Re: Channel Policy


Jason Yellick <jyellick@...>
 

Your orderer processes must always satisfy the /Channel/Writers policy (or they will not be able to process config updates and channel creation transactions).  Based on the below, it looks like your policy restriction is excluding them.  Most likely, what you really want to modify is the /Channel/Application/Readers policy (in the Application section of your configtx.yaml), this will allow you to specify the subset of application orgs you wish to be able to submit transactions.

~Jason
 

----- Original message -----
From: "Nicholas Leonardi via Lists.Hyperledger.Org" <nlzanutim=yahoo.com@...>
Sent by: fabric@...
To: Fabric <fabric@...>
Cc: fabric@...
Subject: [EXTERNAL] [Hyperledger Fabric] Channel Policy
Date: Wed, Jan 22, 2020 8:08 AM
 
Hey guys,
 
Trying to change the channel writers policy but nothing seems to work.
 
Channel: &ChannelDefaults
Policies:
# Who may invoke the 'Deliver' API
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
# Who may invoke the 'Broadcast' API
Writers:
Type: Signature
Rule: "OR('Org1MSP.member')"
# By default, who may modify elements at this config level
Admins:
Type: ImplicitMeta
Rule: "ANY Admins"
 
 
I need the writers policy to be one organization Org1.
 
I've tried:
 
"OR('Org1MSP.member')"  -> got unexpected status: FORBIDDEN -- signature set did not satisfy policy: permission denied 
"OR('Org1MSP.admin')" -> got unexpected status: FORBIDDEN -- signature set did not satisfy policy: permission denied
 
 
Thanks in advance
 

Join fabric@lists.hyperledger.org to automatically receive all group messages.