From f6904db84f11b58be3840b26c28d4dbcdb9ba26d Mon Sep 17 00:00:00 2001 From: Alex Vanin Date: Mon, 21 Sep 2020 19:30:43 +0300 Subject: [PATCH] [#32] Use pkg/core interfaces to fetch container and netmap Signed-off-by: Alex Vanin --- go.sum | 2 -- pkg/services/object/acl/basic.go | 25 ++++++++------------ pkg/services/object/acl/classifier.go | 34 +++++++++++---------------- 3 files changed, 24 insertions(+), 37 deletions(-) diff --git a/go.sum b/go.sum index 1986cbbd2..54c7c00ac 100644 --- a/go.sum +++ b/go.sum @@ -270,8 +270,6 @@ github.com/nspcc-dev/neo-go v0.73.1-pre.0.20200303142215-f5a1b928ce09/go.mod h1: github.com/nspcc-dev/neo-go v0.91.0/go.mod h1:G6HdOWvzQ6tlvFdvFSN/PgCzLPN/X/X4d5hTjFRUDcc= github.com/nspcc-dev/neo-go v0.91.1-pre.0.20200827184617-7560aa345a78 h1:stIa+nBXK8uDY/JZaxIZzAUfkzfaotVw2FbnHxO4aZI= github.com/nspcc-dev/neo-go v0.91.1-pre.0.20200827184617-7560aa345a78/go.mod h1:G6HdOWvzQ6tlvFdvFSN/PgCzLPN/X/X4d5hTjFRUDcc= -github.com/nspcc-dev/neofs-api-go v1.3.1-0.20200917104527-95ae0a649608 h1:rT3MBvM3u5D8p/V8lbt0TVP75nXQSC/YCwpORrv6QEA= -github.com/nspcc-dev/neofs-api-go v1.3.1-0.20200917104527-95ae0a649608/go.mod h1:FsFd1z4YzoEgPlltsUgnqna9qhcF87RHYjot0pby2L4= github.com/nspcc-dev/neofs-api-go v1.3.1-0.20200925125840-c814cc62faf4 h1:+ko1UlGsPhKF6O1+ZDOwW7lNhXLEk+e/N/gdma5NNJo= github.com/nspcc-dev/neofs-api-go v1.3.1-0.20200925125840-c814cc62faf4/go.mod h1:FsFd1z4YzoEgPlltsUgnqna9qhcF87RHYjot0pby2L4= github.com/nspcc-dev/neofs-api-go v1.3.1-0.20200925143744-2cc58e36f8d7 h1:7/Dh5Mkk0uJD99EULqYvxULrUVtzN6Kn+KvmFuafE74= diff --git a/pkg/services/object/acl/basic.go b/pkg/services/object/acl/basic.go index 40ba1c40e..12dcab9cf 100644 --- a/pkg/services/object/acl/basic.go +++ b/pkg/services/object/acl/basic.go @@ -3,27 +3,18 @@ package acl import ( "context" - "github.com/nspcc-dev/neofs-api-go/v2/acl" - "github.com/nspcc-dev/neofs-api-go/v2/container" + acl "github.com/nspcc-dev/neofs-api-go/pkg/acl/eacl" + containerSDK "github.com/nspcc-dev/neofs-api-go/pkg/container" "github.com/nspcc-dev/neofs-api-go/v2/object" "github.com/nspcc-dev/neofs-api-go/v2/refs" + "github.com/nspcc-dev/neofs-node/pkg/core/container" "github.com/pkg/errors" ) type ( - // ContainerGetter accesses NeoFS container storage. - // fixme: use core.container interface implementation - ContainerGetter interface { - Get(*refs.ContainerID) (*container.Container, error) - } - - Classifier interface { - Classify(RequestV2, *refs.ContainerID) acl.Role - } - // BasicChecker checks basic ACL rules. BasicChecker struct { - containers ContainerGetter + containers container.Source sender SenderClassifier next object.Service } @@ -62,7 +53,7 @@ var ( // NewBasicChecker is a constructor for basic ACL checker of object requests. func NewBasicChecker( c SenderClassifier, - cnr ContainerGetter, + cnr container.Source, next object.Service) BasicChecker { return BasicChecker{ @@ -247,8 +238,12 @@ func (b BasicChecker) findRequestInfo( cid *refs.ContainerID, op acl.Operation) (info requestInfo, err error) { + // container.Source interface implemented with SDK's definitions, + // so we have to convert id there. + containerID := containerSDK.NewIDFromV2(cid) + // fetch actual container - cnr, err := b.containers.Get(cid) + cnr, err := b.containers.Get(containerID) if err != nil || cnr.GetOwnerID() == nil { return info, ErrUnknownContainer } diff --git a/pkg/services/object/acl/classifier.go b/pkg/services/object/acl/classifier.go index 9b71a594a..ff9bd20bc 100644 --- a/pkg/services/object/acl/classifier.go +++ b/pkg/services/object/acl/classifier.go @@ -4,23 +4,18 @@ import ( "bytes" "crypto/ecdsa" + acl "github.com/nspcc-dev/neofs-api-go/pkg/acl/eacl" + "github.com/nspcc-dev/neofs-api-go/pkg/container" "github.com/nspcc-dev/neofs-api-go/pkg/netmap" - sdk "github.com/nspcc-dev/neofs-api-go/pkg/owner" - "github.com/nspcc-dev/neofs-api-go/v2/acl" - "github.com/nspcc-dev/neofs-api-go/v2/container" + "github.com/nspcc-dev/neofs-api-go/pkg/owner" "github.com/nspcc-dev/neofs-api-go/v2/refs" "github.com/nspcc-dev/neofs-api-go/v2/session" crypto "github.com/nspcc-dev/neofs-crypto" + core "github.com/nspcc-dev/neofs-node/pkg/core/netmap" "github.com/pkg/errors" ) type ( - // fixme: use core.netmap interface implementation - NetmapFetcher interface { - Current() (netmap.Netmap, error) - Previous(int) (netmap.Netmap, error) - } - InnerRingFetcher interface { InnerRingKeys() ([][]byte, error) } @@ -32,12 +27,11 @@ type ( SenderClassifier struct { innerRing InnerRingFetcher - netmap NetmapFetcher + netmap core.Source } ) -// fixme: update classifier constructor -func NewSenderClassifier(ir InnerRingFetcher, nm NetmapFetcher) SenderClassifier { +func NewSenderClassifier(ir InnerRingFetcher, nm core.Source) SenderClassifier { return SenderClassifier{ innerRing: ir, netmap: nm, @@ -120,16 +114,16 @@ func requestOwner(req RequestV2) (*refs.OwnerID, *ecdsa.PublicKey, error) { } key := crypto.UnmarshalPublicKey(bodySignature.GetKey()) - neo3wallet, err := sdk.NEO3WalletFromPublicKey(key) + neo3wallet, err := owner.NEO3WalletFromPublicKey(key) if err != nil { return nil, nil, errors.Wrap(err, "can't create neo3 wallet") } - // form owner from public key - owner := new(refs.OwnerID) - owner.SetValue(neo3wallet.Bytes()) + // form user from public key + user := new(refs.OwnerID) + user.SetValue(neo3wallet.Bytes()) - return owner, key, nil + return user, key, nil } func originalBodySignature(v *session.RequestVerificationHeader) *refs.Signature { @@ -165,7 +159,7 @@ func (c SenderClassifier) isContainerKey( cnr *container.Container) (bool, error) { // first check current netmap - nm, err := c.netmap.Current() + nm, err := core.GetLatestNetworkMap(c.netmap) if err != nil { return false, err } @@ -179,7 +173,7 @@ func (c SenderClassifier) isContainerKey( // then check previous netmap, this can happen in-between epoch change // when node migrates data from last epoch container - nm, err = c.netmap.Previous(1) + nm, err = core.GetPreviousNetworkMap(c.netmap) if err != nil { return false, err } @@ -188,7 +182,7 @@ func (c SenderClassifier) isContainerKey( } func lookupKeyInContainer( - nm netmap.Netmap, + nm *netmap.Netmap, owner, cid []byte, cnr *container.Container) (bool, error) {