Acl invoke

README.md

@@ -675,6 +675,20 @@ Example:
 To send requests to a specific peer(s), you need to specify the --peers parameter "url1,url2,url3"
 Use ```,``` to list the list of peer addresses
 
+### InvokeAcl
+
+All ACL methods must be invoked through `invokeAcl`, **except** the following:
+
+- `ChangePublicKeyWithTypeAndBase58Signature`
+- `ChangePublicKeyWithBase58Signature`
+
+Example of calling an ACL method via `invokeAcl`:
+
+```shell
+./testnet-cli --config ./bh-dev/cli.yaml -s 6fb7f9ad0c307d8fa80a5e9918002c9dbb066eb14e7175fde647cd0e58a8a5de974a32f42be7b72d735d80843106d87add11c5b107b6e2429dea43a1250d4a2b invokeAcl acl addAdditionalKey xfvpLjdYAx94ixGqU3N2mvZN7D5Y79NP26DTeGWgn4f1gktVk Qx9KnoJCRqks8yr8BawFxRPpHfvFR7EtGdFfmtMGWCoTipaWZrspGSSEyTCTNt4KuXzDGDp31q8vzU1fWNSso2oB "[\"sign\",\"validator\"]"
+```
+
+
 #### Invoke with signed args
 
 Sign args and send invoke to hlf. Required connection to hlf.

cmd/invokeAclCmd.go

@@ -23,19 +23,12 @@ var invokeACLCmd = &cobra.Command{ //nolint:unused
 
 		channelID, methodName, methodArgs := handlerArgs(args)
 
-		logger.Debug(channelID)
-		logger.Debug(methodName)
-		fmt.Printf("%v\n", methodArgs)
+		logger.Debug("channelID", zap.String("channelID", channelID))
+		logger.Debug("methodName", zap.String("methodName", methodName))
+		logger.Debug("methodArgs", zap.Any("methodArgs", methodArgs))
 
-		address := methodArgs[0]
-		reason := methodArgs[1]
-		reasonID := methodArgs[2]
-		newPkey := methodArgs[3]
-
-		logger.Debug("methodArgs")
 		for i, arg := range methodArgs {
-			fmt.Printf("[%d]\n", i)
-			fmt.Printf("    - '%v'\n", arg)
+			fmt.Printf("[%d] '%v'\n", i, arg)
 		}
 
 		var validators []*keys.Keys
@@ -47,18 +40,20 @@ var invokeACLCmd = &cobra.Command{ //nolint:unused
 
 			k, err := service.GetKeys(secretKey, keyType)
 			if err != nil {
-				msg := "Failed to GetPrivateKey " + secretKey
-				FatalError(msg, err)
+				FatalError("Failed to GetPrivateKey "+secretKey, err)
 			}
 
 			validators = append(validators, k)
 		}
 
-		signedMessageArg, _, err := service.SignACL(validators, methodName, address, reason, reasonID, newPkey)
-		logger.Debug("--- signedMessage")
+		signedMessageArg, _, err := service.SignACL(validators, methodName, methodArgs)
+		if err != nil {
+			FatalError("Failed to sign ACL", err)
+		}
+
+		fmt.Println("Signed message arguments:")
 		for i, arg := range signedMessageArg {
-			fmt.Printf("%d\n", i)
-			fmt.Printf("%v\n", arg)
+			fmt.Printf("[%d] %v\n", i, arg)
 		}
 		if err != nil {
 			FatalError("err signedMessage", err)

cmd/root.go

@@ -74,15 +74,14 @@ func init() {
 	rootCmd.AddCommand(queryCmd)
 	rootCmd.AddCommand(invokeCmd)
 	rootCmd.AddCommand(scriptCmd)
+	rootCmd.AddCommand(invokeACLCmd)
 
 	rootCmd.AddCommand(blockByIDCmd)
 	rootCmd.AddCommand(channelHeightCmd)
 	rootCmd.AddCommand(txCmd)
-
 	rootCmd.AddCommand(statusCmd)
 	// rootCmd.AddCommand(fetchBatchCmd)
 
-	// rootCmd.AddCommand(invokeACLCmd)
 	// rootCmd.AddCommand(chaincodeVersionCmd)
 	rootCmd.AddCommand(convertCmd)
 	rootCmd.AddCommand(getTxIDFromBlockCmd)

service/crypto.go

@@ -60,10 +60,10 @@ func Sign(k *keys.Keys, channel string, chaincode string, methodName string, arg
 // It builds a message from the provided method name, address, reason, reasonID, new public key, and nonce.
 // Each signer signs the same message using their private key, and all signatures are collected.
 // Returns the message with all signatures, the message hash, and an error if any occurred.
-func SignACL(signers []*keys.Keys, methodName string, address string, reason string, reasonID string, newPkey string) ([]string, string, error) {
+func SignACL(signers []*keys.Keys, methodName string, args []string) ([]string, string, error) {
 	nonce := GetNonce()
 
-	result := []string{methodName, address, reason, reasonID, newPkey, nonce}
+	result := append([]string{methodName}, append(args, nonce)...)
 	for _, k := range signers {
 		pubBase58, err := ConvertPublicKeyToBase58(k)
 		if err != nil {