fc's People
fc's Issues
Document alternative approach to identity issue
closed unresolved issues
Sample Networks default branch is still 0.16.x
Playground Documentation web profile vs real fabric
Playground documentation has fallen behind and could benefit from restructuring the following is a list of issues I perceive
- There should be a distinction between Web Browser and connecting to a real fabric as playground behaves differently
- Deploy requires an extra step to define the id and secret or cert to connect with
- Upgrade requires the user to interact with a different modal dialog
- The videos are probably out of date
Generate Random Data interaction edge case issue
This is a suggestion for an edge case useability enhancement for consideration.
Also for consideration will be how to ensure that any changes are notified back to the user. Just updating the fields will not be accessible, unless for example the screen reader explicitly informs of this taking place or some high contrast notification is made.
Context
I attempted to create a new Participant in the digitalproperty network. I entered data into fields but decided I needed random info and saw the generate random data was still available, however on clicking it nothing happened and there is no hint as to why.
Expected Behavior
I know that it only updates fields that have no data in them, but I think as a useability improvement maybe a dialog to ask if you want to overwrite fields already filled in, that way you know that clicking on the generate random data is at least being acknowledged.
Diagnostics page needs an overhaul
The diagnostics page is out of date and doesn't explain things well
https://hyperledger.github.io/composer/problems/diagnostics.html
For example
references to some config module and what looks like an old getting started definition but there is no explanation on what the config module is, where the file should go and how all of this works or good examples of how or why you would do this.
Chaincode container diagnostics is limited and only refers to v0.6. We should include information pertinent to v1.0
Ideally we should provide information about how to get diagnostic information for all components
User Applications
Business Networks
CLI
Rest Server
Playground
Composer Runtime
Fabric
Playground links all still point to next
node-red integration is broken, but still documented.
Also 16.x had a tutorial, that tutorial has gone.
Playground design and implementation is not great
- Deploy is greyed out until you fill on the user/secret dialog, but you can't see it so you wonder why deploy is greyed out
- upgrade presents you with a choice of cards to use for install/upgrade but you don't get the same for deploy
- Impossible to work with a multi-org fabric
playground exported bnas from a real fabric have the dependencies defined
eg
{
"name": "addasset-network",
"author": "author",
"description": "Start from scratch with a blank business network",
"version": "0.0.2-deploy.5",
"devDependencies": {
"browserfs": "^1.2.0",
"chai": "^3.5.0",
"composer-admin": "latest",
"composer-cli": "latest",
"composer-client": "latest",
"composer-connector-embedded": "latest",
"eslint": "^3.6.1",
"istanbul": "^0.4.5",
"jsdoc": "^3.4.1",
"mkdirp": "^0.5.1",
"mocha": "^3.2.0",
"moment": "^2.19.3"
},
"keywords": [],
"license": "Apache 2.0",
"repository": {
"type": "e.g. git",
"url": "URL"
},
"scripts": {
"deploy": "./scripts/deploy.sh",
"doc": "jsdoc --pedantic --recurse -c jsdoc.conf",
"lint": "eslint .",
"postlicchk": "npm run doc",
"postlint": "npm run licchk",
"prepublish": "mkdirp ./dist && composer archive create --sourceType dir --sourceName . -a ./dist/unnamed-network.bna",
"pretest": "npm run lint",
"test": "mocha --recursive",
"start": "start-network"
},
"dependencies": {
"composer-common": "0.19.0",
"composer-runtime-hlfv1": "0.19.0"
}
}
composer network deploy will fail if the deployer card contains a business network
$ composer network deploy -a decentralized-energy-network.bna -c admin -A admin -S adminpw
Deploying business network from archive: decentralized-energy-network.bna
Business network definition:
Identifier: [email protected]
Description: Decentralized Energy application with Hyperledger Composer
Error: Error trying to ping. Error: Error trying to query business network. Error: make sure the chaincode decentralized-energy-network has been successfully instantiated and try again: could not find chaincode with name 'decentralized-energy-network'
Command failed
This comes down to adminconnection.connect that can accept a business network as part of the parameter. If it has one then it performs 1 extra task over adminconnection.connect which is to attempt to ping the business network.
Question is, is the card valid ? Well it's valid in the sense of a card but isn't valid as you should be using a card that isn't associated with a business network, but then why should that be a problem.
Here are some of the possible solutions to this.
cards should only connect to a business network when it's appropriate for the action but that means the connect method just taking a card would have to change
Should adminconnection.connect still accept a business network ? it is documented as only needed for an update action so could we just change update (note the hlfv1 connector listens for events when connect is given a business network but that is not required for update).
Should we document that cards built for install/start/deploy/upgrade should not contain a business network.
@davidkel davidkel added cli business network cards P2 labels on Nov 10, 2017
@davidkel
Member
davidkel commented on Nov 11, 2017
As a thought, does the card created by playground work ok ?
Serviceability: Implement and use chained Errors
In hlfconnection.js for the hlfv1 connector, in order to not lose useful information from errors that are caught from external libraries, error messages from these errors are embedded into new errors that describe that action that was being done at the time. We should extend this idea and have chained errors that record the error. The toString method can then provide information in a structured manner. This is similar in the way java does things.
Description of using Rest Server via Docker image is not good
Basically it's not practical and doesn't provide good advice.
CA definition in connection profile is mandatory for composer
We should support the ability to not have to define a Certificate authority.
- schema check should not make the certificate authority mandatory
- hlfconnectionmanager will need to catch an error thrown by the node sdk when doing getCertificateAuthority (raise a Jira)
- hlfconnection will need to not check for a caClient being passed and also throw an error if no caClient is defined on calls that require it.
createPeerAdmin should be removed from composer-tools dev server
We should just provide a profile, followed by the steps to create a PeerAdmin card
contrib guide alternative approach to developing code
Remove dependency on x509 in fabric shim
But we should add tests that test native module compilation to ensure that still works across all platforms.
Need a direct way to query an asset/participant lifecycle
Historian doesn't do it.
Playground popup, data overflows
And it still looks rubbish.
Docker Images built under alpine unsuitable for production
No debug tools and cannot install debug tools
c library is old so people who copy binary files over could have problems.
Recommend to be used as standalone or modified only with node modules
Windows Support
- WSL
- Git Bash
- MinGW
- Native
Native will be a problem, too much coded to the bash shell and unix file system paths. - cygwin
If a pure businessnetworkconnection chaincode listener loses connection completely it will never recover.
Also if it fails to connect trying to register a chaincode listener, the event hub is not reconnected until a request is made but in the scenario where a business network connection is used purely as a listener that means it never will reconnect a failing event hub.
Mac installation notes do not provide any details about python
As a user I would like to be able to debug my specific passport strategy usage
If I wanted to use a passport strategy, how would I go about debugging problems with it ? what facilities does composer provide to help me do this ?
It's probably a document requirement with a simple example to show what kind of things to look for, but could require more servicability needs to make it more practical.
Remove need for native modules in all composer client side code
- node-sdk to make pkcs11 module an optional dependency
- could do the same for the report module
Schema for connection profile is wrong
x-type possible values are incorrect
Improvement List
- Model
- better validation with filenames and line number reporting
- Script File
- report file name and line number on error
- CLI/Operational API
- start should use cards
- bind should use cards
- ability to bulk update cards and card files
- Serviceability
- too much info get's logged
- [Object object] output of no use
- Common Connection Profile
- Extract TLS certs from profile using paths/allow CCPs to use filenames for certs but still be portable
- Is the CA definition correct ?
Query guide is poor
gives examples of queries but the explanation is not good, for example they don't give an example of the model that the query is targetting.
Also the query has an example of sorts in opposite directions which I don't believe is possible.
Playground unlikely to work with multi-org and endorsement policy
will work with single org
probably work with multi-org and no endorsement policy, but what would happen exactly ?
- install: No problem here
- start: Start will probably work as the default instantiation policy only requires single endorsement
- upgrade: Same as start
- transaction: peers don't endorse if they don't have the right chaincode and version
- query: not an issue as sent only to single peer.
Playground doesn't offer a chose on deploy but does on update WTF ?
Think this may be fixed.
Playground error of no undefined in the chaincode store
fabric multi-org tutorial may be broken
In memory wallet doesn't appear to store node-sdk credentials correctly or at all
Write a problem that creates a card and stores it in the in memory wallet that has credentials and it looks like it still tries to enroll the user.
Provide guidance for HSM use
We may need a guide or tutorial on how to use HSM within composer, especially due to the limitations imposed by
- composer network start
- composer identity issue
on how they transfer the connection profile of the card used to invoke the command to the new card created and that there is currently no CLI to allow you to modify cards or card files.
If an organisation has multiple peers, queries should take a round robin approach
Also consider a long running connection where this is easy to a multi connection from the same client or a very transient connection which would be harder.
Logging in chaincode containers is still fucking broken
Doc Mistakes
- (RAISED) https://hyperledger.github.io/composer/latest/business-network/cloud-wallets
- provides an unexpected way to deal with in memory card store and referenced apis are not in the api reference.
const connectionOptions = {
wallet : {
type: 'composer-wallet-inmemory'
}
}
adminConnection.connect(connectionOptions);
-
(RAISED) https://hyperledger.github.io/composer/latest/tutorials/queries
- queries tutorial highlights incorrect function for removal.
-
IMPROVEMENTS
-
https://hyperledger.github.io/composer/latest/tutorials/google_oauth2_rest
- need to discuss card store sharing with the rest server.
- Need to emphasise that the composer tools downloaded is nothing more than a simple development server to play with.
- how to use the docker rest server with a shared wallet backed card store ?
- Our documentation should have a banner indicating the version
-
GENERAL
- (RAISED) customising card stores seems to be in the wrong place, it isn't about developing a business network, it's about operational aspects.
- diagnosing doesn't list all the profiles, great so it supports profiles but what are they.
- (RAISED) system namespace reference only talks about assets, participants, transactions but there are events, enum sections.
Vehicle lifecycle demo for hlfv1 is broken
uses latest tag, needs to be pinned.
Is it possible to perform npm install and package that as node chaincode ?
- so that the npm install in fabric doesn't have to do anything
- would it try to connect to the internet ? probably how to get fabric to not do that ?
- don't like the fact that chaincode node is not shrinkwrapped, it should be, could we fix that as a chaincode developer ?
couch db index generation is automatic, which is a problem
- you get indexes whether you want them or not
- the indexes may not be suitable to your needs
- you cannot turn this off
- you cannot package your own prebuilt indexes
Card Operational Improvements
- Need to be able to start and specify a card as identity to initially bind
- Need guidance on using peer commands to do install/start
- Need to be able to specify files for certs and still make card portable
- Need to be able to update cards and card files
- need to be able to script the listing of cards and card update
- need to ensure all the above has equivalent APIs
- need to be able to bind using a card that has credentials
Need support for cyclic models
Models with cyclic references can't be serialised.
node chaincode build could fail
User was running a Peer outside of the docker environment and got this problem
"Error: Error trying to start business network. Error: No valid responses from any peers.
Response from attempted peer comms was an error: Error: 2 UNKNOWN: error starting container: Failed to generate platform-specific docker build: Error returned from build: 1 "npm WARN deprecated [email protected]: Use mz or fs-extra^3.0 with Promise Support
npm WARN deprecated [email protected]: All versions below 4.0.1 of Nodemailer are deprecated. See https://nodemailer.com/status/
npm WARN deprecated [email protected]: This project is unmaintained
npm WARN deprecated [email protected]: If using 2.x branch, please upgrade to at least 2.1.6 to avoid a serious bug with socket data flow and an import issue introduced in 2.1.0
npm WARN deprecated [email protected]: Use uuid module instead
npm WARN deprecated [email protected]: This project is unmaintained
npm WARN deprecated [email protected]: If using 2.x branch, please upgrade to at least 2.1.6 to avoid a serious bug with socket data flow and an import issue introduced in 2.1.0
> [email protected] install /chaincode/output/node_modules/x509
> node-gyp rebuild
gyp ERR! clean error
gyp ERR! stack Error: EACCES: permission denied, rmdir 'build'
gyp ERR! System Linux 4.13.0-38-generic
gyp ERR! command "/usr/local/bin/node" "/usr/local/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js" "rebuild"
gyp ERR! cwd /chaincode/output/node_modules/x509
gyp ERR! node -v v8.9.4
gyp ERR! node-gyp -v v3.6.2
gyp ERR! not ok
npm WARN [email protected] No repository field.
npm WARN The package composer-common is included as both a dev and production dependency.
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: [email protected] (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for [email protected]: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
npm ERR! code ELIFECYCLE
npm ERR! errno 1
npm ERR! [email protected] install: `node-gyp rebuild`
npm ERR! Exit status 1
npm ERR!
npm ERR! Failed at the [email protected] install script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.
npm ERR! A complete log of this run can be found in:
npm ERR! /root/.npm/_logs/2018-04-05T12_06_13_615Z-debug.log
"
Command failed
"
Should only send back chaincode events relevant to the same business network connection
Currently I believe that if there are 2 BNs on the same channel, then a business network connection will get events from both business networks.
Should add details about PKCS_USERTYPE entry available from Node.js
integration tests required to verify yaml CCP support
Problem with the chaincode cache in web browser
I'm stuck trying to use composer-playground 0.19.0.
It seems to install. Then, I run composer-playground, and the browser launches. But, I get this error,
Error: Object with ID 'undefined' in collection with ID 'chaincodes' does not exist.
createPeerAdmin messages need improvement
More practical ACLs required (for example in sample networks)
As part of the introduction of the NetworkAdmin participant the samples were updated in the acl files as follows
/**
- Sample access control list.
/
rule Default {
description: "Allow all participants access to all resources"
participant: "ANY"
operation: ALL
resource: "net.biz.digitalPropertyNetwork."
action: ALLOW
}
rule SystemACL {
description: "System ACL to permit all access"
participant: "org.hyperledger.composer.system.Participant"
operation: ALL
resource: "org.hyperledger.composer.system.**"
action: ALLOW
}
rule NetworkAdminUser {
description: "Grant business network administrators full access to user resources"
participant: "org.hyperledger.composer.system.NetworkAdmin"
operation: ALL
resource: "**"
action: ALLOW
}
rule NetworkAdminSystem {
description: "Grant business network administrators full access to system resources"
participant: "org.hyperledger.composer.system.NetworkAdmin"
operation: ALL
resource: "org.hyperledger.composer.system.**"
action: ALLOW
}
note the addition of the NetworkAdminUser and NetworkAdminSystem. But these actually don't do anything useful as the first 2 rules allow everything to everyone anyway.
something like this allows networkadmin users to perform actions on the network but stops standard users
/**
- Sample access control list.
*/
rule NetworkAdminUser {
description: "Grant business network administrators full access to system resources"
participant: "org.hyperledger.composer.system.NetworkAdmin"
operation: ALL
resource: "org.hyperledger.composer.system.**"
action: ALLOW
}
rule StandardUser {
description: "Allow standard users to be able to connect to the business network as this requires read access"
participant: "org.hyperledger.composer.system.Participant"
operation: READ
resource: "org.hyperledger.composer.system.Network"
action: ALLOW
}
rule Default {
description: "Allow all participants access to all resources of the business network"
participant: "ANY"
operation: ALL
resource: "net.biz.digitalPropertyNetwork.*"
action: ALLOW
}
(ACL may be a bit rubbish as making it up as I go along, for example this may not work as transaction submitters may need to be able to interact with system registries they aren't explicitly aware of).
@davidkel davidkel added the samples label on Oct 12, 2017
@jt-nti
Member
jt-nti commented on Oct 13, 2017
Similarly for the 'empty' business network...
rule NetworkAdminUser {
description: "Grant business network administrators full access to user resources"
participant: "org.hyperledger.composer.system.NetworkAdmin"
operation: ALL
resource: "**"
action: ALLOW
}
rule NetworkAdminSystem {
description: "Grant business network administrators full access to system resources"
participant: "org.hyperledger.composer.system.NetworkAdmin"
operation: ALL
resource: "org.hyperledger.composer.system.**"
action: ALLOW
}
If the ** root glob does match everything which it should, including the org.hyperledger.composer.system namespace, it would make the NetworkAdminSystem rule redundant, and somewhat misleading.
BNA should support a shrinkwrap.json file
The problem is how to generate it as it has to include composer-runtime-hlfv1 ?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.