCert, nil) db.On("IsDBExists", dbName).Return(true) - db.On("GetData", dbName, submittingUserName, "foo"). + db.On("GetData", dbName, submittingUserName, "key1"). Return(nil, errors.New("failed to get data")) return db }, expectedStatusCode: http.StatusInternalServerError, - expectedErr: "error while processing 'GET /data/test_database/foo' because failed to get data", + expectedErr: "error while processing 'GET /data/test_database/a2V5MQ' because failed to get data", // "a2V5MQ" is base64url of "key1" }, { name: "user doesn't exist", @@ -488,7 +536,7 @@ func TestDataRequestHandler_DataRangeQuery(t *testing.T) { return db }, expectedStatusCode: http.StatusForbidden, - expectedErr: "error while processing 'GET /data/test_database?startkey=\"key1\"&endkey=\"key10\"&limit=10' because access forbidden", + expectedErr: "error while processing 'GET /data/test_database?startkey=a2V5MQ&endkey=a2V5MTA&limit=10' because access forbidden", // "a2V5MQ" and "a2V5MTA" are the base64 url of "key1" and "key10", resp. }, { name: "failed to get data", @@ -510,7 +558,7 @@ func TestDataRequestHandler_DataRangeQuery(t *testing.T) { return db }, expectedStatusCode: http.StatusInternalServerError, - expectedErr: "error while processing 'GET /data/test_database?startkey=\"key1\"&endkey=\"key10\"&limit=10' because failed to get data", + expectedErr: "error while processing 'GET /data/test_database?startkey=a2V5MQ&endkey=a2V5MTA&limit=10' because failed to get data", // "a2V5MQ" and "a2V5MTA" are the base64 url of "key1" and "key10", resp. }, { name: "user doesn't exist", diff --git a/internal/httphandler/ledger_request_handler_test.go b/internal/httphandler/ledger_request_handler_test.go index 845ee901..69fcdc3f 100644 --- a/internal/httphandler/ledger_request_handler_test.go +++ b/internal/httphandler/ledger_request_handler_test.go @@ -879,7 +879,7 @@ func TestDataProofQuery(t *testing.T) { return db }, expectedStatusCode: http.StatusNotFound, - expectedErr: "error while processing 'GET /ledger/proof/data/bdb/key1?block=2' because no proof for block 2, db bdb, key key1, isDeleted false found", + expectedErr: "error while processing 'GET /ledger/proof/data/bdb/a2V5MQ?block=2' because no proof for block 2, db bdb, key key1, isDeleted false found", // "a2V5MQ" is base 64 url of "key1" }, { name: "no key exist, deleted is true", @@ -907,7 +907,7 @@ func TestDataProofQuery(t *testing.T) { return db }, expectedStatusCode: http.StatusNotFound, - expectedErr: "error while processing 'GET /ledger/proof/data/bdb/key1?block=2&deleted=true' because no proof for block 2, db bdb, key key1, isDeleted true found", + expectedErr: "error while processing 'GET /ledger/proof/data/bdb/a2V5MQ?block=2&deleted=true' because no proof for block 2, db bdb, key key1, isDeleted true found", // "a2V5MQ" is base 64 url of "key1" }, { name: "wrong url, block param missing", diff --git a/internal/httphandler/utils.go b/internal/httphandler/utils.go index 9640a706..a5b5f7a1 100644 --- a/internal/httphandler/utils.go +++ b/internal/httphandler/utils.go @@ -32,11 +32,18 @@ func extractVerifiedQueryPayload(w http.ResponseWriter, r *http.Request, queryTy switch queryType { case constants.GetData: + key, err := utils.GetBase64urlKey(params, "key") + if err != nil { + utils.SendHTTPResponse(w, http.StatusBadRequest, &types.HttpResponseErr{ErrMsg: err.Error()}) + return nil, true + } + payload = &types.GetDataQuery{ UserId: querierUserID, DbName: params["dbname"], - Key: params["key"], + Key: key, } + case constants.GetDataRange: limit, err := strconv.ParseUint(params["limit"], 10, 64) if err != nil { @@ -44,11 +51,23 @@ func extractVerifiedQueryPayload(w http.ResponseWriter, r *http.Request, queryTy return nil, true } + startKey, err := utils.GetBase64urlKey(params, "startkey") + if err != nil { + utils.SendHTTPResponse(w, http.StatusBadRequest, &types.HttpResponseErr{ErrMsg: err.Error()}) + return nil, true + } + + endKey, err := utils.GetBase64urlKey(params, "endkey") + if err != nil { + utils.SendHTTPResponse(w, http.StatusBadRequest, &types.HttpResponseErr{ErrMsg: err.Error()}) + return nil, true + } + payload = &types.GetDataRangeQuery{ UserId: querierUserID, DbName: params["dbname"], - StartKey: params["startkey"][1 : len(params["startkey"])-1], - EndKey: params["endkey"][1 : len(params["endkey"])-1], + StartKey: startKey, + EndKey: endKey, Limit: limit, } case constants.GetUser: @@ -144,6 +163,12 @@ func extractVerifiedQueryPayload(w http.ResponseWriter, r *http.Request, queryTy TxIndex: txIndex, } case constants.GetDataProof: + key, err := utils.GetBase64urlKey(params, "key") + if err != nil { + utils.SendHTTPResponse(w, http.StatusBadRequest, err) + return nil, true + } + blockNum, err := utils.GetBlockNum(params) if err != nil { utils.SendHTTPResponse(w, http.StatusBadRequest, err) @@ -163,7 +188,7 @@ func extractVerifiedQueryPayload(w http.ResponseWriter, r *http.Request, queryTy UserId: querierUserID, BlockNumber: blockNum, DbName: params["dbname"], - Key: params["key"], + Key: key, IsDeleted: deleted, } case constants.GetTxReceipt: @@ -172,6 +197,12 @@ func extractVerifiedQueryPayload(w http.ResponseWriter, r *http.Request, queryTy TxId: params["txId"], } case constants.GetHistoricalData: + key, err := utils.GetBase64urlKey(params, "key") + if err != nil { + utils.SendHTTPResponse(w, http.StatusBadRequest, err) + return nil, true + } + version, err := utils.GetVersion(params) if err != nil { utils.SendHTTPResponse(w, http.StatusBadRequest, err) @@ -191,23 +222,35 @@ func extractVerifiedQueryPayload(w http.ResponseWriter, r *http.Request, queryTy payload = &types.GetHistoricalDataQuery{ UserId: querierUserID, DbName: params["dbname"], - Key: params["key"], + Key: key, Version: version, Direction: params["direction"], OnlyDeletes: isOnlyDeletesSet, MostRecent: isMostRecentSet, } case constants.GetDataReaders: + key, err := utils.GetBase64urlKey(params, "key") + if err != nil { + utils.SendHTTPResponse(w, http.StatusBadRequest, err) + return nil, true + } + payload = &types.GetDataReadersQuery{ UserId: querierUserID, DbName: params["dbname"], - Key: params["key"], + Key: key, } case constants.GetDataWriters: + key, err := utils.GetBase64urlKey(params, "key") + if err != nil { + utils.SendHTTPResponse(w, http.StatusBadRequest, err) + return nil, true + } + payload = &types.GetDataWritersQuery{ UserId: querierUserID, DbName: params["dbname"], - Key: params["key"], + Key: key, } case constants.GetDataReadBy: payload = &types.GetDataReadByQuery{ diff --git a/internal/utils/http.go b/internal/utils/http.go index 579928e4..45a26acf 100644 --- a/internal/utils/http.go +++ b/internal/utils/http.go @@ -4,6 +4,7 @@ package utils import ( + "encoding/base64" "encoding/json" "fmt" "log" @@ -126,3 +127,16 @@ func GetVersion(params map[string]string) (*types.Version, error) { TxNum: txNum, }, nil } + +func GetBase64urlKey(params map[string]string, name string) (string, error) { + base64urlKey, ok := params[name] + if !ok { + return "", &types.HttpResponseErr{ErrMsg: fmt.Sprintf("Missing key: %s (in base64 URL encoding)", name)} + } + keyBytes, err := base64.RawURLEncoding.DecodeString(base64urlKey) + if err != nil { + return "", &types.HttpResponseErr{ErrMsg: fmt.Sprintf("Failed to decode base64 URL key: %s: %s", name, err.Error())} + } + + return string(keyBytes), nil +} diff --git a/pkg/constants/http.go b/pkg/constants/http.go index 068c6187..6e1ca16c 100644 --- a/pkg/constants/http.go +++ b/pkg/constants/http.go @@ -4,6 +4,7 @@ package constants import ( + "encoding/base64" "fmt" "path" "regexp" @@ -37,7 +38,8 @@ const ( GetUser = "/user/{userid}" PostUserTx = "/user/tx" - DataEndpoint = "/data/" + DataEndpoint = "/data/" + // GetData Keys in URLs are expected to be encoded in base64 URL encoding without padding. GetData = "/data/{dbname:" + `[0-9a-zA-Z_\-\.]+` + "}/{key}" GetDataRange = "/data/{dbname:" + `[0-9a-zA-Z_\-\.]+` + "}" PostDataTx = "/data/tx" @@ -63,12 +65,16 @@ const ( GetTxProofPrefix = "/ledger/proof/tx" GetTxProof = "/ledger/proof/tx/{blockId:[0-9]+}" GetDataProofPrefix = "/ledger/proof/data" - GetDataProof = "/ledger/proof/data/{dbname:" + `[0-9a-zA-Z_\-\.]+` + "}/{key}" - GetTxReceipt = "/ledger/tx/receipt/{txId}" - - ProvenanceEndpoint = "/provenance/" - GetHistoricalData = "/provenance/data/history/{dbname}/{key}" - GetDataReaders = "/provenance/data/readers/{dbname}/{key}" + // GetDataProof Keys in URLs are expected to be encoded in base64 URL encoding without padding. + GetDataProof = "/ledger/proof/data/{dbname:" + `[0-9a-zA-Z_\-\.]+` + "}/{key}" + GetTxReceipt = "/ledger/tx/receipt/{txId}" + + ProvenanceEndpoint = "/provenance/" + // GetHistoricalData Keys in URLs are expected to be encoded in base64 URL encoding without padding. + GetHistoricalData = "/provenance/data/history/{dbname}/{key}" + // GetDataReaders Keys in URLs are expected to be encoded in base64 URL encoding without padding. + GetDataReaders = "/provenance/data/readers/{dbname}/{key}" + // GetDataWriters Keys in URLs are expected to be encoded in base64 URL encoding without padding. GetDataWriters = "/provenance/data/writers/{dbname}/{key}" GetDataReadBy = "/provenance/data/read/{userId}" GetDataWrittenBy = "/provenance/data/written/{userId}" @@ -77,17 +83,20 @@ const ( GetMostRecentUserOrNode = "/provenance/{type:user|node}/{id}" ) -// URLForGetData returns url for GET request to retrieve -// value of the key present in the dbName +// URLForGetData returns url for GET request to retrieve value of the key present in the dbName. +// Keys in URLs are expected to be encoded in base64 URL encoding without padding. func URLForGetData(dbName, key string) string { - return DataEndpoint + path.Join(dbName, key) + base64urlKey := base64.RawURLEncoding.EncodeToString([]byte(key)) + return DataEndpoint + path.Join(dbName, base64urlKey) } -// URLForGetDataRange returns url for GET request to retrieve -// a range of values. +// URLForGetDataRange returns url for GET request to retrieve a range of values. +// Keys in URLs are encoded in base64 URL encoding without padding. func URLForGetDataRange(dbName, startKey, endKey string, limit uint64) string { + base64urlStartKey := base64.RawURLEncoding.EncodeToString([]byte(startKey)) + base64urlEndKey := base64.RawURLEncoding.EncodeToString([]byte(endKey)) return path.Join(DataEndpoint, dbName) + - fmt.Sprintf("?startkey=\"%s\"&endkey=\"%s\"&limit=%d", startKey, endKey, limit) + fmt.Sprintf("?startkey=%s&endkey=%s&limit=%d", base64urlStartKey, base64urlEndKey, limit) } // URLForJSONQuery returns url for GET request to retrieve @@ -140,70 +149,81 @@ func URLTxProof(blockNum uint64, txIdx uint64) string { return LedgerEndpoint + fmt.Sprintf("proof/tx/%d?idx=%d", blockNum, txIdx) } +// URLDataProof returns URL for GET request to retrieve a data existence proof. +// Keys in URLs are encoded in base64 URL encoding without padding. func URLDataProof(blockNum uint64, dbname, key string, deleted bool) string { + base64urlKey := base64.RawURLEncoding.EncodeToString([]byte(key)) if deleted { - return LedgerEndpoint + fmt.Sprintf("proof/data/%s/%s?block=%d&deleted=%t", dbname, key, blockNum, deleted) + return LedgerEndpoint + fmt.Sprintf("proof/data/%s/%s?block=%d&deleted=%t", dbname, base64urlKey, blockNum, deleted) } - return LedgerEndpoint + fmt.Sprintf("proof/data/%s/%s?block=%d", dbname, key, blockNum) + return LedgerEndpoint + fmt.Sprintf("proof/data/%s/%s?block=%d", dbname, base64urlKey, blockNum) } func URLForNodeConfigPath(nodeID string) string { return path.Join(GetNodeConfigPath, nodeID) } -// URLForGetHistoricalData returns url for GET request to -// retrieve all values associated with a given key on a database +// URLForGetHistoricalData returns url for GET request to retrieve all values associated with a given key on a database. +// Keys in URLs are encoded in base64 URL encoding without padding. func URLForGetHistoricalData(dbName, key string) string { - return ProvenanceEndpoint + path.Join("data", "history", dbName, key) + base64urlKey := base64.RawURLEncoding.EncodeToString([]byte(key)) + return ProvenanceEndpoint + path.Join("data", "history", dbName, base64urlKey) } -// URLForGetHistoricalDeletedData returns url for GET request to -// retrieve all deleted values associated with a given key on a database +// URLForGetHistoricalDeletedData returns url for GET request to retrieve all deleted values associated with a given +// key on a database. +// Keys in URLs are encoded in base64 URL encoding without padding. func URLForGetHistoricalDeletedData(dbName, key string) string { - return ProvenanceEndpoint + path.Join("data", "history", dbName, key) + "?onlydeletes=true" + return URLForGetHistoricalData(dbName, key) + "?onlydeletes=true" } -// URLForGetHistoricalDataAt returns url for GET request to -// retrieve a value at a particular version for a given key on a database +// URLForGetHistoricalDataAt returns url for GET request to retrieve a value at a particular version for a given key on +// a database. +// Keys in URLs are encoded in base64 URL encoding without padding. func URLForGetHistoricalDataAt(dbName, key string, version *types.Version) string { - return ProvenanceEndpoint + path.Join("data", "history", dbName, key) + + return URLForGetHistoricalData(dbName, key) + fmt.Sprintf("?blocknumber=%d&transactionnumber=%d", version.BlockNum, version.TxNum) } // URLForGetHistoricalDataAtOrBelow returns url for GET request to // retrieve a most recent value at a particular version for a given key on a database +// Keys in URLs are encoded in base64 URL encoding without padding. func URLForGetHistoricalDataAtOrBelow(dbName, key string, version *types.Version) string { - return ProvenanceEndpoint + path.Join("data", "history", dbName, key) + + return URLForGetHistoricalData(dbName, key) + fmt.Sprintf("?blocknumber=%d&transactionnumber=%d", version.BlockNum, version.TxNum) + fmt.Sprintf("&mostrecent=true") } // URLForGetPreviousHistoricalData returns url for GET request to // retrieve previous values for a given key on a database from a particular version +// Keys in URLs are encoded in base64 URL encoding without padding. func URLForGetPreviousHistoricalData(dbName, key string, version *types.Version) string { - return ProvenanceEndpoint + path.Join("data", "history", dbName, key) + + return URLForGetHistoricalData(dbName, key) + fmt.Sprintf("?blocknumber=%d&transactionnumber=%d", version.BlockNum, version.TxNum) + "&direction=previous" } // URLForGetNextHistoricalData returns url for GET request to // retrieve next values for a given key on a database from a particular version +// Keys in URLs are encoded in base64 URL encoding without padding. func URLForGetNextHistoricalData(dbName, key string, version *types.Version) string { - return ProvenanceEndpoint + path.Join("data", "history", dbName, key) + + return URLForGetHistoricalData(dbName, key) + fmt.Sprintf("?blocknumber=%d&transactionnumber=%d", version.BlockNum, version.TxNum) + "&direction=next" } -// URLForGetDataReaders returns url for GET request to -// retrive all users who have read a given key from a database +// URLForGetDataReaders returns url for GET request to retrieve all users who have read a given key from a database. +// Keys in URLs are encoded in base64 URL encoding without padding. func URLForGetDataReaders(dbName, key string) string { - return ProvenanceEndpoint + path.Join("data", "readers", dbName, key) + base64urlKey := base64.RawURLEncoding.EncodeToString([]byte(key)) + return ProvenanceEndpoint + path.Join("data", "readers", dbName, base64urlKey) } -// URLForGetDataWriters returns url for GET request to -// retrive all users who have written a given key from a database +// URLForGetDataWriters returns url for GET request to retrieve all users who have written a given key from a database. +// Keys in URLs are encoded in base64 URL encoding without padding. func URLForGetDataWriters(dbName, key string) string { - return ProvenanceEndpoint + path.Join("data", "writers", dbName, key) + base64urlKey := base64.RawURLEncoding.EncodeToString([]byte(key)) + return ProvenanceEndpoint + path.Join("data", "writers", dbName, base64urlKey) } // URLForGetDataReadBy returns url for GET request to diff --git a/pkg/constants/http_test.go b/pkg/constants/http_test.go index a61c613a..3e7846f5 100644 --- a/pkg/constants/http_test.go +++ b/pkg/constants/http_test.go @@ -25,14 +25,14 @@ func TestURLConstruction(t *testing.T) { execute: func() string { return URLForGetData("db1", "key1") }, - expectedURL: "/data/db1/key1", + expectedURL: "/data/db1/a2V5MQ", }, { name: "GetDataRange", execute: func() string { return URLForGetDataRange("db1", "key1", "key10", 10) }, - expectedURL: "/data/db1?startkey=\"key1\"&endkey=\"key10\"&limit=10", + expectedURL: "/data/db1?startkey=a2V5MQ&endkey=a2V5MTA&limit=10", }, { name: "JSONQuery", @@ -116,28 +116,28 @@ func TestURLConstruction(t *testing.T) { execute: func() string { return URLDataProof(1, "db1", "key", false) }, - expectedURL: "/ledger/proof/data/db1/key?block=1", + expectedURL: "/ledger/proof/data/db1/a2V5?block=1", }, { name: "URLDataProof deleted true", execute: func() string { return URLDataProof(1, "db1", "key", true) }, - expectedURL: "/ledger/proof/data/db1/key?block=1&deleted=true", + expectedURL: "/ledger/proof/data/db1/a2V5?block=1&deleted=true", }, { name: "URLForGetHistoricalData", execute: func() string { return URLForGetHistoricalData("db1", "key1") }, - expectedURL: "/provenance/data/history/db1/key1", + expectedURL: "/provenance/data/history/db1/a2V5MQ", }, { name: "URLForGetHistoricalDeletedData", execute: func() string { return URLForGetHistoricalDeletedData("db1", "key1") }, - expectedURL: "/provenance/data/history/db1/key1?onlydeletes=true", + expectedURL: "/provenance/data/history/db1/a2V5MQ?onlydeletes=true", }, { name: "URLForGetHistoricalDataAt", @@ -147,7 +147,7 @@ func TestURLConstruction(t *testing.T) { TxNum: 5, }) }, - expectedURL: "/provenance/data/history/db2/key2?blocknumber=10&transactionnumber=5", + expectedURL: "/provenance/data/history/db2/a2V5Mg?blocknumber=10&transactionnumber=5", }, { name: "URLForGetHistoricalDataAtOrBelow", @@ -157,7 +157,7 @@ func TestURLConstruction(t *testing.T) { TxNum: 5, }) }, - expectedURL: "/provenance/data/history/db2/key2?blocknumber=10&transactionnumber=5&mostrecent=true", + expectedURL: "/provenance/data/history/db2/a2V5Mg?blocknumber=10&transactionnumber=5&mostrecent=true", }, { name: "URLForPreviousGetHistoricalData", @@ -167,7 +167,7 @@ func TestURLConstruction(t *testing.T) { TxNum: 6, }) }, - expectedURL: "/provenance/data/history/db3/key3?blocknumber=12&transactionnumber=6&direction=previous", + expectedURL: "/provenance/data/history/db3/a2V5Mw?blocknumber=12&transactionnumber=6&direction=previous", }, { name: "URLForNextGetHistoricalData", @@ -177,21 +177,21 @@ func TestURLConstruction(t *testing.T) { TxNum: 16, }) }, - expectedURL: "/provenance/data/history/db4/key4?blocknumber=22&transactionnumber=16&direction=next", + expectedURL: "/provenance/data/history/db4/a2V5NA?blocknumber=22&transactionnumber=16&direction=next", }, { name: "URLForGetDataReaders", execute: func() string { return URLForGetDataReaders("db5", "key5") }, - expectedURL: "/provenance/data/readers/db5/key5", + expectedURL: "/provenance/data/readers/db5/a2V5NQ", }, { name: "URLForGetDataWriters", execute: func() string { return URLForGetDataWriters("db6", "key6") }, - expectedURL: "/provenance/data/writers/db6/key6", + expectedURL: "/provenance/data/writers/db6/a2V5Ng", }, { name: "URLForGetDataReadBy", diff --git a/pkg/server/server_test.go b/pkg/server/server_test.go index 2f0e5196..940ae369 100644 --- a/pkg/server/server_test.go +++ b/pkg/server/server_test.go @@ -600,7 +600,7 @@ func TestServerWithDataRequestAndProvenanceOff(t *testing.T) { Signature: testutils.SignatureFromQuery(t, env.adminSigner, provenanceQuery), }, ) - require.EqualError(t, err, "error while processing 'GET /provenance/data/history/bdb/foo' because provenance store is disabled on this server") + require.EqualError(t, err, "error while processing 'GET /provenance/data/history/bdb/Zm9v' because provenance store is disabled on this server") env.serverConfig.LocalConfig.Server.Provenance.Disabled = false diff --git a/test/data/data_tx_test.go b/test/data/data_tx_test.go index c75a474a..e0be66b2 100644 --- a/test/data/data_tx_test.go +++ b/test/data/data_tx_test.go @@ -646,7 +646,7 @@ func TestDataTx(t *testing.T) { require.Equal(t, []byte("key5constantValue"), resp.GetResponse().GetValue()) _, err = s.QueryData(t, "db1", "key5", "bob") - require.EqualError(t, err, "error while processing 'GET /data/db1/key5' because the user [bob] has no permission to read key [key5] from database [db1]") + require.EqualError(t, err, "error while processing 'GET /data/db1/a2V5NQ' because the user [bob] has no permission to read key [key5] from database [db1]") }) t.Run("invalid: inadequate signature error", func(t *testing.T) { @@ -1513,7 +1513,7 @@ func TestAsyncDataTx(t *testing.T) { require.Equal(t, []byte("keyF3-constantValue"), resp.GetResponse().GetValue()) _, err = s.QueryData(t, "db1", "keyF3", "bob") - require.EqualError(t, err, "error while processing 'GET /data/db1/keyF3' because the user [bob] has no permission to read key [keyF3] from database [db1]") + require.EqualError(t, err, "error while processing 'GET /data/db1/a2V5RjM' because the user [bob] has no permission to read key [keyF3] from database [db1]") }) t.Run("invalid: inadequate signature error", func(t *testing.T) { diff --git a/test/queries/ledger_test.go b/test/queries/ledger_test.go index efe58582..a774aa15 100644 --- a/test/queries/ledger_test.go +++ b/test/queries/ledger_test.go @@ -709,25 +709,25 @@ func TestLedgerDataProof(t *testing.T) { t.Run("invalid: non-existing key", func(t *testing.T) { respEnv, err := s.GetDataProof(t, worldstate.DefaultDBName, "key8", "admin", 3, false) - require.EqualError(t, err, "error while issuing /ledger/proof/data/bdb/key8?block=3: error while processing 'GET /ledger/proof/data/bdb/key8?block=3' because no proof for block 3, db bdb, key key8, isDeleted false found") + require.EqualError(t, err, "error while issuing /ledger/proof/data/bdb/a2V5OA?block=3: error while processing 'GET /ledger/proof/data/bdb/a2V5OA?block=3' because no proof for block 3, db bdb, key key8, isDeleted false found") require.Nil(t, respEnv) }) t.Run("invalid: block out of range", func(t *testing.T) { respEnv, err := s.GetDataProof(t, worldstate.DefaultDBName, "key1", "admin", 10, false) - require.EqualError(t, err, "error while issuing /ledger/proof/data/bdb/key1?block=10: error while processing 'GET /ledger/proof/data/bdb/key1?block=10' because block not found: 10") + require.EqualError(t, err, "error while issuing /ledger/proof/data/bdb/a2V5MQ?block=10: error while processing 'GET /ledger/proof/data/bdb/a2V5MQ?block=10' because block not found: 10") require.Nil(t, respEnv) }) t.Run("invalid: isDeleted true but key still exists in the db", func(t *testing.T) { respEnv, err := s.GetDataProof(t, worldstate.DefaultDBName, "key1", "admin", rcpt2.GetHeader().GetBaseHeader().GetNumber(), true) - require.EqualError(t, err, "error while issuing /ledger/proof/data/bdb/key1?block=7&deleted=true: error while processing 'GET /ledger/proof/data/bdb/key1?block=7&deleted=true' because no proof for block 7, db bdb, key key1, isDeleted true found") + require.EqualError(t, err, "error while issuing /ledger/proof/data/bdb/a2V5MQ?block=7&deleted=true: error while processing 'GET /ledger/proof/data/bdb/a2V5MQ?block=7&deleted=true' because no proof for block 7, db bdb, key key1, isDeleted true found") require.Nil(t, respEnv) }) t.Run("invalid: key is in the db but in a different block", func(t *testing.T) { respEnv, err := s.GetDataProof(t, worldstate.DefaultDBName, "key3", "admin", 1, true) - require.EqualError(t, err, "error while issuing /ledger/proof/data/bdb/key3?block=1&deleted=true: error while processing 'GET /ledger/proof/data/bdb/key3?block=1&deleted=true' because no proof for block 1, db bdb, key key3, isDeleted true found") + require.EqualError(t, err, "error while issuing /ledger/proof/data/bdb/a2V5Mw?block=1&deleted=true: error while processing 'GET /ledger/proof/data/bdb/a2V5Mw?block=1&deleted=true' because no proof for block 1, db bdb, key key3, isDeleted true found") require.Nil(t, respEnv) }) diff --git a/test/queries/provenance_acl_test.go b/test/queries/provenance_acl_test.go index 13f0d2dd..35892491 100644 --- a/test/queries/provenance_acl_test.go +++ b/test/queries/provenance_acl_test.go @@ -102,10 +102,10 @@ func TestProvenanceACL(t *testing.T) { require.NotNil(t, historyResp) historyResp, err = s.GetValueAt(t, "db1", "key1", "bob", statusRes.GetResponse().GetVersion()) - require.EqualError(t, err, "error while processing 'GET /provenance/data/history/db1/key1?blocknumber=1&transactionnumber=0' because The querier [bob] is not an admin. Only an admin can query historical data") + require.EqualError(t, err, "error while processing 'GET /provenance/data/history/db1/a2V5MQ?blocknumber=1&transactionnumber=0' because The querier [bob] is not an admin. Only an admin can query historical data") require.Nil(t, historyResp) historyResp, err = s.GetPreviousValues(t, "db1", "key1", "alice", statusRes.GetResponse().GetVersion()) - require.EqualError(t, err, "error while processing 'GET /provenance/data/history/db1/key1?blocknumber=1&transactionnumber=0&direction=previous' because The querier [alice] is not an admin. Only an admin can query historical data") + require.EqualError(t, err, "error while processing 'GET /provenance/data/history/db1/a2V5MQ?blocknumber=1&transactionnumber=0&direction=previous' because The querier [alice] is not an admin. Only an admin can query historical data") require.Nil(t, historyResp) } diff --git a/test/queries/provenance_switch_off_test.go b/test/queries/provenance_switch_off_test.go index e4fa7665..307572bc 100644 --- a/test/queries/provenance_switch_off_test.go +++ b/test/queries/provenance_switch_off_test.go @@ -55,7 +55,7 @@ func TestProvenanceSwitchOff(t *testing.T) { // provenance queries to node-3 return error s2 := c.Servers[2] _, err = s2.GetAllValues(t, worldstate.DefaultDBName, "key-1", "admin") - require.EqualError(t, err, "error while processing 'GET /provenance/data/history/bdb/key-1' because provenance store is disabled on this server") + require.EqualError(t, err, "error while processing 'GET /provenance/data/history/bdb/a2V5LTE' because provenance store is disabled on this server") _, err = s2.GetValuesReadByUser(t, "admin", "admin") require.EqualError(t, err, "error while processing 'GET /provenance/data/read/admin' because provenance store is disabled on this server") diff --git a/test/queries/range_query_test.go b/test/queries/range_query_test.go index 75c9725e..614b71c3 100644 --- a/test/queries/range_query_test.go +++ b/test/queries/range_query_test.go @@ -207,8 +207,8 @@ func TestInvalidRangeQuery(t *testing.T) { insertDataAlphabet(t, s) res, err := s.QueryDataRange(t, "admin", worldstate.DefaultDBName, "key-a", "key-z", 100) - require.EqualError(t, err, "error while issuing /data/bdb?startkey=\"key-a\"&endkey=\"key-z\"&limit=100: "+ - "error while processing 'GET /data/bdb?startkey=\"key-a\"&endkey=\"key-z\"&limit=100' because "+ + require.EqualError(t, err, "error while issuing /data/bdb?startkey=a2V5LWE&endkey=a2V5LXo&limit=100: "+ + "error while processing 'GET /data/bdb?startkey=a2V5LWE&endkey=a2V5LXo&limit=100' because "+ "response size limit for queries is configured as 10 bytes but a single record size itself is 14 bytes. "+ "Increase the query response size limit at the server") require.Nil(t, res) diff --git a/test/setup/config_writer.go b/test/setup/config_writer.go index ba0b53b6..1f5d8824 100644 --- a/test/setup/config_writer.go +++ b/test/setup/config_writer.go @@ -1,7 +1,6 @@ package setup import ( - "fmt" "io/ioutil" "strings" @@ -19,8 +18,6 @@ func WriteLocalConfig(localConfig *config.LocalConfiguration, localConfigYamlFil // WriteSharedConfig writes the shared config object to a YAML file. // Provide full path with .yml suffix. func WriteSharedConfig(sharedConfig *config.SharedConfiguration, sharedConfigYamlFile string) error { - fmt.Printf(">>> shared config\n %+v \n", sharedConfig) - return WriteConfigAsYaml(sharedConfig, sharedConfigYamlFile) } diff --git a/test/user/user_db_acl_test.go b/test/user/user_db_acl_test.go index ea73c24e..1b1b922e 100644 --- a/test/user/user_db_acl_test.go +++ b/test/user/user_db_acl_test.go @@ -151,7 +151,7 @@ func TestUserACLOnDatabase(t *testing.T) { Signature: testutils.SignatureFromQuery(t, aliceSigner, query), }, ) - require.EqualError(t, err, "error while processing 'GET /data/db3/key1' because the user [alice] has no permission to read from database [db3]") + require.EqualError(t, err, "error while processing 'GET /data/db3/a2V5MQ' because the user [alice] has no permission to read from database [db3]") }) t.Run("write to db3 would fail", func(t *testing.T) {