diff --git a/cmd/neofs-node/object.go b/cmd/neofs-node/object.go index 9aaa5f1290..f0c5d5fd90 100644 --- a/cmd/neofs-node/object.go +++ b/cmd/neofs-node/object.go @@ -292,25 +292,31 @@ func initObjectService(c *cfg) { objectGRPC.RegisterObjectServiceServer(c.cfgGRPC.server, objectTransportGRPC.New( acl.New( - acl.NewSenderClassifier( - c.cfgNetmap.wrapper, - c.cfgNetmap.wrapper, + acl.WithSenderClassifier( + acl.NewSenderClassifier( + c.cfgNetmap.wrapper, + c.cfgNetmap.wrapper, + ), ), - c.cfgObject.cnrStorage, - objectService.NewSignService( - c.key, - objectService.NewTransportSplitter( - c.cfgGRPC.maxChunkSize, - c.cfgGRPC.maxAddrAmount, - &objectSvc{ - put: sPutV2, - search: sSearchV2, - head: sHeadV2, - rng: sRangeV2, - get: sGetV2, - rngHash: sRangeHashV2, - delete: sDeleteV2, - }, + acl.WithContainerSource( + c.cfgObject.cnrStorage, + ), + acl.WithNextService( + objectService.NewSignService( + c.key, + objectService.NewTransportSplitter( + c.cfgGRPC.maxChunkSize, + c.cfgGRPC.maxAddrAmount, + &objectSvc{ + put: sPutV2, + search: sSearchV2, + head: sHeadV2, + rng: sRangeV2, + get: sGetV2, + rngHash: sRangeHashV2, + delete: sDeleteV2, + }, + ), ), ), ), diff --git a/pkg/services/object/acl/basic.go b/pkg/services/object/acl/basic.go index 6da0a231dd..f06f0ee6a1 100644 --- a/pkg/services/object/acl/basic.go +++ b/pkg/services/object/acl/basic.go @@ -16,9 +16,7 @@ import ( type ( // Service checks basic ACL rules. Service struct { - containers core.Source - sender SenderClassifier - next object.Service + *cfg } putStreamBasicChecker struct { @@ -47,6 +45,17 @@ type ( } ) +// Option represents Service constructor option. +type Option func(*cfg) + +type cfg struct { + containers core.Source + + sender SenderClassifier + + next object.Service +} + var ( ErrMalformedRequest = errors.New("malformed request") ErrUnknownRole = errors.New("can't classify request sender") @@ -54,16 +63,20 @@ var ( ErrBasicAccessDenied = errors.New("access denied by basic acl") ) +func defaultCfg() *cfg { + return new(cfg) +} + // New is a constructor for object ACL checking service. -func New( - c SenderClassifier, - cnr core.Source, - next object.Service) Service { +func New(opts ...Option) Service { + cfg := defaultCfg() + + for i := range opts { + opts[i](cfg) + } return Service{ - containers: cnr, - sender: c, - next: next, + cfg: cfg, } } diff --git a/pkg/services/object/acl/opts.go b/pkg/services/object/acl/opts.go new file mode 100644 index 0000000000..52fa75b405 --- /dev/null +++ b/pkg/services/object/acl/opts.go @@ -0,0 +1,27 @@ +package acl + +import ( + "github.com/nspcc-dev/neofs-api-go/v2/object" + "github.com/nspcc-dev/neofs-node/pkg/core/container" +) + +// WithContainerSource returns option to set container source. +func WithContainerSource(v container.Source) Option { + return func(c *cfg) { + c.containers = v + } +} + +// WithSenderClassifier returns option to set sender classifier. +func WithSenderClassifier(v SenderClassifier) Option { + return func(c *cfg) { + c.sender = v + } +} + +// WithNextService returns option to set next object service. +func WithNextService(v object.Service) Option { + return func(c *cfg) { + c.next = v + } +}