Merge branch 'master' into vcx_updates_zkp

Jenkinsfile.cd

@@ -1429,7 +1429,7 @@ def shell(command) {
 }
 
 def setupRust() {
-    shell("rustup default 1.31.0")
+    shell("rustup default 1.32.0")
 }
 
 def androidPublishing() {

Jenkinsfile.ci

@@ -791,7 +791,7 @@ def shell(command) {
 }
 
 def setupRust() {
-    shell("rustup default 1.31.0")
+    shell("rustup default 1.32.0")
 }
 
 def setupBrewPackages() {

README.md

@@ -194,16 +194,11 @@ See section "Release channels" for more details.
 
 ### MacOS
 
-Pre-built libraries are not provided for MacOS. Please look [here](docs/build-guides/mac-build.md)
-for details on building from source for MacOS.
-
- **Note:** After building `libindy`, add the path containing the library the `LD_LIBRARY_PATH` and
-`DYLD_LIBRARY_PATH` environment variables. This is necessary for dynamically linking
-your application with `libindy`. The dynamic linker will first check for the library in
-`LD_LIBRARY_PATH` if the library in your application doesn't include directory names.
-If the library in your application does include any directory name, then dynamic
-linker will search for the library in `DYLD_LIBRARY_PATH` (not `LD_LIBRARY_PATH`)
-so we recommend you set both variables to be safe.
+Pre-built libraries are not provided for MacOS.
+
+Clone the repo and run `mac.build.sh` in the `libindy` folder.
+
+Please see [here](docs/build-guides/mac-build.md) for manual build steps.
 
 ### RHEL-based distributions (Amazon Linux 2017.03)
 Pre-built libraries are not provided for RHEL-based distributions. Please look [here](docs/build-guides/rhel-build.md)

ci/indy-pool.dockerfile

@@ -24,9 +24,9 @@ RUN echo "deb https://repo.sovrin.org/deb xenial $indy_stream" >> /etc/apt/sourc
 
 RUN useradd -ms /bin/bash -u $uid indy
 
-ARG indy_plenum_ver=1.6.662
+ARG indy_plenum_ver=1.6.705
 ARG indy_anoncreds_ver=1.0.32
-ARG indy_node_ver=1.6.772
+ARG indy_node_ver=1.6.839
 ARG python3_indy_crypto_ver=0.4.5
 ARG indy_crypto_ver=0.4.5
 

cli/src/commands/ledger.rs

@@ -1218,6 +1218,78 @@ pub mod sign_multi_command {
     }
 }
 
+pub mod auth_rule_command {
+    use super::*;
+
+    command!(CommandMetadata::build("auth-rule", "Send AUTH_RULE request to change authentication rules for a ledger transaction.")
+                .add_required_param("txn_type", "Ledger transaction alias or associated value")
+                .add_required_param("action", "Type of an action. One of: ADD, EDIT")
+                .add_required_param("field", "Transaction field")
+                .add_optional_param("old_value", "Old value of field, which can be changed to a new_value (mandatory for EDIT action)")
+                .add_required_param("new_value", "New value that can be used to fill the field")
+                .add_required_param("constraint", r#"Set of constraints required for execution of an action
+         {
+             constraint_id - type of a constraint. Can be either "ROLE" to specify final constraint or  "AND"/"OR" to combine constraints.
+             role - role associated value {TRUSTEE: 0, STEWARD: 2, TRUST_ANCHOR: 101, NETWORK_MONITOR: 201, ANY: *}.
+             sig_count - the number of signatures required to execution action.
+             need_to_be_owner - if user must be an owner of transaction.
+             metadata - additional parameters of the constraint.
+         }
+         can be combined by
+         {
+             constraint_id: <"AND" or "OR">
+             auth_constraints: [<constraint_1>, <constraint_2>]
+         }
+                "#)
+                .add_example(r#"ledger auth-rule txn_type=NYM action=ADD field=role new_value=101 constraint="{"sig_count":1,"role":"0","constraint_id":"ROLE","need_to_be_owner":false}""#)
+                .add_example(r#"ledger auth-rule txn_type=NYM action=EDIT field=role old_value=101 new_value=0 constraint="{"sig_count":1,"role":"0","constraint_id":"ROLE","need_to_be_owner":false}""#)
+                .finalize()
+    );
+
+    fn execute(ctx: &CommandContext, params: &CommandParams) -> Result<(), ()> {
+        trace!("execute >> ctx {:?} params {:?}", ctx, params);
+
+        let (pool_handle, pool_name) = ensure_connected_pool(&ctx)?;
+        let (wallet_handle, wallet_name) = ensure_opened_wallet(&ctx)?;
+        let submitter_did = ensure_active_did(&ctx)?;
+
+        let txn_type = get_str_param("txn_type", params).map_err(error_err!())?;
+        let action = get_str_param("action", params).map_err(error_err!())?;
+        let field = get_str_param("field", params).map_err(error_err!())?;
+        let old_value = get_opt_str_param("old_value", params).map_err(error_err!())?;
+        let new_value = get_str_param("new_value", params).map_err(error_err!())?;
+        let constraint = get_str_param("constraint", params).map_err(error_err!())?;
+
+        let request = Ledger::build_auth_rule_request(&submitter_did, txn_type, &action.to_uppercase(), field, old_value, new_value, constraint)
+            .map_err(|err| handle_indy_error(err, None, None, None))?;
+
+        let response_json = Ledger::sign_and_submit_request(pool_handle, wallet_handle, &submitter_did, &request)
+            .map_err(|err| handle_indy_error(err, Some(&submitter_did), Some(&pool_name), Some(&wallet_name)))?;
+
+        let mut response: Response<serde_json::Value> = serde_json::from_str::<Response<serde_json::Value>>(&response_json)
+            .map_err(|err| println_err!("Invalid data has been received: {:?}", err))?;
+
+        if let Some(result) = response.result.as_mut() {
+            result["txn"]["data"]["auth_type"] = get_txn_title(&result["txn"]["data"]["auth_type"]);
+            result["txn"]["data"]["constraint"] = serde_json::Value::String(::serde_json::to_string_pretty(&result["txn"]["data"]["constraint"]).unwrap());
+        }
+
+        let res = handle_transaction_response(response)
+            .map(|result| print_transaction_response(result,
+                                                     "Auth Rule request has been sent to Ledger.",
+                                                     None,
+                                                     &mut vec![("auth_type", "Txn Type"),
+                                                               ("auth_action", "Action"),
+                                                               ("field", "Field"),
+                                                               ("old_value", "Old Value"),
+                                                               ("new_value", "New Value"),
+                                                               ("constraint", "Constraint")]))?;
+
+        trace!("execute << {:?}", res);
+        Ok(res)
+    }
+}
+
 pub fn set_request_fees(request: &mut String, wallet_handle: i32, submitter_did: Option<&str>, fees_inputs: &Option<Vec<&str>>, fees_outputs: &Option<Vec<String>>, extra: Option<&str>) -> Result<Option<String>, ()> {
     let mut payment_method: Option<String> = None;
     if let &Some(ref inputs) = fees_inputs {
@@ -1413,6 +1485,33 @@ fn get_role_title(role: &serde_json::Value) -> serde_json::Value {
     }.to_string())
 }
 
+fn get_txn_title(role: &serde_json::Value) -> serde_json::Value {
+    serde_json::Value::String(match role.as_str() {
+        Some("0") => "NODE",
+        Some("1") => "NYM",
+        Some("3") => "GET_TXN",
+        Some("100") => "ATTRIB",
+        Some("101") => "SCHEMA",
+        Some("104") => "GET_ATTR",
+        Some("105") => "GET_NYM",
+        Some("107") => "GET_SCHEMA",
+        Some("108") => "GET_CRED_DEF",
+        Some("102") => "CRED_DEF",
+        Some("109") => "POOL_UPGRADE",
+        Some("111") => "POOL_CONFIG",
+        Some("113") => "REVOC_REG_DEF",
+        Some("114") => "REVOC_REG_ENTRY",
+        Some("115") => "GET_REVOC_REG_DEF",
+        Some("116") => "GET_REVOC_REG",
+        Some("117") => "GET_REVOC_REG_DELTA",
+        Some("118") => "POOL_RESTART",
+        Some("119") => "GET_VALIDATOR_INFO",
+        Some("120") => "AUTH_RULE",
+        Some(val) => val,
+        _ => "-"
+    }.to_string())
+}
+
 fn timestamp_to_datetime(_time: i64) -> String {
     NaiveDateTime::from_timestamp(_time, 0).to_string()
 }
@@ -1444,7 +1543,7 @@ pub struct ReplyResult<T> {
 pub mod tests {
     use super::*;
     use commands::wallet::tests::{create_and_open_wallet, close_and_delete_wallet, open_wallet, close_wallet};
-    use commands::pool::tests::{disconnect_and_delete_pool};
+    use commands::pool::tests::disconnect_and_delete_pool;
     use commands::did::tests::{new_did, use_did, SEED_TRUSTEE, DID_TRUSTEE, DID_MY1, VERKEY_MY1, SEED_MY3, DID_MY3, VERKEY_MY3};
     #[cfg(feature = "nullpay_plugin")]
     use commands::common::tests::{load_null_payment_plugin, NULL_PAYMENT_METHOD};
@@ -3473,6 +3572,35 @@ pub mod tests {
         }
     }
 
+    mod auth_rule {
+        use super::*;
+
+        const ROLE_CONSTRAINT: &str = r#"{
+            "sig_count": 1,
+            "metadata": {},
+            "role": "0",
+            "constraint_id": "ROLE",
+            "need_to_be_owner": false
+        }"#;
+
+        #[test]
+        pub fn auth_rule_works() {
+            let ctx = setup_with_wallet_and_pool();
+            use_trustee(&ctx);
+            {
+                let cmd = auth_rule_command::new();
+                let mut params = CommandParams::new();
+                params.insert("txn_type", "NYM".to_string());
+                params.insert("action", "add".to_string());
+                params.insert("field", "role".to_string());
+                params.insert("new_value", "101".to_string());
+                params.insert("constraint", ROLE_CONSTRAINT.to_string());
+                cmd.execute(&ctx, &params).unwrap();
+            }
+            tear_down_with_wallet_and_pool(&ctx);
+        }
+    }
+
     fn create_new_did(ctx: &CommandContext) -> (String, String) {
         let (wallet_handle, _) = get_opened_wallet(ctx).unwrap();
         Did::new(wallet_handle, "{}").unwrap()

cli/src/libindy/ledger.rs

@@ -77,7 +77,18 @@ impl Ledger {
     pub fn indy_build_pool_upgrade_request(submitter_did: &str, name: &str, version: &str, action: &str, sha256: &str, timeout: Option<u32>, schedule: Option<&str>,
                                            justification: Option<&str>, reinstall: bool, force: bool, package: Option<&str>) -> Result<String, IndyError> {
         ledger::build_pool_upgrade_request(submitter_did, name, version, action, sha256,
-                                               timeout, schedule, justification,
-                                               reinstall, force, package).wait()
+                                           timeout, schedule, justification,
+                                           reinstall, force, package).wait()
+    }
+
+    pub fn build_auth_rule_request(submitter_did: &str,
+                                   txn_type: &str,
+                                   action: &str,
+                                   field: &str,
+                                   old_value: Option<&str>,
+                                   new_value: &str,
+                                   constraint: &str, ) -> Result<String, IndyError> {
+        ledger::build_auth_rule_request(submitter_did, txn_type, action, field,
+                                        old_value, new_value, constraint).wait()
     }
 }

cli/src/main.rs

@@ -126,6 +126,7 @@ fn build_executor() -> CommandExecutor {
         .add_command(ledger::set_fees_prepare_command::new())
         .add_command(ledger::verify_payment_receipt_command::new())
         .add_command(ledger::sign_multi_command::new())
+        .add_command(ledger::auth_rule_command::new())
         .finalize_group()
         .add_group(payment_address::group::new())
         .add_command(payment_address::create_command::new())

docs/build-guides/mac-build.md

@@ -1,8 +1,11 @@
-# Setup Indy SDK build environment for MacOS
+# MacOS build guide
+
+Automated build: clone the repo and run `mac.build.sh` in the `libindy` folder.
+
+## Manual steps
 
 1. Install Rust and rustup (https://www.rust-lang.org/install.html).
 2. Install required native libraries and utilities (libsodium is added with URL to homebrew since version<1.0.15 is required)
-
    ```
    brew install pkg-config
    brew install https://raw.githubusercontent.com/Homebrew/homebrew-core/65effd2b617bade68a8a2c5b39e1c3089cc0e945/Formula/libsodium.rb   
@@ -13,8 +16,6 @@
    brew install zeromq
    brew install zmq
    ```
-
-
 3. Setup environment variables:
    ```
    export PKG_CONFIG_ALLOW_CROSS=1
@@ -24,7 +25,10 @@
    ```
 4. Setup OPENSSL_DIR variable: path to installed openssl library
    ```
-   export OPENSSL_DIR=/usr/local/Cellar/openssl/1.0.2n   # path changes with version number
+   for version in `ls -t /usr/local/Cellar/openssl/`; do
+        export OPENSSL_DIR=/usr/local/Cellar/openssl/$version
+        break
+   done
    ```
 5. Checkout and build the library:
    ```
@@ -38,13 +42,14 @@
    cd ../cli
    cargo build
    ```
+7. Set your `DYLD_LIBRARY_PATH` and `LD_LIBRARY_PATH` environment variables to the path of `indy-sdk/libindy/target/debug`. You may want to put these in your `.bash_profile` to persist them.
 
-# Note on running local nodes
+## Note on running local nodes
 
 In order to run local nodes on MacOS, it may be necessary to set up port mapping between the Docker container
 and local host. Follow the instructions in [Indy SDK README](https://github.com/hyperledger/indy-sdk#how-to-start-local-nodes-pool-with-docker)
 
-# IOError while running of whole set of tests on MacOS
+## IOError while running of whole set of tests on MacOS
 
 There is a possible case when some tests are failed if whole set of tests is run (`cargo test`).
 But failed tests will be successful in case of separate runs.

docs/design/001-cli/README.md

@@ -333,6 +333,12 @@ Send custom transaction with user defined json body and optional signature
 ledger custom [txn=]<txn-json-value> [sign=<true|false>]
 ```
 
+#### AUTH_RULE transaction
+Send AUTH_RULE transaction
+```
+ledger auth-rule txn_type=<txn type> action=<add or edit> field=<txn field> [old_value=<value>] new_value=<new_value> constraint=<{constraint json}>
+```
+
 #### GET_PAYMENT_SOURCES transaction
 Send GET_PAYMENT_SOURCES transaction
 ```