EliChin/frostfs-s3-gw
1
0
Fork 0
forked from TrueCloudLab/frostfs-s3-gw
Code Issues Pull requests Projects Releases Packages Wiki Activity

[#553] Add more comments about eacl.RoleUnknown

Browse source 
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
This commit is contained in:
Alex Vanin 2022-07-07 12:00:09 +03:00 committed by Alex Vanin
parent 06d043e1eb
commit a57b8d34d3
2 changed files with 3 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
api/handler/acl.go
View file

@ -808,6 +808,7 @@ func formRecords(operations []*astOperation, resource *astResource) ([]*eacl.Rec
} }
targetKeys = append(targetKeys, (ecdsa.PublicKey)(*pk)) targetKeys = append(targetKeys, (ecdsa.PublicKey)(*pk))
} }
// Unknown role is used, because it is ignored when keys are set
eacl.AddFormedTarget(record, eacl.RoleUnknown, targetKeys...) eacl.AddFormedTarget(record, eacl.RoleUnknown, targetKeys...)
} }
if len(resource.Object) != 0 { if len(resource.Object) != 0 {

2
api/handler/acl_test.go
View file

@ -38,6 +38,7 @@ func TestTableToAst(t *testing.T) {
record2 := eacl.NewRecord() record2 := eacl.NewRecord()
record2.SetAction(eacl.ActionDeny) record2.SetAction(eacl.ActionDeny)
record2.SetOperation(eacl.OperationPut) record2.SetOperation(eacl.OperationPut)
// Unknown role is used, because it is ignored when keys are set
eacl.AddFormedTarget(record2, eacl.RoleUnknown, *(*ecdsa.PublicKey)(key.PublicKey()), *((*ecdsa.PublicKey)(key2.PublicKey()))) eacl.AddFormedTarget(record2, eacl.RoleUnknown, *(*ecdsa.PublicKey)(key.PublicKey()), *((*ecdsa.PublicKey)(key2.PublicKey())))
record2.AddObjectAttributeFilter(eacl.MatchStringEqual, object.AttributeFileName, "objectName") record2.AddObjectAttributeFilter(eacl.MatchStringEqual, object.AttributeFileName, "objectName")
record2.AddObjectIDFilter(eacl.MatchStringEqual, id) record2.AddObjectIDFilter(eacl.MatchStringEqual, id)
@ -360,6 +361,7 @@ func TestAstToTable(t *testing.T) {
record := eacl.NewRecord() record := eacl.NewRecord()
record.SetAction(eacl.ActionAllow) record.SetAction(eacl.ActionAllow)
record.SetOperation(eacl.OperationPut) record.SetOperation(eacl.OperationPut)
// Unknown role is used, because it is ignored when keys are set
eacl.AddFormedTarget(record, eacl.RoleUnknown, *(*ecdsa.PublicKey)(key.PublicKey())) eacl.AddFormedTarget(record, eacl.RoleUnknown, *(*ecdsa.PublicKey)(key.PublicKey()))
expectedTable.AddRecord(record) expectedTable.AddRecord(record)
record2 := eacl.NewRecord() record2 := eacl.NewRecord()