diff --git a/api/client.go b/api/client.go index af415b7e6..f1ead71f4 100644 --- a/api/client.go +++ b/api/client.go @@ -28,7 +28,7 @@ type RegistrationRequest struct { // Name is the unique name of the identity Name string `json:"id" help:"Unique name of the identity"` // Type of identity being registered (e.g. "peer, app, user") - Type string `json:"type" help:"Type of identity being registered (e.g. 'peer, app, user')"` + Type string `json:"type" def:"user" help:"Type of identity being registered (e.g. 'peer, app, user')"` // Secret is an optional password. If not specified, // a random secret is generated. In both cases, the secret // is returned in the RegistrationResponse. diff --git a/cmd/fabric-ca-client/main_test.go b/cmd/fabric-ca-client/main_test.go index 8d60a1898..5aa45dddb 100644 --- a/cmd/fabric-ca-client/main_test.go +++ b/cmd/fabric-ca-client/main_test.go @@ -508,6 +508,16 @@ func testRegisterCommandLine(t *testing.T, srv *lib.Server) { t.Errorf("client register failed: %s", err) } + // Register an identity without identity type parameter (--id.type). It should succeed. + // The identity type is set to default type "user" + userName := "testRegister5" + err = RunMain([]string{cmdName, "register", "-d", "--id.name", userName, + "--id.affiliation", "company2"}) + assert.NoError(t, err, "Failed to register identity "+userName) + user, err = db.GetUserInfo(userName) + assert.NoError(t, err) + assert.Equal(t, "user", user.Type, "Identity type for '%s' should have been 'user'", userName) + os.Remove(defYaml) // Delete default config file err = RunMain([]string{cmdName, "register", "-u", "http://localhost:7091"}) diff --git a/docs/source/users-guide.rst b/docs/source/users-guide.rst index 3a71e7974..7e3583218 100644 --- a/docs/source/users-guide.rst +++ b/docs/source/users-guide.rst @@ -319,7 +319,7 @@ The following shows the Fabric CA client usage message: --id.maxenrollments int The maximum number of times the secret can be reused to enroll. --id.name string Unique name of the identity --id.secret string The enrollment secret for the identity being registered - --id.type string Type of identity being registered (e.g. 'peer, app, user') + --id.type string Type of identity being registered (e.g. 'peer, app, user') (default "user") -M, --mspdir string Membership Service Provider directory (default "msp") -m, --myhost string Hostname to include in the certificate signing request during enrollment (default "saads-mbp.raleigh.ibm.com") -a, --revoke.aki string AKI (Authority Key Identifier) of the certificate to be revoked @@ -1461,14 +1461,14 @@ during registration as follows: of "a.b.c" but may not register an identity with an affiliation of "a.c". The following command uses the **admin** identity's credentials to register a new -identity with an enrollment id of "admin2", a type of "user", an affiliation of +user with an enrollment id of "admin2", an affiliation of "org1.department1", an attribute named "hf.Revoker" with a value of "true", and an attribute named "foo" with a value of "bar". .. code:: bash export FABRIC_CA_CLIENT_HOME=$HOME/fabric-ca/clients/admin - fabric-ca-client register --id.name admin2 --id.type user --id.affiliation org1.department1 --id.attrs 'hf.Revoker=true,foo=bar' + fabric-ca-client register --id.name admin2 --id.affiliation org1.department1 --id.attrs 'hf.Revoker=true,foo=bar' The password, also known as the enrollment secret, is printed. This password is required to enroll the identity. @@ -1481,13 +1481,13 @@ the attribute must be encapsulated in double quotes. See example below. .. code:: bash - fabric-ca-client register -d --id.name admin2 --id.type user --id.affiliation org1.department1 --id.attrs '"hf.Registrar.Roles=peer,user",hf.Revoker=true' + fabric-ca-client register -d --id.name admin2 --id.affiliation org1.department1 --id.attrs '"hf.Registrar.Roles=peer,user",hf.Revoker=true' or .. code:: bash - fabric-ca-client register -d --id.name admin2 --id.type user --id.affiliation org1.department1 --id.attrs '"hf.Registrar.Roles=peer,user"' --id.attrs hf.Revoker=true + fabric-ca-client register -d --id.name admin2 --id.affiliation org1.department1 --id.attrs '"hf.Registrar.Roles=peer,user"' --id.attrs hf.Revoker=true You may set default values for any of the fields used in the register command by editing the client's configuration file. For example, suppose the configuration diff --git a/lib/serverregister.go b/lib/serverregister.go index c0183bf39..8c78ce842 100644 --- a/lib/serverregister.go +++ b/lib/serverregister.go @@ -71,7 +71,7 @@ func registerUser(req *api.RegistrationRequestNet, registrar string, ca *CA) (st if registrar != "" { // Check the permissions of member named 'registrar' to perform this registration - err = canRegister(registrar, req.Type, ca) + err = canRegister(registrar, req, ca) if err != nil { log.Debugf("Registration of '%s' failed: %s", req.Name, err) return "", err @@ -168,7 +168,7 @@ func requireAffiliation(idType string) bool { return true } -func canRegister(registrar string, userType string, ca *CA) error { +func canRegister(registrar string, req *api.RegistrationRequestNet, ca *CA) error { log.Debugf("canRegister - Check to see if user %s can register", registrar) user, err := ca.registry.GetUser(registrar, nil) @@ -183,13 +183,11 @@ func canRegister(registrar string, userType string, ca *CA) error { } else { roles = make([]string, 0) } - if userType != "" { - if !util.StrContained(userType, roles) { - return errors.Errorf("Identity '%s' may not register type '%s'", registrar, userType) - } - } else { - return errors.New("No identity type provided. Please provide identity type") + if req.Type == "" { + req.Type = "user" + } + if !util.StrContained(req.Type, roles) { + return fmt.Errorf("Identity '%s' may not register type '%s'", registrar, req.Type) } - return nil } diff --git a/swagger/swagger-fabric-ca.json b/swagger/swagger-fabric-ca.json index 51ff647c6..0e276b4b9 100644 --- a/swagger/swagger-fabric-ca.json +++ b/swagger/swagger-fabric-ca.json @@ -448,7 +448,6 @@ }, "required": [ "id", - "type", "affiliation_path", "attrs" ]