From 457875bf6f149aaede67192b5e491ee9fb897888 Mon Sep 17 00:00:00 2001 From: Simon Stone Date: Mon, 9 Oct 2017 10:52:06 +0100 Subject: [PATCH] Add network admin ACL rules, bump Composer version to 0.14.0 (#100) Signed-off-by: Simon Stone --- packages/animaltracking-network/package.json | 6 +++--- .../animaltracking-network/permissions.acl | 16 ++++++++++++++++ packages/basic-sample-network/package.json | 12 ++++++------ packages/basic-sample-network/permissions.acl | 16 ++++++++++++++++ packages/bond-network/package.json | 10 +++++----- packages/bond-network/permissions.acl | 18 +++++++++++++++++- packages/carauction-network/package.json | 10 +++++----- packages/carauction-network/permissions.acl | 18 +++++++++++++++++- packages/digitalproperty-network/package.json | 10 +++++----- .../digitalproperty-network/permissions.acl | 16 ++++++++++++++++ packages/marbles-network/package.json | 10 +++++----- packages/marbles-network/permissions.acl | 16 ++++++++++++++++ packages/perishable-network/package.json | 10 +++++----- packages/perishable-network/permissions.acl | 16 ++++++++++++++++ packages/pii-network/package.json | 10 +++++----- packages/pii-network/permissions.acl | 16 ++++++++++++++++ packages/trade-network/package.json | 10 +++++----- packages/trade-network/permissions.acl | 16 ++++++++++++++++ .../vehicle-lifecycle-network/package.json | 10 +++++----- .../vehicle-lifecycle-network/permissions.acl | 16 ++++++++++++++++ 20 files changed, 211 insertions(+), 51 deletions(-) diff --git a/packages/animaltracking-network/package.json b/packages/animaltracking-network/package.json index c930f8f..a930bf2 100644 --- a/packages/animaltracking-network/package.json +++ b/packages/animaltracking-network/package.json @@ -1,6 +1,6 @@ { "engines": { - "composer": "^0.11.0 || ^0.12.0 || ^0.13.0" + "composer": "^0.14.0" }, "name": "animaltracking-network", "version": "0.1.10", @@ -36,8 +36,8 @@ "devDependencies": { "browserfs": "^1.2.0", "chai": "^3.5.0", - "composer-cli": "^0.11.0", - "composer-connector-embedded": "^0.11.0", + "composer-cli": "^0.14.0-0", + "composer-connector-embedded": "^0.14.0-0", "eslint": "^3.6.1", "jsdoc": "^3.4.1", "license-check": "^1.1.5", diff --git a/packages/animaltracking-network/permissions.acl b/packages/animaltracking-network/permissions.acl index 90ef3b6..1aa6acb 100644 --- a/packages/animaltracking-network/permissions.acl +++ b/packages/animaltracking-network/permissions.acl @@ -15,4 +15,20 @@ rule SystemACL { operation: ALL resource: "org.hyperledger.composer.system.**" action: ALLOW +} + +rule NetworkAdminUser { + description: "Grant business network administrators full access to user resources" + participant: "org.hyperledger.composer.system.NetworkAdmin" + operation: ALL + resource: "**" + action: ALLOW +} + +rule NetworkAdminSystem { + description: "Grant business network administrators full access to system resources" + participant: "org.hyperledger.composer.system.NetworkAdmin" + operation: ALL + resource: "org.hyperledger.composer.system.**" + action: ALLOW } \ No newline at end of file diff --git a/packages/basic-sample-network/package.json b/packages/basic-sample-network/package.json index 761f79a..63fd2e5 100644 --- a/packages/basic-sample-network/package.json +++ b/packages/basic-sample-network/package.json @@ -1,6 +1,6 @@ { "engines": { - "composer": "^0.11.0 || ^0.12.0 || ^0.13.0" + "composer": "^0.14.0" }, "name": "basic-sample-network", "version": "0.1.10", @@ -34,11 +34,11 @@ "browserfs": "^1.2.0", "chai": "^3.5.0", "chai-as-promised": "^6.0.0", - "composer-admin": "^0.11.0", - "composer-cli": "^0.11.0", - "composer-client": "^0.11.0", - "composer-connector-embedded": "^0.11.0", - "composer-cucumber-steps": "^0.11.0", + "composer-admin": "^0.14.0-0", + "composer-cli": "^0.14.0-0", + "composer-client": "^0.14.0-0", + "composer-connector-embedded": "^0.14.0-0", + "composer-cucumber-steps": "^0.14.0-0", "cucumber": "^2.2.0", "eslint": "^3.6.1", "istanbul": "^0.4.5", diff --git a/packages/basic-sample-network/permissions.acl b/packages/basic-sample-network/permissions.acl index f69af0e..1650245 100644 --- a/packages/basic-sample-network/permissions.acl +++ b/packages/basic-sample-network/permissions.acl @@ -32,4 +32,20 @@ rule SystemACL { operation: ALL resource: "org.hyperledger.composer.system.**" action: ALLOW +} + +rule NetworkAdminUser { + description: "Grant business network administrators full access to user resources" + participant: "org.hyperledger.composer.system.NetworkAdmin" + operation: ALL + resource: "**" + action: ALLOW +} + +rule NetworkAdminSystem { + description: "Grant business network administrators full access to system resources" + participant: "org.hyperledger.composer.system.NetworkAdmin" + operation: ALL + resource: "org.hyperledger.composer.system.**" + action: ALLOW } \ No newline at end of file diff --git a/packages/bond-network/package.json b/packages/bond-network/package.json index bed2738..d2472e0 100644 --- a/packages/bond-network/package.json +++ b/packages/bond-network/package.json @@ -1,6 +1,6 @@ { "engines": { - "composer": "^0.11.0 || ^0.12.0 || ^0.13.0" + "composer": "^0.14.0" }, "name": "bond-network", "version": "0.1.10", @@ -34,10 +34,10 @@ "devDependencies": { "browserfs": "^1.2.0", "chai": "^3.5.0", - "composer-admin": "^0.11.0", - "composer-cli": "^0.11.0", - "composer-client": "^0.11.0", - "composer-connector-embedded": "^0.11.0", + "composer-admin": "^0.14.0-0", + "composer-cli": "^0.14.0-0", + "composer-client": "^0.14.0-0", + "composer-connector-embedded": "^0.14.0-0", "eslint": "^3.6.1", "istanbul": "^0.4.5", "jsdoc": "^3.4.1", diff --git a/packages/bond-network/permissions.acl b/packages/bond-network/permissions.acl index 6bef328..0b5b1e0 100644 --- a/packages/bond-network/permissions.acl +++ b/packages/bond-network/permissions.acl @@ -6,7 +6,7 @@ rule Issuer { participant(i): "org.acme.bond.Issuer" operation: ALL resource(a): "org.acme.bond.BondAsset" - condition: (a.bond.issuer.memberId === i.memberId) + condition: (a.bond.issuer.memberId === i.memberId) action: ALLOW } @@ -24,4 +24,20 @@ rule SystemACL { operation: ALL resource: "org.hyperledger.composer.system.**" action: ALLOW +} + +rule NetworkAdminUser { + description: "Grant business network administrators full access to user resources" + participant: "org.hyperledger.composer.system.NetworkAdmin" + operation: ALL + resource: "**" + action: ALLOW +} + +rule NetworkAdminSystem { + description: "Grant business network administrators full access to system resources" + participant: "org.hyperledger.composer.system.NetworkAdmin" + operation: ALL + resource: "org.hyperledger.composer.system.**" + action: ALLOW } \ No newline at end of file diff --git a/packages/carauction-network/package.json b/packages/carauction-network/package.json index a9a505c..c8e3b4d 100644 --- a/packages/carauction-network/package.json +++ b/packages/carauction-network/package.json @@ -1,6 +1,6 @@ { "engines": { - "composer": "^0.11.0 || ^0.12.0 || ^0.13.0" + "composer": "^0.14.0" }, "name": "carauction-network", "version": "0.1.10", @@ -33,10 +33,10 @@ "devDependencies": { "browserfs": "^1.2.0", "chai": "^3.5.0", - "composer-admin": "^0.11.0", - "composer-cli": "^0.11.0", - "composer-client": "^0.11.0", - "composer-connector-embedded": "^0.11.0", + "composer-admin": "^0.14.0-0", + "composer-cli": "^0.14.0-0", + "composer-client": "^0.14.0-0", + "composer-connector-embedded": "^0.14.0-0", "eslint": "^3.6.1", "istanbul": "^0.4.5", "jsdoc": "^3.4.1", diff --git a/packages/carauction-network/permissions.acl b/packages/carauction-network/permissions.acl index 559e3d1..08d5e30 100644 --- a/packages/carauction-network/permissions.acl +++ b/packages/carauction-network/permissions.acl @@ -40,5 +40,21 @@ rule SystemACL { participant: "org.hyperledger.composer.system.Participant" operation: ALL resource: "org.hyperledger.composer.system.**" - action: ALLOW + action: ALLOW +} + +rule NetworkAdminUser { + description: "Grant business network administrators full access to user resources" + participant: "org.hyperledger.composer.system.NetworkAdmin" + operation: ALL + resource: "**" + action: ALLOW +} + +rule NetworkAdminSystem { + description: "Grant business network administrators full access to system resources" + participant: "org.hyperledger.composer.system.NetworkAdmin" + operation: ALL + resource: "org.hyperledger.composer.system.**" + action: ALLOW } \ No newline at end of file diff --git a/packages/digitalproperty-network/package.json b/packages/digitalproperty-network/package.json index c4a3b17..d077c1c 100644 --- a/packages/digitalproperty-network/package.json +++ b/packages/digitalproperty-network/package.json @@ -1,6 +1,6 @@ { "engines": { - "composer": "^0.11.0 || ^0.12.0 || ^0.13.0" + "composer": "^0.14.0" }, "name": "digitalproperty-network", "version": "0.1.10", @@ -32,10 +32,10 @@ "devDependencies": { "browserfs": "^1.2.0", "chai": "^3.5.0", - "composer-admin": "^0.11.0", - "composer-cli": "^0.11.0", - "composer-client": "^0.11.0", - "composer-connector-embedded": "^0.11.0", + "composer-admin": "^0.14.0-0", + "composer-cli": "^0.14.0-0", + "composer-client": "^0.14.0-0", + "composer-connector-embedded": "^0.14.0-0", "eslint": "^3.6.1", "istanbul": "^0.4.5", "jsdoc": "^3.4.1", diff --git a/packages/digitalproperty-network/permissions.acl b/packages/digitalproperty-network/permissions.acl index 69ca486..a23661a 100644 --- a/packages/digitalproperty-network/permissions.acl +++ b/packages/digitalproperty-network/permissions.acl @@ -15,4 +15,20 @@ rule SystemACL { operation: ALL resource: "org.hyperledger.composer.system.**" action: ALLOW +} + +rule NetworkAdminUser { + description: "Grant business network administrators full access to user resources" + participant: "org.hyperledger.composer.system.NetworkAdmin" + operation: ALL + resource: "**" + action: ALLOW +} + +rule NetworkAdminSystem { + description: "Grant business network administrators full access to system resources" + participant: "org.hyperledger.composer.system.NetworkAdmin" + operation: ALL + resource: "org.hyperledger.composer.system.**" + action: ALLOW } \ No newline at end of file diff --git a/packages/marbles-network/package.json b/packages/marbles-network/package.json index 7ae1b59..a554b83 100644 --- a/packages/marbles-network/package.json +++ b/packages/marbles-network/package.json @@ -1,6 +1,6 @@ { "engines": { - "composer": "^0.11.0 || ^0.12.0 || ^0.13.0" + "composer": "^0.14.0" }, "name": "marbles-network", "version": "0.1.10", @@ -33,10 +33,10 @@ "devDependencies": { "browserfs": "^1.2.0", "chai": "^3.5.0", - "composer-admin": "^0.11.0", - "composer-cli": "^0.11.0", - "composer-client": "^0.11.0", - "composer-connector-embedded": "^0.11.0", + "composer-admin": "^0.14.0-0", + "composer-cli": "^0.14.0-0", + "composer-client": "^0.14.0-0", + "composer-connector-embedded": "^0.14.0-0", "eslint": "^3.6.1", "istanbul": "^0.4.5", "jsdoc": "^3.4.1", diff --git a/packages/marbles-network/permissions.acl b/packages/marbles-network/permissions.acl index 79e276c..ed50e23 100644 --- a/packages/marbles-network/permissions.acl +++ b/packages/marbles-network/permissions.acl @@ -15,4 +15,20 @@ rule SystemACL { operation: ALL resource: "org.hyperledger.composer.system.**" action: ALLOW +} + +rule NetworkAdminUser { + description: "Grant business network administrators full access to user resources" + participant: "org.hyperledger.composer.system.NetworkAdmin" + operation: ALL + resource: "**" + action: ALLOW +} + +rule NetworkAdminSystem { + description: "Grant business network administrators full access to system resources" + participant: "org.hyperledger.composer.system.NetworkAdmin" + operation: ALL + resource: "org.hyperledger.composer.system.**" + action: ALLOW } \ No newline at end of file diff --git a/packages/perishable-network/package.json b/packages/perishable-network/package.json index b8551ef..7479ef0 100644 --- a/packages/perishable-network/package.json +++ b/packages/perishable-network/package.json @@ -1,6 +1,6 @@ { "engines": { - "composer": "^0.11.0 || ^0.12.0 || ^0.13.0 " + "composer": "^0.14.0" }, "name": "perishable-network", "version": "0.1.10", @@ -34,10 +34,10 @@ "devDependencies": { "browserfs": "^1.2.0", "chai": "^3.5.0", - "composer-admin": "^0.11.0", - "composer-cli": "^0.11.0", - "composer-client": "^0.11.0", - "composer-connector-embedded": "^0.11.0", + "composer-admin": "^0.14.0-0", + "composer-cli": "^0.14.0-0", + "composer-client": "^0.14.0-0", + "composer-connector-embedded": "^0.14.0-0", "eslint": "^3.6.1", "istanbul": "^0.4.5", "jsdoc": "^3.4.1", diff --git a/packages/perishable-network/permissions.acl b/packages/perishable-network/permissions.acl index 39a3b8b..72046c8 100644 --- a/packages/perishable-network/permissions.acl +++ b/packages/perishable-network/permissions.acl @@ -15,4 +15,20 @@ rule SystemACL { operation: ALL resource: "org.hyperledger.composer.system.**" action: ALLOW +} + +rule NetworkAdminUser { + description: "Grant business network administrators full access to user resources" + participant: "org.hyperledger.composer.system.NetworkAdmin" + operation: ALL + resource: "**" + action: ALLOW +} + +rule NetworkAdminSystem { + description: "Grant business network administrators full access to system resources" + participant: "org.hyperledger.composer.system.NetworkAdmin" + operation: ALL + resource: "org.hyperledger.composer.system.**" + action: ALLOW } \ No newline at end of file diff --git a/packages/pii-network/package.json b/packages/pii-network/package.json index f7782b3..874676a 100644 --- a/packages/pii-network/package.json +++ b/packages/pii-network/package.json @@ -1,6 +1,6 @@ { "engines": { - "composer": "^0.11.0 || ^0.12.0 || ^0.13.0" + "composer": "^0.14.0" }, "name": "pii-network", "version": "0.1.10", @@ -33,10 +33,10 @@ "devDependencies": { "browserfs": "^1.2.0", "chai": "^3.5.0", - "composer-admin": "^0.11.0", - "composer-cli": "^0.11.0", - "composer-client": "^0.11.0", - "composer-connector-embedded": "^0.11.0", + "composer-admin": "^0.14.0-0", + "composer-cli": "^0.14.0-0", + "composer-client": "^0.14.0-0", + "composer-connector-embedded": "^0.14.0-0", "eslint": "^3.6.1", "istanbul": "^0.4.5", "jsdoc": "^3.4.1", diff --git a/packages/pii-network/permissions.acl b/packages/pii-network/permissions.acl index 06d1c67..b74558c 100644 --- a/packages/pii-network/permissions.acl +++ b/packages/pii-network/permissions.acl @@ -45,4 +45,20 @@ rule SystemACL { operation: ALL resource: "org.hyperledger.composer.system.**" action: ALLOW +} + +rule NetworkAdminUser { + description: "Grant business network administrators full access to user resources" + participant: "org.hyperledger.composer.system.NetworkAdmin" + operation: ALL + resource: "**" + action: ALLOW +} + +rule NetworkAdminSystem { + description: "Grant business network administrators full access to system resources" + participant: "org.hyperledger.composer.system.NetworkAdmin" + operation: ALL + resource: "org.hyperledger.composer.system.**" + action: ALLOW } \ No newline at end of file diff --git a/packages/trade-network/package.json b/packages/trade-network/package.json index 2e50039..8e8e7a5 100644 --- a/packages/trade-network/package.json +++ b/packages/trade-network/package.json @@ -1,6 +1,6 @@ { "engines": { - "composer": "^0.11.0 || ^0.12.0 || ^0.13.0" + "composer": "^0.14.0" }, "name": "trade-network", "version": "0.1.10", @@ -33,10 +33,10 @@ "devDependencies": { "browserfs": "^1.2.0", "chai": "^3.5.0", - "composer-admin": "^0.11.0", - "composer-cli": "^0.11.0", - "composer-client": "^0.11.0", - "composer-connector-embedded": "^0.11.0", + "composer-admin": "^0.14.0-0", + "composer-cli": "^0.14.0-0", + "composer-client": "^0.14.0-0", + "composer-connector-embedded": "^0.14.0-0", "eslint": "^3.6.1", "istanbul": "^0.4.5", "jsdoc": "^3.4.1", diff --git a/packages/trade-network/permissions.acl b/packages/trade-network/permissions.acl index 6287a0b..a67d016 100644 --- a/packages/trade-network/permissions.acl +++ b/packages/trade-network/permissions.acl @@ -15,4 +15,20 @@ rule SystemACL { operation: ALL resource: "org.hyperledger.composer.system.**" action: ALLOW +} + +rule NetworkAdminUser { + description: "Grant business network administrators full access to user resources" + participant: "org.hyperledger.composer.system.NetworkAdmin" + operation: ALL + resource: "**" + action: ALLOW +} + +rule NetworkAdminSystem { + description: "Grant business network administrators full access to system resources" + participant: "org.hyperledger.composer.system.NetworkAdmin" + operation: ALL + resource: "org.hyperledger.composer.system.**" + action: ALLOW } \ No newline at end of file diff --git a/packages/vehicle-lifecycle-network/package.json b/packages/vehicle-lifecycle-network/package.json index c3017c8..87a3cd1 100644 --- a/packages/vehicle-lifecycle-network/package.json +++ b/packages/vehicle-lifecycle-network/package.json @@ -1,6 +1,6 @@ { "engines": { - "composer": "^0.11.0 || ^0.12.0 || ^0.13.0" + "composer": "^0.14.0" }, "name": "vehicle-lifecycle-network", "version": "0.1.10", @@ -36,10 +36,10 @@ "devDependencies": { "browserfs": "^1.2.0", "chai": "^3.5.0", - "composer-admin": "^0.11.0", - "composer-cli": "^0.11.0", - "composer-client": "^0.11.0", - "composer-connector-embedded": "^0.11.0", + "composer-admin": "^0.14.0-0", + "composer-cli": "^0.14.0-0", + "composer-client": "^0.14.0-0", + "composer-connector-embedded": "^0.14.0-0", "eslint": "^3.6.1", "istanbul": "^0.4.5", "jsdoc": "^3.4.1", diff --git a/packages/vehicle-lifecycle-network/permissions.acl b/packages/vehicle-lifecycle-network/permissions.acl index dadacd3..cc62ec6 100644 --- a/packages/vehicle-lifecycle-network/permissions.acl +++ b/packages/vehicle-lifecycle-network/permissions.acl @@ -15,4 +15,20 @@ rule SystemACL { operation: ALL resource: "org.hyperledger.composer.system.**" action: ALLOW +} + +rule NetworkAdminUser { + description: "Grant business network administrators full access to user resources" + participant: "org.hyperledger.composer.system.NetworkAdmin" + operation: ALL + resource: "**" + action: ALLOW +} + +rule NetworkAdminSystem { + description: "Grant business network administrators full access to system resources" + participant: "org.hyperledger.composer.system.NetworkAdmin" + operation: ALL + resource: "org.hyperledger.composer.system.**" + action: ALLOW } \ No newline at end of file