[#32] Use pkg/core interfaces to fetch container and netmap

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
This commit is contained in:
Alex Vanin 2020-09-21 19:30:43 +03:00
parent ad36a2cd8f
commit f6904db84f
3 changed files with 24 additions and 37 deletions

2
go.sum
View file

@ -270,8 +270,6 @@ github.com/nspcc-dev/neo-go v0.73.1-pre.0.20200303142215-f5a1b928ce09/go.mod h1:
github.com/nspcc-dev/neo-go v0.91.0/go.mod h1:G6HdOWvzQ6tlvFdvFSN/PgCzLPN/X/X4d5hTjFRUDcc= github.com/nspcc-dev/neo-go v0.91.0/go.mod h1:G6HdOWvzQ6tlvFdvFSN/PgCzLPN/X/X4d5hTjFRUDcc=
github.com/nspcc-dev/neo-go v0.91.1-pre.0.20200827184617-7560aa345a78 h1:stIa+nBXK8uDY/JZaxIZzAUfkzfaotVw2FbnHxO4aZI= github.com/nspcc-dev/neo-go v0.91.1-pre.0.20200827184617-7560aa345a78 h1:stIa+nBXK8uDY/JZaxIZzAUfkzfaotVw2FbnHxO4aZI=
github.com/nspcc-dev/neo-go v0.91.1-pre.0.20200827184617-7560aa345a78/go.mod h1:G6HdOWvzQ6tlvFdvFSN/PgCzLPN/X/X4d5hTjFRUDcc= github.com/nspcc-dev/neo-go v0.91.1-pre.0.20200827184617-7560aa345a78/go.mod h1:G6HdOWvzQ6tlvFdvFSN/PgCzLPN/X/X4d5hTjFRUDcc=
github.com/nspcc-dev/neofs-api-go v1.3.1-0.20200917104527-95ae0a649608 h1:rT3MBvM3u5D8p/V8lbt0TVP75nXQSC/YCwpORrv6QEA=
github.com/nspcc-dev/neofs-api-go v1.3.1-0.20200917104527-95ae0a649608/go.mod h1:FsFd1z4YzoEgPlltsUgnqna9qhcF87RHYjot0pby2L4=
github.com/nspcc-dev/neofs-api-go v1.3.1-0.20200925125840-c814cc62faf4 h1:+ko1UlGsPhKF6O1+ZDOwW7lNhXLEk+e/N/gdma5NNJo= github.com/nspcc-dev/neofs-api-go v1.3.1-0.20200925125840-c814cc62faf4 h1:+ko1UlGsPhKF6O1+ZDOwW7lNhXLEk+e/N/gdma5NNJo=
github.com/nspcc-dev/neofs-api-go v1.3.1-0.20200925125840-c814cc62faf4/go.mod h1:FsFd1z4YzoEgPlltsUgnqna9qhcF87RHYjot0pby2L4= github.com/nspcc-dev/neofs-api-go v1.3.1-0.20200925125840-c814cc62faf4/go.mod h1:FsFd1z4YzoEgPlltsUgnqna9qhcF87RHYjot0pby2L4=
github.com/nspcc-dev/neofs-api-go v1.3.1-0.20200925143744-2cc58e36f8d7 h1:7/Dh5Mkk0uJD99EULqYvxULrUVtzN6Kn+KvmFuafE74= github.com/nspcc-dev/neofs-api-go v1.3.1-0.20200925143744-2cc58e36f8d7 h1:7/Dh5Mkk0uJD99EULqYvxULrUVtzN6Kn+KvmFuafE74=

View file

@ -3,27 +3,18 @@ package acl
import ( import (
"context" "context"
"github.com/nspcc-dev/neofs-api-go/v2/acl" acl "github.com/nspcc-dev/neofs-api-go/pkg/acl/eacl"
"github.com/nspcc-dev/neofs-api-go/v2/container" containerSDK "github.com/nspcc-dev/neofs-api-go/pkg/container"
"github.com/nspcc-dev/neofs-api-go/v2/object" "github.com/nspcc-dev/neofs-api-go/v2/object"
"github.com/nspcc-dev/neofs-api-go/v2/refs" "github.com/nspcc-dev/neofs-api-go/v2/refs"
"github.com/nspcc-dev/neofs-node/pkg/core/container"
"github.com/pkg/errors" "github.com/pkg/errors"
) )
type ( type (
// ContainerGetter accesses NeoFS container storage.
// fixme: use core.container interface implementation
ContainerGetter interface {
Get(*refs.ContainerID) (*container.Container, error)
}
Classifier interface {
Classify(RequestV2, *refs.ContainerID) acl.Role
}
// BasicChecker checks basic ACL rules. // BasicChecker checks basic ACL rules.
BasicChecker struct { BasicChecker struct {
containers ContainerGetter containers container.Source
sender SenderClassifier sender SenderClassifier
next object.Service next object.Service
} }
@ -62,7 +53,7 @@ var (
// NewBasicChecker is a constructor for basic ACL checker of object requests. // NewBasicChecker is a constructor for basic ACL checker of object requests.
func NewBasicChecker( func NewBasicChecker(
c SenderClassifier, c SenderClassifier,
cnr ContainerGetter, cnr container.Source,
next object.Service) BasicChecker { next object.Service) BasicChecker {
return BasicChecker{ return BasicChecker{
@ -247,8 +238,12 @@ func (b BasicChecker) findRequestInfo(
cid *refs.ContainerID, cid *refs.ContainerID,
op acl.Operation) (info requestInfo, err error) { op acl.Operation) (info requestInfo, err error) {
// container.Source interface implemented with SDK's definitions,
// so we have to convert id there.
containerID := containerSDK.NewIDFromV2(cid)
// fetch actual container // fetch actual container
cnr, err := b.containers.Get(cid) cnr, err := b.containers.Get(containerID)
if err != nil || cnr.GetOwnerID() == nil { if err != nil || cnr.GetOwnerID() == nil {
return info, ErrUnknownContainer return info, ErrUnknownContainer
} }

View file

@ -4,23 +4,18 @@ import (
"bytes" "bytes"
"crypto/ecdsa" "crypto/ecdsa"
acl "github.com/nspcc-dev/neofs-api-go/pkg/acl/eacl"
"github.com/nspcc-dev/neofs-api-go/pkg/container"
"github.com/nspcc-dev/neofs-api-go/pkg/netmap" "github.com/nspcc-dev/neofs-api-go/pkg/netmap"
sdk "github.com/nspcc-dev/neofs-api-go/pkg/owner" "github.com/nspcc-dev/neofs-api-go/pkg/owner"
"github.com/nspcc-dev/neofs-api-go/v2/acl"
"github.com/nspcc-dev/neofs-api-go/v2/container"
"github.com/nspcc-dev/neofs-api-go/v2/refs" "github.com/nspcc-dev/neofs-api-go/v2/refs"
"github.com/nspcc-dev/neofs-api-go/v2/session" "github.com/nspcc-dev/neofs-api-go/v2/session"
crypto "github.com/nspcc-dev/neofs-crypto" crypto "github.com/nspcc-dev/neofs-crypto"
core "github.com/nspcc-dev/neofs-node/pkg/core/netmap"
"github.com/pkg/errors" "github.com/pkg/errors"
) )
type ( type (
// fixme: use core.netmap interface implementation
NetmapFetcher interface {
Current() (netmap.Netmap, error)
Previous(int) (netmap.Netmap, error)
}
InnerRingFetcher interface { InnerRingFetcher interface {
InnerRingKeys() ([][]byte, error) InnerRingKeys() ([][]byte, error)
} }
@ -32,12 +27,11 @@ type (
SenderClassifier struct { SenderClassifier struct {
innerRing InnerRingFetcher innerRing InnerRingFetcher
netmap NetmapFetcher netmap core.Source
} }
) )
// fixme: update classifier constructor func NewSenderClassifier(ir InnerRingFetcher, nm core.Source) SenderClassifier {
func NewSenderClassifier(ir InnerRingFetcher, nm NetmapFetcher) SenderClassifier {
return SenderClassifier{ return SenderClassifier{
innerRing: ir, innerRing: ir,
netmap: nm, netmap: nm,
@ -120,16 +114,16 @@ func requestOwner(req RequestV2) (*refs.OwnerID, *ecdsa.PublicKey, error) {
} }
key := crypto.UnmarshalPublicKey(bodySignature.GetKey()) key := crypto.UnmarshalPublicKey(bodySignature.GetKey())
neo3wallet, err := sdk.NEO3WalletFromPublicKey(key) neo3wallet, err := owner.NEO3WalletFromPublicKey(key)
if err != nil { if err != nil {
return nil, nil, errors.Wrap(err, "can't create neo3 wallet") return nil, nil, errors.Wrap(err, "can't create neo3 wallet")
} }
// form owner from public key // form user from public key
owner := new(refs.OwnerID) user := new(refs.OwnerID)
owner.SetValue(neo3wallet.Bytes()) user.SetValue(neo3wallet.Bytes())
return owner, key, nil return user, key, nil
} }
func originalBodySignature(v *session.RequestVerificationHeader) *refs.Signature { func originalBodySignature(v *session.RequestVerificationHeader) *refs.Signature {
@ -165,7 +159,7 @@ func (c SenderClassifier) isContainerKey(
cnr *container.Container) (bool, error) { cnr *container.Container) (bool, error) {
// first check current netmap // first check current netmap
nm, err := c.netmap.Current() nm, err := core.GetLatestNetworkMap(c.netmap)
if err != nil { if err != nil {
return false, err return false, err
} }
@ -179,7 +173,7 @@ func (c SenderClassifier) isContainerKey(
// then check previous netmap, this can happen in-between epoch change // then check previous netmap, this can happen in-between epoch change
// when node migrates data from last epoch container // when node migrates data from last epoch container
nm, err = c.netmap.Previous(1) nm, err = core.GetPreviousNetworkMap(c.netmap)
if err != nil { if err != nil {
return false, err return false, err
} }
@ -188,7 +182,7 @@ func (c SenderClassifier) isContainerKey(
} }
func lookupKeyInContainer( func lookupKeyInContainer(
nm netmap.Netmap, nm *netmap.Netmap,
owner, cid []byte, owner, cid []byte,
cnr *container.Container) (bool, error) { cnr *container.Container) (bool, error) {