hyperledger-fabric - AccessException：作曲家网络 ping 不生成证书

问题描述

我正在尝试向参与者颁发新身份，创建composer card并导入它。

我的 base.cto 文件是

namespace com.algorythmix.base

participant Department identified by departmentId {
  o String departmentId
}

我签发身份的职能

const initIdentities = () => {
  return new Promise(async function(resolve, reject) {
    try {
      const businessNetworkConnection = new BusinessNetworkConnection();
      await businessNetworkConnection.connect(adminCardName);
      let departmentRegistry =  await businessNetworkConnection.getParticipantRegistry(`${BASE_NS}.Department`);
      let departmentOne = await departmentRegistry.get('departmentOne');
      let deptOne = await businessNetworkConnection.issueIdentity(`${BASE_NS}.Department#${departmentOne.departmentId}`, 'departmentOne');
      console.log(`userID = ${deptOne.userID}`);
      console.log(`userSecret = ${deptOne.userSecret}`);

      let departmentTwo = await departmentRegistry.get('departmentTwo');
      let deptTwo = await businessNetworkConnection.issueIdentity(`${BASE_NS}.Department#${departmentTwo.departmentId}`, 'departmentTwo');
      console.log(`userID = ${deptTwo.userID}`);
      console.log(`userSecret = ${deptTwo.userSecret}`);

      const adminConnection = new AdminConnection(); // { cardStore: $SOME_PATH_VARIABLE } to change def2ault card storage path
      await adminConnection.connect(adminCardName); // Confirm this
      console.log('connected');
      const cardOne = new IdCard({
        userName: 'departmentOne',
        version: 1,
        enrollmentSecret: deptOne.userSecret,
        businessNetwork: 'chips'
      }, connectionProfile);
      const cardTwo = new IdCard({
        userName: 'departmentTwo',
        version: 1,
        enrollmentSecret: deptTwo.userSecret,
        businessNetwork: 'chips'
      }, connectionProfile);
      console.log('importing card one');
      await adminConnection.importCard('departmentOne', cardOne);
      await adminConnection.importCard('departmentTwo', cardTwo);
      console.log('imported card two');
      await businessNetworkConnection.disconnect();
      await adminConnection.disconnect();
      resolve();
    } catch (e) {
      reject(e);
    };
  });
};

根据此处提供的基本教程adminCardName使用命令时生成的命令在哪里https://hyperledger.github.io/composer/latest/tutorials/deploy-to-fabric-single-org 并且也取自上述页面。我已经仔细检查了卡使用的连接配置文件，我使用的是完全相同的。composer network startconnectionProfileadmin@chips

一旦我运行该函数，在 中composer card list，一张名为departmentOne并departmentTwo列出的卡与 Business 网络显示为chips（如预期的那样）。

现在当我运行时composer network ping -c departmentOne，我得到了错误

Error: 2 UNKNOWN: error executing chaincode: transaction returned with failure: AccessException: Participant 'com.algorythmix.base.Department#departmentOne' does not have 'READ' access to resource 'org.hyperledger.composer.system.Network#chips@0.2.0'
Command failed

我有 1) 删除permissions.acl，根据文档导致每个人都获得完全访问权限 2) 使用以下permissions.acl文件

rule Default {
    description: "Allow all participants access to all resources"
    participant: "com.algorythmix.base.Department"
    operation: ALL
    resource: "org.hyperledger.composer.system.Network"
    action: ALLOW
}

rule NetworkAdminUser {
    description: "Grant business network administrators full access to user resources"
    participant: "org.hyperledger.composer.system.NetworkAdmin"
    operation: ALL
    resource: "**"
    action: ALLOW
}

rule NetworkAdminSystem {
    description: "Grant business network administrators full access to system resources"
    participant: "org.hyperledger.composer.system.NetworkAdmin"
    operation: ALL
    resource: "org.hyperledger.composer.system.**"
    action: ALLOW
}

专门授予参与者访问网络的权限。我还上传了.bna到composer-playground它，它按预期在那里工作。

有人可以指导我，我做错了什么吗？信息：Ubuntu - 16.0.4 Fabric - 1.1 Composer - 0.19.11 节点 - 8.9.1

标签： hyperledger-fabrichyperledger-composer