diff --git a/cmd/neofs-cli/modules/container/create.go b/cmd/neofs-cli/modules/container/create.go index bf7336fbef..3a9c0dd1e9 100644 --- a/cmd/neofs-cli/modules/container/create.go +++ b/cmd/neofs-cli/modules/container/create.go @@ -98,7 +98,6 @@ It will be stored in sidechain when inner ring will accepts it.`, issuer := tok.Issuer() cnr.SetOwnerID(&issuer) - cnr.SetSessionToken(tok) } else { var idOwner user.ID user.IDFromKey(&idOwner, key.PublicKey) @@ -113,7 +112,6 @@ It will be stored in sidechain when inner ring will accepts it.`, cnr.SetBasicACL(basicACL) cnr.SetAttributes(attributes) cnr.SetNonceUUID(nonce) - cnr.SetSessionToken(tok) cli := internalclient.GetSDKClientByFlag(cmd, key, commonflags.RPC) @@ -121,6 +119,10 @@ It will be stored in sidechain when inner ring will accepts it.`, putPrm.SetClient(cli) putPrm.SetContainer(*cnr) + if tok != nil { + putPrm.WithinSession(*tok) + } + res, err := internalclient.PutContainer(putPrm) common.ExitOnErr(cmd, "rpc error: %w", err) diff --git a/cmd/neofs-cli/modules/container/get_eacl.go b/cmd/neofs-cli/modules/container/get_eacl.go index fdf1cedfbc..6ccf3654e6 100644 --- a/cmd/neofs-cli/modules/container/get_eacl.go +++ b/cmd/neofs-cli/modules/container/get_eacl.go @@ -3,7 +3,6 @@ package container import ( "os" - "github.com/nspcc-dev/neofs-api-go/v2/refs" internalclient "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/client" "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/common" "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/commonflags" @@ -29,22 +28,10 @@ var getExtendedACLCmd = &cobra.Command{ eaclTable := res.EACL() - sig := eaclTable.Signature() - - // TODO(@cthulhu-rider): #1387 avoid type conversion - var sigV2 refs.Signature - sig.WriteToV2(&sigV2) - if containerPathTo == "" { cmd.Println("eACL: ") common.PrettyPrintJSON(cmd, eaclTable, "eACL") - var sigV2 refs.Signature - sig.WriteToV2(&sigV2) - - cmd.Println("Signature:") - common.PrettyPrintJSON(cmd, &sigV2, "signature") - return } @@ -60,9 +47,6 @@ var getExtendedACLCmd = &cobra.Command{ cmd.Println("dumping data to file:", containerPathTo) - cmd.Println("Signature:") - common.PrettyPrintJSON(cmd, &sigV2, "signature") - err = os.WriteFile(containerPathTo, data, 0644) common.ExitOnErr(cmd, "could not write eACL to file: %w", err) }, diff --git a/cmd/neofs-cli/modules/container/set_eacl.go b/cmd/neofs-cli/modules/container/set_eacl.go index e5b69f128e..89e8ea6c31 100644 --- a/cmd/neofs-cli/modules/container/set_eacl.go +++ b/cmd/neofs-cli/modules/container/set_eacl.go @@ -32,7 +32,6 @@ Container ID in EACL table will be substituted with ID from the CLI.`, } eaclTable.SetCID(id) - eaclTable.SetSessionToken(tok) pk := key.GetOrGenerate(cmd) cli := internalclient.GetSDKClientByFlag(cmd, pk, commonflags.RPC) @@ -41,6 +40,10 @@ Container ID in EACL table will be substituted with ID from the CLI.`, setEACLPrm.SetClient(cli) setEACLPrm.SetTable(*eaclTable) + if tok != nil { + setEACLPrm.WithinSession(*tok) + } + _, err := internalclient.SetEACL(setEACLPrm) common.ExitOnErr(cmd, "rpc error: %w", err) diff --git a/cmd/neofs-node/cache.go b/cmd/neofs-node/cache.go index b65f214c66..c3b9b401ca 100644 --- a/cmd/neofs-node/cache.go +++ b/cmd/neofs-node/cache.go @@ -10,9 +10,7 @@ import ( cntClient "github.com/nspcc-dev/neofs-node/pkg/morph/client/container" "github.com/nspcc-dev/neofs-node/pkg/services/object/acl/eacl" putsvc "github.com/nspcc-dev/neofs-node/pkg/services/object/put" - containerSDK "github.com/nspcc-dev/neofs-sdk-go/container" cid "github.com/nspcc-dev/neofs-sdk-go/container/id" - eaclSDK "github.com/nspcc-dev/neofs-sdk-go/eacl" netmapSDK "github.com/nspcc-dev/neofs-sdk-go/netmap" "github.com/nspcc-dev/neofs-sdk-go/user" ) @@ -147,13 +145,13 @@ func newCachedContainerStorage(v container.Source) *ttlContainerStorage { // Get returns container value from the cache. If value is missing in the cache // or expired, then it returns value from side chain and updates the cache. -func (s *ttlContainerStorage) Get(cnr cid.ID) (*containerSDK.Container, error) { +func (s *ttlContainerStorage) Get(cnr cid.ID) (*container.Container, error) { val, err := (*ttlNetCache)(s).get(cnr.EncodeToString()) if err != nil { return nil, err } - return val.(*containerSDK.Container), nil + return val.(*container.Container), nil } type ttlEACLStorage ttlNetCache @@ -180,13 +178,13 @@ func newCachedEACLStorage(v eacl.Source) *ttlEACLStorage { // GetEACL returns eACL value from the cache. If value is missing in the cache // or expired, then it returns value from side chain and updates cache. -func (s *ttlEACLStorage) GetEACL(cnr cid.ID) (*eaclSDK.Table, error) { +func (s *ttlEACLStorage) GetEACL(cnr cid.ID) (*container.EACL, error) { val, err := (*ttlNetCache)(s).get(cnr.EncodeToString()) if err != nil { return nil, err } - return val.(*eaclSDK.Table), nil + return val.(*container.EACL), nil } // InvalidateEACL removes cached eACL value. diff --git a/cmd/neofs-node/container.go b/cmd/neofs-node/container.go index 0b30af5fc5..91780c48bf 100644 --- a/cmd/neofs-node/container.go +++ b/cmd/neofs-node/container.go @@ -30,7 +30,6 @@ import ( apiClient "github.com/nspcc-dev/neofs-sdk-go/client" containerSDK "github.com/nspcc-dev/neofs-sdk-go/container" cid "github.com/nspcc-dev/neofs-sdk-go/container/id" - eaclSDK "github.com/nspcc-dev/neofs-sdk-go/eacl" "github.com/nspcc-dev/neofs-sdk-go/netmap" "github.com/nspcc-dev/neofs-sdk-go/user" "go.uber.org/zap" @@ -355,7 +354,7 @@ func (l *loadPlacementBuilder) buildPlacement(epoch uint64, idCnr cid.ID) ([][]n return nil, nil, err } - policy := cnr.PlacementPolicy() + policy := cnr.Value.PlacementPolicy() if policy == nil { return nil, nil, errors.New("missing placement policy in container") } @@ -566,11 +565,11 @@ type morphContainerReader struct { } } -func (x *morphContainerReader) Get(id cid.ID) (*containerSDK.Container, error) { +func (x *morphContainerReader) Get(id cid.ID) (*containerCore.Container, error) { return x.get.Get(id) } -func (x *morphContainerReader) GetEACL(id cid.ID) (*eaclSDK.Table, error) { +func (x *morphContainerReader) GetEACL(id cid.ID) (*containerCore.EACL, error) { return x.eacl.GetEACL(id) } @@ -586,13 +585,13 @@ type morphContainerWriter struct { lists *ttlContainerLister } -func (m morphContainerWriter) Put(cnr *containerSDK.Container) (*cid.ID, error) { +func (m morphContainerWriter) Put(cnr containerCore.Container) (*cid.ID, error) { containerID, err := cntClient.Put(m.neoClient, cnr) if err != nil { return nil, err } - idOwner := cnr.OwnerID() + idOwner := cnr.Value.OwnerID() if idOwner == nil { return nil, errors.New("missing container owner") } @@ -608,14 +607,14 @@ func (m morphContainerWriter) Delete(witness containerCore.RemovalWitness) error return cntClient.Delete(m.neoClient, witness) } -func (m morphContainerWriter) PutEACL(table *eaclSDK.Table) error { - err := cntClient.PutEACL(m.neoClient, table) +func (m morphContainerWriter) PutEACL(eaclInfo containerCore.EACL) error { + err := cntClient.PutEACL(m.neoClient, eaclInfo) if err != nil { return err } if m.cacheEnabled { - id, _ := table.CID() + id, _ := eaclInfo.Value.CID() m.eacls.InvalidateEACL(id) } diff --git a/cmd/neofs-node/object.go b/cmd/neofs-node/object.go index 441e5de69f..4cf83191fb 100644 --- a/cmd/neofs-node/object.go +++ b/cmd/neofs-node/object.go @@ -11,6 +11,7 @@ import ( policerconfig "github.com/nspcc-dev/neofs-node/cmd/neofs-node/config/policer" replicatorconfig "github.com/nspcc-dev/neofs-node/cmd/neofs-node/config/replicator" coreclient "github.com/nspcc-dev/neofs-node/pkg/core/client" + containercore "github.com/nspcc-dev/neofs-node/pkg/core/container" "github.com/nspcc-dev/neofs-node/pkg/core/netmap" objectCore "github.com/nspcc-dev/neofs-node/pkg/core/object" "github.com/nspcc-dev/neofs-node/pkg/local_object_storage/engine" @@ -402,29 +403,23 @@ type morphEACLFetcher struct { w *cntClient.Client } -func (s *morphEACLFetcher) GetEACL(cnr cid.ID) (*eaclSDK.Table, error) { - table, err := s.w.GetEACL(cnr) +func (s *morphEACLFetcher) GetEACL(cnr cid.ID) (*containercore.EACL, error) { + eaclInfo, err := s.w.GetEACL(cnr) if err != nil { return nil, err } - sig := table.Signature() - if sig == nil { - // TODO(@cthulhu-rider): #1387 use "const" error - return nil, errors.New("missing signature") - } - - binTable, err := table.Marshal() + binTable, err := eaclInfo.Value.Marshal() if err != nil { return nil, fmt.Errorf("marshal eACL table: %w", err) } - if !sig.Verify(binTable) { + if !eaclInfo.Signature.Verify(binTable) { // TODO(@cthulhu-rider): #1387 use "const" error return nil, errors.New("invalid signature of the eACL table") } - return table, nil + return eaclInfo, nil } type reputationClientConstructor struct { diff --git a/go.mod b/go.mod index 8c8cb11a3b..25abbbeede 100644 --- a/go.mod +++ b/go.mod @@ -19,7 +19,7 @@ require ( github.com/nspcc-dev/neo-go/pkg/interop v0.0.0-20220601120906-3bec6657f5c5 // indirect github.com/nspcc-dev/neofs-api-go/v2 v2.12.3-0.20220620114558-454b5c0ed7e9 github.com/nspcc-dev/neofs-contract v0.15.1 - github.com/nspcc-dev/neofs-sdk-go v1.0.0-rc.4.0.20220616082321-e986f4780721 + github.com/nspcc-dev/neofs-sdk-go v1.0.0-rc.4.0.20220621170307-721df386c599 github.com/nspcc-dev/tzhash v1.5.2 github.com/panjf2000/ants/v2 v2.4.0 github.com/paulmach/orb v0.2.2 diff --git a/go.sum b/go.sum index f2ff65ec27..692ad252ec 100644 Binary files a/go.sum and b/go.sum differ diff --git a/pkg/core/container/storage.go b/pkg/core/container/storage.go index c44b55b76c..8ca3398667 100644 --- a/pkg/core/container/storage.go +++ b/pkg/core/container/storage.go @@ -6,8 +6,23 @@ import ( apistatus "github.com/nspcc-dev/neofs-sdk-go/client/status" "github.com/nspcc-dev/neofs-sdk-go/container" cid "github.com/nspcc-dev/neofs-sdk-go/container/id" + neofscrypto "github.com/nspcc-dev/neofs-sdk-go/crypto" + "github.com/nspcc-dev/neofs-sdk-go/eacl" + "github.com/nspcc-dev/neofs-sdk-go/session" ) +// Container groups information about the NeoFS container stored in the NeoFS network. +type Container struct { + // Container structure. + Value *container.Container + + // Signature of the Value. + Signature neofscrypto.Signature + + // Session within which Value was created. Nil means session absence. + Session *session.Container +} + // Source is an interface that wraps // basic container receiving method. type Source interface { @@ -19,7 +34,7 @@ type Source interface { // // Implementations must not retain the container pointer and modify // the container through it. - Get(cid.ID) (*container.Container, error) + Get(cid.ID) (*Container, error) } // IsErrNotFound checks if the error returned by Source.Get corresponds @@ -31,3 +46,16 @@ func IsErrNotFound(err error) bool { // ErrEACLNotFound is returned by eACL storage implementations when // the requested eACL table is not in the storage. var ErrEACLNotFound = errors.New("extended ACL table is not set for this container") + +// EACL groups information about the NeoFS container's extended ACL stored in +// the NeoFS network. +type EACL struct { + // Extended ACL structure. + Value *eacl.Table + + // Signature of the Value. + Signature neofscrypto.Signature + + // Session within which Value was set. Nil means session absence. + Session *session.Container +} diff --git a/pkg/innerring/processors/audit/process.go b/pkg/innerring/processors/audit/process.go index 83c974b79a..36849b619a 100644 --- a/pkg/innerring/processors/audit/process.go +++ b/pkg/innerring/processors/audit/process.go @@ -60,7 +60,7 @@ func (ap *Processor) processStartAudit(epoch uint64) { continue } - policy := cnr.PlacementPolicy() + policy := cnr.Value.PlacementPolicy() if policy == nil { log.Error("missing placement policy in container, ignore", zap.Stringer("cid", containers[i]), @@ -108,7 +108,7 @@ func (ap *Processor) processStartAudit(epoch uint64) { WithAuditContext(auditCtx). WithContainerID(containers[i]). WithStorageGroupList(storageGroups). - WithContainerStructure(cnr). + WithContainerStructure(cnr.Value). WithContainerNodes(nodes). WithNetworkMap(nm) diff --git a/pkg/innerring/processors/container/process_container.go b/pkg/innerring/processors/container/process_container.go index ff6bb34c6a..081d6e8b8e 100644 --- a/pkg/innerring/processors/container/process_container.go +++ b/pkg/innerring/processors/container/process_container.go @@ -169,7 +169,7 @@ func (cp *Processor) checkDeleteContainer(e *containerEvent.Delete) error { return fmt.Errorf("could not receive the container: %w", err) } - ownerContainer := cnr.OwnerID() + ownerContainer := cnr.Value.OwnerID() if ownerContainer == nil { return errors.New("missing container owner") } diff --git a/pkg/innerring/processors/container/process_eacl.go b/pkg/innerring/processors/container/process_eacl.go index caf36ad687..747218ee79 100644 --- a/pkg/innerring/processors/container/process_eacl.go +++ b/pkg/innerring/processors/container/process_eacl.go @@ -52,7 +52,7 @@ func (cp *Processor) checkSetEACL(e container.SetEACL) error { } // ACL extensions can be disabled by basic ACL, check it - basicACL := cnr.BasicACL() + basicACL := cnr.Value.BasicACL() const finalBitMask = 1 << 28 // Temp solution: NeoFS SDK is going to provide convenient interface to do this soon. @@ -61,7 +61,7 @@ func (cp *Processor) checkSetEACL(e container.SetEACL) error { return errors.New("ACL extension disabled by container basic ACL") } - ownerContainer := cnr.OwnerID() + ownerContainer := cnr.Value.OwnerID() if ownerContainer == nil { return errors.New("missing container owner") } diff --git a/pkg/innerring/settlement.go b/pkg/innerring/settlement.go index 0a0033daa5..349f1b5b51 100644 --- a/pkg/innerring/settlement.go +++ b/pkg/innerring/settlement.go @@ -123,7 +123,7 @@ func (s settlementDeps) ContainerInfo(cid cid.ID) (common.ContainerInfo, error) return nil, fmt.Errorf("could not get container from storage: %w", err) } - return (*containerWrapper)(cnr), nil + return (*containerWrapper)(cnr.Value), nil } func (s settlementDeps) buildContainer(e uint64, cid cid.ID) ([][]netmapAPI.NodeInfo, *netmapAPI.NetMap, error) { @@ -147,7 +147,7 @@ func (s settlementDeps) buildContainer(e uint64, cid cid.ID) ([][]netmapAPI.Node return nil, nil, fmt.Errorf("could not get container from sidechain: %w", err) } - policy := cnr.PlacementPolicy() + policy := cnr.Value.PlacementPolicy() if policy == nil { return nil, nil, errors.New("missing placement policy in container") } diff --git a/pkg/morph/client/container/eacl.go b/pkg/morph/client/container/eacl.go index 76cee0f4f5..8d8bd5958f 100644 --- a/pkg/morph/client/container/eacl.go +++ b/pkg/morph/client/container/eacl.go @@ -8,14 +8,13 @@ import ( "github.com/nspcc-dev/neofs-node/pkg/core/container" "github.com/nspcc-dev/neofs-node/pkg/morph/client" cid "github.com/nspcc-dev/neofs-sdk-go/container/id" - neofscrypto "github.com/nspcc-dev/neofs-sdk-go/crypto" "github.com/nspcc-dev/neofs-sdk-go/eacl" "github.com/nspcc-dev/neofs-sdk-go/session" ) // GetEACL reads the extended ACL table from NeoFS system // through Container contract call. -func (c *Client) GetEACL(cnr cid.ID) (*eacl.Table, error) { +func (c *Client) GetEACL(cnr cid.ID) (*container.EACL, error) { binCnr := make([]byte, sha256.Size) cnr.Encode(binCnr) @@ -66,34 +65,29 @@ func (c *Client) GetEACL(cnr cid.ID) (*eacl.Table, error) { return nil, fmt.Errorf("could not get byte array of eACL session token (%s): %w", eaclMethod, err) } - table := eacl.NewTable() - if err = table.Unmarshal(rawEACL); err != nil { - // use other major version if there any + var res container.EACL + + res.Value = eacl.NewTable() + if err = res.Value.Unmarshal(rawEACL); err != nil { return nil, err } if len(binToken) > 0 { - var tok session.Container + res.Session = new(session.Container) - err = tok.Unmarshal(binToken) + err = res.Session.Unmarshal(binToken) if err != nil { return nil, fmt.Errorf("could not unmarshal session token: %w", err) } - - table.SetSessionToken(&tok) } - // FIXME(@cthulhu-rider): #1387 temp solution, later table structure won't have a signature - + // TODO(@cthulhu-rider): #1387 implement and use another approach to avoid conversion var sigV2 refs.Signature sigV2.SetKey(pub) sigV2.SetSign(sig) sigV2.SetScheme(refs.ECDSA_RFC6979_SHA256) - var tableSignature neofscrypto.Signature - tableSignature.ReadFromV2(sigV2) + res.Signature.ReadFromV2(sigV2) - table.SetSignature(&tableSignature) - - return table, nil + return &res, nil } diff --git a/pkg/morph/client/container/eacl_set.go b/pkg/morph/client/container/eacl_set.go index ffaf85c8ae..93f46408d8 100644 --- a/pkg/morph/client/container/eacl_set.go +++ b/pkg/morph/client/container/eacl_set.go @@ -4,8 +4,8 @@ import ( "fmt" "github.com/nspcc-dev/neofs-api-go/v2/refs" + containercore "github.com/nspcc-dev/neofs-node/pkg/core/container" "github.com/nspcc-dev/neofs-node/pkg/morph/client" - "github.com/nspcc-dev/neofs-sdk-go/eacl" ) // PutEACL marshals table, and passes it to Wrapper's PutEACLBinary method @@ -14,12 +14,12 @@ import ( // Returns error if table is nil. // // If TryNotary is provided, calls notary contract. -func PutEACL(c *Client, table *eacl.Table) error { - if table == nil { +func PutEACL(c *Client, eaclInfo containercore.EACL) error { + if eaclInfo.Value == nil { return errNilArgument } - data, err := table.Marshal() + data, err := eaclInfo.Value.Marshal() if err != nil { return fmt.Errorf("can't marshal eacl table: %w", err) } @@ -27,18 +27,16 @@ func PutEACL(c *Client, table *eacl.Table) error { var prm PutEACLPrm prm.SetTable(data) - if tok := table.SessionToken(); tok != nil { - prm.SetToken(tok.Marshal()) + if eaclInfo.Session != nil { + prm.SetToken(eaclInfo.Session.Marshal()) } - if sig := table.Signature(); sig != nil { - // TODO(@cthulhu-rider): #1387 implement and use another approach to avoid conversion - var sigV2 refs.Signature - sig.WriteToV2(&sigV2) + // TODO(@cthulhu-rider): #1387 implement and use another approach to avoid conversion + var sigV2 refs.Signature + eaclInfo.Signature.WriteToV2(&sigV2) - prm.SetKey(sigV2.GetKey()) - prm.SetSignature(sigV2.GetSign()) - } + prm.SetKey(sigV2.GetKey()) + prm.SetSignature(sigV2.GetSign()) return c.PutEACL(prm) } diff --git a/pkg/morph/client/container/get.go b/pkg/morph/client/container/get.go index a299f7f163..adaef4e499 100644 --- a/pkg/morph/client/container/get.go +++ b/pkg/morph/client/container/get.go @@ -7,6 +7,7 @@ import ( "github.com/nspcc-dev/neofs-api-go/v2/refs" containerContract "github.com/nspcc-dev/neofs-contract/container" + containercore "github.com/nspcc-dev/neofs-node/pkg/core/container" core "github.com/nspcc-dev/neofs-node/pkg/core/container" "github.com/nspcc-dev/neofs-node/pkg/morph/client" apistatus "github.com/nspcc-dev/neofs-sdk-go/client/status" @@ -18,7 +19,7 @@ import ( type containerSource Client -func (x *containerSource) Get(cnr cid.ID) (*container.Container, error) { +func (x *containerSource) Get(cnr cid.ID) (*containercore.Container, error) { return Get((*Client)(x), cnr) } @@ -29,7 +30,7 @@ func AsContainerSource(w *Client) core.Source { } // Get marshals container ID, and passes it to Wrapper's Get method. -func Get(c *Client, cnr cid.ID) (*container.Container, error) { +func Get(c *Client, cnr cid.ID) (*containercore.Container, error) { binCnr := make([]byte, sha256.Size) cnr.Encode(binCnr) @@ -41,7 +42,7 @@ func Get(c *Client, cnr cid.ID) (*container.Container, error) { // // If an empty slice is returned for the requested identifier, // storage.ErrNotFound error is returned. -func (c *Client) Get(cid []byte) (*container.Container, error) { +func (c *Client) Get(cid []byte) (*containercore.Container, error) { prm := client.TestInvokePrm{} prm.SetMethod(getMethod) prm.SetArgs(cid) @@ -87,25 +88,24 @@ func (c *Client) Get(cid []byte) (*container.Container, error) { return nil, fmt.Errorf("could not get byte array of session token (%s): %w", getMethod, err) } - cnr := container.New() - if err := cnr.Unmarshal(cnrBytes); err != nil { + var cnr containercore.Container + + cnr.Value = container.New() + if err := cnr.Value.Unmarshal(cnrBytes); err != nil { // use other major version if there any return nil, fmt.Errorf("can't unmarshal container: %w", err) } if len(tokBytes) > 0 { - var tok session.Container + cnr.Session = new(session.Container) - err = tok.Unmarshal(tokBytes) + err = cnr.Session.Unmarshal(tokBytes) if err != nil { return nil, fmt.Errorf("could not unmarshal session token: %w", err) } - - cnr.SetSessionToken(&tok) } - // FIXME(@cthulhu-rider): #1387 temp solution, later table structure won't have a signature - + // TODO(@cthulhu-rider): #1387 implement and use another approach to avoid conversion var sigV2 refs.Signature sigV2.SetKey(pub) sigV2.SetSign(sigBytes) @@ -114,7 +114,5 @@ func (c *Client) Get(cid []byte) (*container.Container, error) { var sig neofscrypto.Signature sig.ReadFromV2(sigV2) - cnr.SetSignature(&sig) - - return cnr, nil + return &cnr, nil } diff --git a/pkg/morph/client/container/put.go b/pkg/morph/client/container/put.go index fad512ce96..39ecf62d19 100644 --- a/pkg/morph/client/container/put.go +++ b/pkg/morph/client/container/put.go @@ -5,6 +5,7 @@ import ( "fmt" "github.com/nspcc-dev/neofs-api-go/v2/refs" + containercore "github.com/nspcc-dev/neofs-node/pkg/core/container" "github.com/nspcc-dev/neofs-node/pkg/morph/client" "github.com/nspcc-dev/neofs-sdk-go/container" cid "github.com/nspcc-dev/neofs-sdk-go/container/id" @@ -14,35 +15,33 @@ import ( // along with sig.Key() and sig.Sign(). // // Returns error if container is nil. -func Put(c *Client, cnr *container.Container) (*cid.ID, error) { - if cnr == nil { +func Put(c *Client, cnr containercore.Container) (*cid.ID, error) { + if cnr.Value == nil { return nil, errNilArgument } - data, err := cnr.Marshal() + data, err := cnr.Value.Marshal() if err != nil { return nil, fmt.Errorf("can't marshal container: %w", err) } - name, zone := container.GetNativeNameWithZone(cnr) + name, zone := container.GetNativeNameWithZone(cnr.Value) var prm PutPrm prm.SetContainer(data) prm.SetName(name) prm.SetZone(zone) - if tok := cnr.SessionToken(); tok != nil { - prm.SetToken(tok.Marshal()) + if cnr.Session != nil { + prm.SetToken(cnr.Session.Marshal()) } - if sig := cnr.Signature(); sig != nil { - // TODO(@cthulhu-rider): #1387 implement and use another approach to avoid conversion - var sigV2 refs.Signature - sig.WriteToV2(&sigV2) + // TODO(@cthulhu-rider): #1387 implement and use another approach to avoid conversion + var sigV2 refs.Signature + cnr.Signature.WriteToV2(&sigV2) - prm.SetKey(sigV2.GetKey()) - prm.SetSignature(sigV2.GetSign()) - } + prm.SetKey(sigV2.GetKey()) + prm.SetSignature(sigV2.GetSign()) err = c.Put(prm) if err != nil { diff --git a/pkg/services/container/morph/executor.go b/pkg/services/container/morph/executor.go index e5508c79cd..7a7e5bed9e 100644 --- a/pkg/services/container/morph/executor.go +++ b/pkg/services/container/morph/executor.go @@ -13,7 +13,6 @@ import ( "github.com/nspcc-dev/neofs-node/pkg/services/object/acl/eacl" containerSDK "github.com/nspcc-dev/neofs-sdk-go/container" cid "github.com/nspcc-dev/neofs-sdk-go/container/id" - neofscrypto "github.com/nspcc-dev/neofs-sdk-go/crypto" eaclSDK "github.com/nspcc-dev/neofs-sdk-go/eacl" "github.com/nspcc-dev/neofs-sdk-go/session" "github.com/nspcc-dev/neofs-sdk-go/user" @@ -38,11 +37,11 @@ type Reader interface { // Writer is an interface of container storage updater. type Writer interface { // Put stores specified container in the side chain. - Put(*containerSDK.Container) (*cid.ID, error) + Put(containercore.Container) (*cid.ID, error) // Delete removes specified container from the side chain. Delete(containercore.RemovalWitness) error // PutEACL updates extended ACL table of specified container in the side chain. - PutEACL(*eaclSDK.Table) error + PutEACL(containercore.EACL) error } func NewExecutor(rdr Reader, wrt Writer) containerSvc.ServiceExecutor { @@ -59,22 +58,19 @@ func (s *morphExecutor) Put(_ context.Context, tokV2 *sessionV2.Token, body *con return nil, errors.New("missing signature") } - cnr := containerSDK.NewContainerFromV2(body.GetContainer()) + cnr := containercore.Container{ + Value: containerSDK.NewContainerFromV2(body.GetContainer()), + } - var sig neofscrypto.Signature - sig.ReadFromV2(*sigV2) - - cnr.SetSignature(&sig) + cnr.Signature.ReadFromV2(*sigV2) if tokV2 != nil { - var tok session.Container + cnr.Session = new(session.Container) - err := tok.ReadFromV2(*tokV2) + err := cnr.Session.ReadFromV2(*tokV2) if err != nil { return nil, fmt.Errorf("invalid session token: %w", err) } - - cnr.SetSessionToken(&tok) } idCnr, err := s.wrt.Put(cnr) @@ -151,21 +147,19 @@ func (s *morphExecutor) Get(ctx context.Context, body *container.GetRequestBody) var sigV2 *refs.Signature - if sig := cnr.Signature(); sig != nil { - sigV2 = new(refs.Signature) - sig.WriteToV2(sigV2) - } + sigV2 = new(refs.Signature) + cnr.Signature.WriteToV2(sigV2) var tokV2 *sessionV2.Token - if tok := cnr.SessionToken(); tok != nil { + if cnr.Session != nil { tokV2 = new(sessionV2.Token) - tok.WriteToV2(tokV2) + cnr.Session.WriteToV2(tokV2) } res := new(container.GetResponseBody) - res.SetContainer(cnr.ToV2()) + res.SetContainer(cnr.Value.ToV2()) res.SetSignature(sigV2) res.SetSessionToken(tokV2) @@ -208,25 +202,22 @@ func (s *morphExecutor) SetExtendedACL(ctx context.Context, tokV2 *sessionV2.Tok return nil, errors.New("missing signature") } - table := eaclSDK.NewTableFromV2(body.GetEACL()) + eaclInfo := containercore.EACL{ + Value: eaclSDK.NewTableFromV2(body.GetEACL()), + } - var sig neofscrypto.Signature - sig.ReadFromV2(*sigV2) - - table.SetSignature(&sig) + eaclInfo.Signature.ReadFromV2(*sigV2) if tokV2 != nil { - var tok session.Container + eaclInfo.Session = new(session.Container) - err := tok.ReadFromV2(*tokV2) + err := eaclInfo.Session.ReadFromV2(*tokV2) if err != nil { return nil, fmt.Errorf("invalid session token: %w", err) } - - table.SetSessionToken(&tok) } - err := s.wrt.PutEACL(table) + err := s.wrt.PutEACL(eaclInfo) if err != nil { return nil, err } @@ -247,29 +238,25 @@ func (s *morphExecutor) GetExtendedACL(ctx context.Context, body *container.GetE return nil, fmt.Errorf("invalid container ID: %w", err) } - table, err := s.rdr.GetEACL(id) + eaclInfo, err := s.rdr.GetEACL(id) if err != nil { return nil, err } - var sigV2 *refs.Signature - - if sig := table.Signature(); sig != nil { - sigV2 = new(refs.Signature) - sig.WriteToV2(sigV2) - } + var sigV2 refs.Signature + eaclInfo.Signature.WriteToV2(&sigV2) var tokV2 *sessionV2.Token - if tok := table.SessionToken(); tok != nil { + if eaclInfo.Session != nil { tokV2 = new(sessionV2.Token) - tok.WriteToV2(tokV2) + eaclInfo.Session.WriteToV2(tokV2) } res := new(container.GetExtendedACLResponseBody) - res.SetEACL(table.ToV2()) - res.SetSignature(sigV2) + res.SetEACL(eaclInfo.Value.ToV2()) + res.SetSignature(&sigV2) res.SetSessionToken(tokV2) return res, nil diff --git a/pkg/services/container/morph/executor_test.go b/pkg/services/container/morph/executor_test.go index 11aeb81816..1c4b464dc8 100644 --- a/pkg/services/container/morph/executor_test.go +++ b/pkg/services/container/morph/executor_test.go @@ -10,10 +10,8 @@ import ( containerCore "github.com/nspcc-dev/neofs-node/pkg/core/container" containerSvc "github.com/nspcc-dev/neofs-node/pkg/services/container" containerSvcMorph "github.com/nspcc-dev/neofs-node/pkg/services/container/morph" - containerSDK "github.com/nspcc-dev/neofs-sdk-go/container" cid "github.com/nspcc-dev/neofs-sdk-go/container/id" cidtest "github.com/nspcc-dev/neofs-sdk-go/container/id/test" - "github.com/nspcc-dev/neofs-sdk-go/eacl" sessiontest "github.com/nspcc-dev/neofs-sdk-go/session/test" "github.com/stretchr/testify/require" ) @@ -22,7 +20,7 @@ type mock struct { containerSvcMorph.Reader } -func (m mock) Put(_ *containerSDK.Container) (*cid.ID, error) { +func (m mock) Put(_ containerCore.Container) (*cid.ID, error) { return new(cid.ID), nil } @@ -30,7 +28,7 @@ func (m mock) Delete(_ containerCore.RemovalWitness) error { return nil } -func (m mock) PutEACL(_ *eacl.Table) error { +func (m mock) PutEACL(_ containerCore.EACL) error { return nil } diff --git a/pkg/services/object/acl/acl.go b/pkg/services/object/acl/acl.go index 6774f09b65..c14551b21c 100644 --- a/pkg/services/object/acl/acl.go +++ b/pkg/services/object/acl/acl.go @@ -148,7 +148,7 @@ func (c *Checker) CheckEACL(msg interface{}, reqInfo v2.RequestInfo) error { bearerTok := reqInfo.Bearer() if bearerTok == nil { - pTable, err := c.eaclSrc.GetEACL(cnr) + eaclInfo, err := c.eaclSrc.GetEACL(cnr) if err != nil { if errors.Is(err, container.ErrEACLNotFound) { return nil @@ -156,7 +156,7 @@ func (c *Checker) CheckEACL(msg interface{}, reqInfo v2.RequestInfo) error { return err } - table = *pTable + table = *eaclInfo.Value } else { table = bearerTok.EACLTable() } diff --git a/pkg/services/object/acl/acl_test.go b/pkg/services/object/acl/acl_test.go index 501226e3da..f31263d69b 100644 --- a/pkg/services/object/acl/acl_test.go +++ b/pkg/services/object/acl/acl_test.go @@ -3,6 +3,7 @@ package acl import ( "testing" + "github.com/nspcc-dev/neofs-node/pkg/core/container" "github.com/nspcc-dev/neofs-node/pkg/local_object_storage/engine" v2 "github.com/nspcc-dev/neofs-node/pkg/services/object/acl/v2" cid "github.com/nspcc-dev/neofs-sdk-go/container/id" @@ -14,7 +15,7 @@ import ( type emptyEACLSource struct{} -func (e emptyEACLSource) GetEACL(_ cid.ID) (*eaclSDK.Table, error) { +func (e emptyEACLSource) GetEACL(_ cid.ID) (*container.EACL, error) { return nil, nil } diff --git a/pkg/services/object/acl/eacl/types.go b/pkg/services/object/acl/eacl/types.go index 12f47cf9b0..0f3a836b36 100644 --- a/pkg/services/object/acl/eacl/types.go +++ b/pkg/services/object/acl/eacl/types.go @@ -1,8 +1,8 @@ package eacl import ( + containercore "github.com/nspcc-dev/neofs-node/pkg/core/container" cid "github.com/nspcc-dev/neofs-sdk-go/container/id" - "github.com/nspcc-dev/neofs-sdk-go/eacl" ) // Source is the interface that wraps @@ -15,5 +15,5 @@ type Source interface { // // Must return pkg/core/container.ErrEACLNotFound if requested // eACL table is not in source. - GetEACL(cid.ID) (*eacl.Table, error) + GetEACL(cid.ID) (*containercore.EACL, error) } diff --git a/pkg/services/object/acl/v2/service.go b/pkg/services/object/acl/v2/service.go index 4c9b4f223b..ec5894d751 100644 --- a/pkg/services/object/acl/v2/service.go +++ b/pkg/services/object/acl/v2/service.go @@ -506,7 +506,7 @@ func (b Service) findRequestInfo(req MetaWithToken, idCnr cid.ID, op eaclSDK.Ope cnr, err := b.containers.Get(idCnr) // fetch actual container if err != nil { return info, err - } else if cnr.OwnerID() == nil { + } else if cnr.Value.OwnerID() == nil { return info, errors.New("missing owner in container descriptor") } @@ -526,7 +526,7 @@ func (b Service) findRequestInfo(req MetaWithToken, idCnr cid.ID, op eaclSDK.Ope } // find request role and key - res, err := b.c.classify(req, idCnr, cnr) + res, err := b.c.classify(req, idCnr, cnr.Value) if err != nil { return info, err } @@ -535,11 +535,11 @@ func (b Service) findRequestInfo(req MetaWithToken, idCnr cid.ID, op eaclSDK.Ope return info, ErrUnknownRole } - info.basicACL = cnr.BasicACL() + info.basicACL = cnr.Value.BasicACL() info.requestRole = res.role info.isInnerRing = res.isIR info.operation = op - info.cnrOwner = *cnr.OwnerID() + info.cnrOwner = *cnr.Value.OwnerID() info.idCnr = idCnr // it is assumed that at the moment the key will be valid, diff --git a/pkg/services/object/put/streamer.go b/pkg/services/object/put/streamer.go index 7b7e738b2a..b306a567f3 100644 --- a/pkg/services/object/put/streamer.go +++ b/pkg/services/object/put/streamer.go @@ -156,7 +156,7 @@ func (p *Streamer) preparePrm(prm *PutInitPrm) error { // add common options prm.traverseOpts = append(prm.traverseOpts, // set processing container - placement.ForContainer(cnr), + placement.ForContainer(cnr.Value), ) if id, ok := prm.hdr.ID(); ok { diff --git a/pkg/services/object/util/placement.go b/pkg/services/object/util/placement.go index 742f007e9b..a4fb572f5c 100644 --- a/pkg/services/object/util/placement.go +++ b/pkg/services/object/util/placement.go @@ -147,7 +147,7 @@ func (g *TraverserGenerator) GenerateTraverser(idCnr cid.ID, idObj *oid.ID, epoc traverseOpts = append(traverseOpts, // set processing container - placement.ForContainer(cnr), + placement.ForContainer(cnr.Value), // set placement builder placement.UseBuilder(builder), diff --git a/pkg/services/policer/check.go b/pkg/services/policer/check.go index 95a3df2de0..d5de43b93a 100644 --- a/pkg/services/policer/check.go +++ b/pkg/services/policer/check.go @@ -44,7 +44,7 @@ func (p *Policer) processObject(ctx context.Context, addr oid.Address) { return } - policy := cnr.PlacementPolicy() + policy := cnr.Value.PlacementPolicy() if policy == nil { p.log.Error("missing placement policy in container", zap.Stringer("cid", idCnr),