skip if no acl file (hyperledger-archives#3551)

Signed-off-by: Nick Lincoln <[email protected]>

packages/composer-runtime/lib/engine.queries.js

@@ -71,18 +71,24 @@ class EngineQueries {
                 objects.forEach((object) => {
                     Registry.removeInternalProperties(object);
                 });
-                return objects.reduce((promiseChain, object) => {
-                    return promiseChain.then((objects) => {
-                        return accessController.check(serializer.fromJSON(object), 'READ')
-                            .then(() => {
-                                objects.push(object);
-                                return objects;
-                            })
-                            .catch((error) => {
-                                return objects;
-                            });
-                    });
-                }, Promise.resolve([]));
+
+                if (!context.getAclManager().getAclFile()) {
+                    LOG.debug(method, 'No ACL file');
+                    return Promise.resolve(objects);
+                } else {
+                    return objects.reduce((promiseChain, object) => {
+                        return promiseChain.then((objects) => {
+                            return accessController.check(serializer.fromJSON(object), 'READ')
+                                .then(() => {
+                                    objects.push(object);
+                                    return objects;
+                                })
+                                .catch((error) => {
+                                    return objects;
+                                });
+                        });
+                    }, Promise.resolve([]));
+                }
             })
             .then((objects) => {
                 LOG.exit(method, objects);

packages/composer-runtime/test/engine.queries.js

@@ -21,6 +21,8 @@ const Context = require('../lib/context');
 const DataService = require('../lib/dataservice');
 const Engine = require('../lib/engine');
 const LoggingService = require('../lib/loggingservice');
+const AclManager = require('composer-common').AclManager;
+const AclFile = require('composer-common').AclFile;
 const Resource = require('composer-common').Resource;
 const Serializer = require('composer-common').Serializer;
 
@@ -37,6 +39,7 @@ describe('EngineQueries', () => {
     let mockContext;
     let mockDataService;
     let mockCompiledQueryBundle;
+    let mockAclMananger;
     let mockAccessController;
     let mockSerializer;
     let mockResource1, mockResource2;
@@ -60,6 +63,9 @@ describe('EngineQueries', () => {
         mockAccessController = sinon.createStubInstance(AccessController);
         mockAccessController.check.resolves();
         mockContext.getAccessController.returns(mockAccessController);
+        mockAclMananger = sinon.createStubInstance(AclManager);
+        mockAclMananger.getAclFile.returns(sinon.createStubInstance(AclFile));
+        mockContext.getAclManager.returns(mockAclMananger);
         mockSerializer = sinon.createStubInstance(Serializer);
         mockContext.getSerializer.returns(mockSerializer);
         mockResource1 = sinon.createStubInstance(Resource);
@@ -150,6 +156,18 @@ describe('EngineQueries', () => {
                 });
         });
 
+        it('should not perform any acceess checks if no ACL file is present', () => {
+            mockAclMananger.getAclFile.returns(undefined);
+            return engine.query(mockContext, 'executeQuery', ['named', 'Q1', '{"param1":true}'])
+                .then((resources) => {
+                    sinon.assert.notCalled(mockAccessController.check);
+                    resources.should.deep.equal([
+                        { $identifier: 'ASSET_1' },
+                        { $identifier: 'ASSET_2' }
+                    ]);
+                });
+        });
+
     });
 
 });