超级账本1.2版本--官网翻译(Using Private Data in Fabric)-part2

Peers in Org2 should have the first set of marbles private data (name, color, size and owner) in their side database and can access it using the
readMarble() function which is called with the collectionMarbles
argument.

Org2的peer节点应该在它们的本地数据库有第一组marbles的私有数据 (name, color, size and owner),并且可以使用collectionMarbles作为参数的readMarble()函数来访问它。

:guilabel:Try it yourself

… code:: bash

peer chaincode query -C mychannel -n marblesp -c '{"Args":["readMarble","marble1"]}'

You should see something similar to the following result:

你会看到类似下面的结果:

… code:: json

{"docType":"marble","name":"marble1","color":"blue","size":35,"owner":"tom"}

Query private data Org2 is not authorized to-未被授权查询私有数据Org2
​~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Peers in Org2 do not have the marbles price private data in their side database.
When they try to query for this data, they get back a hash of the key matching
the public state but will not have the private state.

Org2中的peer在它们的本地仓库没有存储marbles的 price 。当它们试图查询这个值的时候,它们找回与公共状态匹配的密钥的哈希值,但不会拥有私有状态的。

:guilabel:Try it yourself

… code:: bash

peer chaincode query -C mychannel -n marblesp -c '{"Args":["readMarblePrivateDetails","marble1"]}'

You should see a result similar to:

你会看到类似下面的结果:

… code:: json

{"Error":"Failed to get private details for marble1: GET_STATE failed:
transaction ID: b04adebbf165ddc90b4ab897171e1daa7d360079ac18e65fa15d84ddfebfae90:
Private data matching public hash version is not available. Public hash
version = &version.Height{BlockNum:0x6, TxNum:0x0}, Private data version =
(*version.Height)(nil)"}"

Members of Org2 will only be able to see the public hash of the private data.

Org2的成员将智能看到私有数据的公共hash。

… _pd-purge:

Purge Private Data-清楚私有数据

For use cases where private data only needs to be on the ledger until it can be
replicated into an off-chain database, it is possible to “purge” the data after
a certain set number of blocks, leaving behind only hash of the data that serves
as immutable evidence of the transaction.

对于私有数据只需要在账本上直到可以复制到离线数据库中的用例,可以在一定数量的块之后“清除”数据,只留下数据的哈希值。作为交易的不可改变的证据。

There may be private data including personal or confidential
information, such as the pricing data in our example, that the transacting
parties don’t want disclosed to other organizations on the channel. Thus, it
has a limited lifespan, and can be purged after existing unchanged on the
blockchain for a designated number of blocks using the blockToLive property
in the collection definition.

可能存在私人数据,包括个人或机密信息,例如我们示例中的定价数据,交易方不希望在渠道上向其他组织披露。 因此,它具有有限的寿命,并且可以在区块链中使用集合定义中的“blockToLive”属性在指定数量的块上保持不变之后进行清除。

Our collectionMarblePrivateDetails definition has a blockToLive
property value of three meaning this data will live on the side database for
three blocks and then after that it will get purged. Tying all of the pieces
together, recall this collection definition collectionMarblePrivateDetails
is associated with the price private data in the initMarble() function
when it calls the PutPrivateData() API and passes the
collectionMarblePrivateDetails as an argument.

我们的collectionMarblePrivateDetails定义有一个blockToLiveproperty值
三,意味着这个数据将存在于拥有三个块的本地数据库中,超过它将被清除。 将所有部分绑定在一起,回想一下这个集合定义collectionMarblePrivateDetailsinitMarble()函数中的price私有数据相关联,当它调用PutPrivateData()API时 传递collectionMarblePrivateDetails作为参数。

We will step through adding blocks to the chain, and then watch the price
information get purged by issuing four new transactions (Create a new marble,
followed by three marble transfers) which adds four new blocks to the chain.
After the fourth transaction (third marble transfer), we will verify that the
price private data is purged.

我们将逐步向链中添加块,然后通过发出四个新的交易(三个marble转移后创建一个新的marble)来观察价格信息被清除,这将为链添加四个新块。 在第四次交易(第三次marble转移)之后,我们将验证价格私人数据是否被清除。

:guilabel:Try it yourself

Switch back to peer0 in Org1 using the following commands. Copy and paste the
following code block and run it inside your peer container:

用下面的命令切换到Org1的peer0节点。复制粘贴下面的代码块并在peer容器中运行它:

… code:: bash

export CORE_PEER_ADDRESS=peer0.org1.example.com:7051
export CORE_PEER_LOCALMSPID=Org1MSP
export CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt
export CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/[email protected]/msp
export PEER0_ORG1_CA=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org1.example.com/tls/ca.crt

Open a new terminal window and view the private data logs for this peer by
running the following command:

打开一个新的终端,通过下面名查看这个peer的私有数据日志:

… code:: bash

docker logs peer0.org1.example.com 2>&1 | grep -i -a -E 'private|pvt|privdata'

You should see results similar to the following. Note the highest block number
in the list. In the example below, the highest block height is 4.

你回看到类似的结果。注意这个列表中的最高区块数量,在下面的列表中,区块的最大高度是4

… code:: bash

[pvtdatastorage] func1 -> INFO 023 Purger started: Purging expired private data till block number [0]
[pvtdatastorage] func1 -> INFO 024 Purger finished
[kvledger] CommitWithPvtData -> INFO 022 Channel [mychannel]: Committed block [0] with 1 transaction(s)
[kvledger] CommitWithPvtData -> INFO 02e Channel [mychannel]: Committed block [1] with 1 transaction(s)
[kvledger] CommitWithPvtData -> INFO 030 Channel [mychannel]: Committed block [2] with 1 transaction(s)
[kvledger] CommitWithPvtData -> INFO 036 Channel [mychannel]: Committed block [3] with 1 transaction(s)
[kvledger] CommitWithPvtData -> INFO 03e Channel [mychannel]: Committed block [4] with 1 transaction(s)

Back in the peer container, query for the marble1 price data by running the
following command. (A Query does not create a new transaction on the ledger
since no data is transacted).

回到peer容器,通过下面命令查看marble1的价格数据(由于没有数据处理,因此查询不会在账本上创建新事务)。

… code:: bash

peer chaincode query -C mychannel -n marblesp -c '{"Args":["readMarblePrivateDetails","marble1"]}'

You should see results similar to:

你会看到类似的信息:

… code:: bash

{"docType":"marblePrivateDetails","name":"marble1","price":99}

The price data is still on the private data ledger.

price数据依然存在私有数据账本上。

Create a new marble2 by issuing the following command. This transaction
creates a new block on the chain.

提交下面的命令来创建一个新的 marble2 。这个交易在链上创建一个新的交易。

… code:: bash

peer chaincode invoke -o orderer.example.com:7050 --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem -C mychannel -n marblesp -c '{"Args":["initMarble","marble2","blue","35","tom","99"]}'

Switch back to the Terminal window and view the private data logs for this peer
again. You should see the block height increase by 1.

切回到widow终端,再次查看peer的私有数据日志。你会看到区块高度加1.

… code:: bash

docker logs peer0.org1.example.com 2>&1 | grep -i -a -E 'private|pvt|privdata'

Back in the peer container, query for the marble1 price data again by
running the following command:

回到peer容器,再次通过下面的命令查询marble1的价格数据。

… code:: bash

peer chaincode query -C mychannel -n marblesp -c '{"Args":["readMarblePrivateDetails","marble1"]}'

The private data has not been purged, therefore the results are unchanged from
previous query:

这个数据还没有并清除,因此结果与先前的查询相同:

… code:: bash

{"docType":"marblePrivateDetails","name":"marble1","price":99}

Transfer marble2 to “joe” by running the following command. This transaction
will add a second new block on the chain.

通过运行以下命令将marble2传输到“joe”。 此事务将在链上添加第二个新块。

… code:: bash

peer chaincode invoke -o orderer.example.com:7050 --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem -C mychannel -n marblesp -c '{"Args":["transferMarble","marble2","joe"]}'

Switch back to the Terminal window and view the private data logs for this peer
again. You should see the block height increase by 1.

切换到window的终端然后再次查看peer的私有数据日志。你会看到区块高度加1.

… code:: bash

docker logs peer0.org1.example.com 2>&1 | grep -i -a -E 'private|pvt|privdata'

Back in the peer container, query for the marble1 price data by running
the following command:

在回到peer容器,通过下面的命令查看marble1的价格数据。

… code:: bash

peer chaincode query -C mychannel -n marblesp -c '{"Args":["readMarblePrivateDetails","marble1"]}'

You should still be able to see the price private data.

你依然能看到价格的私有数据:

… code:: bash

{"docType":"marblePrivateDetails","name":"marble1","price":99}

Transfer marble2 to “tom” by running the following command. This transaction
will create a third new block on the chain.

通过运行以下命令将marble2传输到“tom”。 此事务将在链上创建第三个新块。

… code:: bash

peer chaincode invoke -o orderer.example.com:7050 --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem -C mychannel -n marblesp -c '{"Args":["transferMarble","marble2","tom"]}'

Switch back to the Terminal window and view the private data logs for this peer
again. You should see the block height increase by 1.

切换到window的终端然后再次查看peer的私有数据日志。你会看到区块高度加1.

… code:: bash

docker logs peer0.org1.example.com 2>&1 | grep -i -a -E 'private|pvt|privdata'

Back in the peer container, query for the marble1 price data by running
the following command:

在回到peer容器,通过下面的命令查看marble1的价格数据。

… code:: bash

peer chaincode query -C mychannel -n marblesp -c '{"Args":["readMarblePrivateDetails","marble1"]}'

You should still be able to see the price data.

你依然能看到价格的私有数据:

… code:: bash

{"docType":"marblePrivateDetails","name":"marble1","price":99}

Finally, transfer marble2 to “jerry” by running the following command. This
transaction will create a fourth new block on the chain. The price private
data should be purged after this transaction.

最后,通过运行以下命令将marble2转移到“jerry”。 此事务将在链上创建第四个新块。 此交易后应清除“价格”私人数据。

… code:: bash

peer chaincode invoke -o orderer.example.com:7050 --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem -C mychannel -n marblesp -c '{"Args":["transferMarble","marble2","jerry"]}'

Switch back to the Terminal window and view the private data logs for this peer
again. You should see the block height increase by 1.

切换到window的终端然后再次查看peer的私有数据日志。你会看到区块高度加1.

… code:: bash

docker logs peer0.org1.example.com 2>&1 | grep -i -a -E 'private|pvt|privdata'

Back in the peer container, query for the marble1 price data by running the following command:

在回到peer容器,通过下面的命令查看marble1的价格数据。

… code:: bash

peer chaincode query -C mychannel -n marblesp -c '{"Args":["readMarblePrivateDetails","marble1"]}'

Because the price data has been purged, you should no longer be able to see
it. You should see something similar to:

因为价格私有数据已经被清除,你将不会在看到它。你会看到类似下面的输出:

… code:: bash

Error: endorsement failure during query. response: status:500
message:"{\"Error\":\"Marble private details does not exist: marble1\"}"

… _pd-indexes:

Using indexes with private data-使用私有数据索引

Indexes can also be applied to private data collections, by packaging indexes in
the META-INF/statedb/couchdb/collections/<collection_name>/indexes directory
alongside the chaincode. An example index is available here <https://github.com/hyperledger/fabric-samples/blob/master/chaincode/marbles02_private/go/META-INF/statedb/couchdb/collections/collectionMarbles/indexes/indexOwner.json>__ .

通过在链码旁边的“META-INF / statedb / couchdb / collections / <collection_name> / indexes``目录中打包索引,索引也可以应用于私有数据集合。 一个示例索引可用here <https://github.com/hyperledger/fabric samples / blob / master / chaincode / marbles02_private / go / META INF / statedb / couchdb / collections / collectionMarbles / indexes / indexOwner.json>__。

For deployment of chaincode to production environments, it is recommended
to define any indexes alongside chaincode so that the chaincode and supporting
indexes are deployed automatically as a unit, once the chaincode has been
installed on a peer and instantiated on a channel. The associated indexes are
automatically deployed upon chaincode instantiation on the channel when
the --collections-config flag is specified pointing to the location of
the collection JSON file.

为了将链码部署到生产环境,建议在链码旁边定义任何索引,以便一旦链码安装在peer并在通道上实例化,链码和支持索引作为一个单元自动部署。 当指定--collections config标志指向集合JSON文件的位置时,关联的索引在通道上的链代码实例化时自动部署。