Access control logic is not the only thing we will need to change in the chaincode. We use a somewhat contrived scenario where the initial version of the chaincode was created when only an early version of Fabric (say v1.0) was available. If you examine the logic to extract the MSP identity of the organization from which the transaction was issued as well as the common name in the certificate issued to the submitter of the chaincode transaction, it is done manually using the standard Go libraries. This is illustrated in the following code snippet in the getTxCreatorInfo function in chaincode/src/github.com/trade_workflow/accessControlUtils.go:
creatorSerializedId := &msp.SerializedIdentity{} err = proto.Unmarshal(creator, ...