Commit graph

371 commits

Author SHA1 Message Date
Alex Vanin
66fe3fee7b [] Produce deny records for private objects
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2022-07-21 17:55:15 +03:00
Denis Kirillov
7ba7e7dc4d [] Make service records valid
Signed-off-by: Denis Kirillov <denis@nspcc.ru>
2022-07-20 19:10:23 +03:00
Denis Kirillov
1e26cf1541 [] Use service records to save resource info
Signed-off-by: Denis Kirillov <denis@nspcc.ru>
2022-07-20 19:10:23 +03:00
Angira Kekteeva
b144e50f7f [] Refactor formRecords func
Signed-off-by: Angira Kekteeva <kira@nspcc.ru>
2022-07-19 11:54:27 +03:00
Angira Kekteeva
3f4a55f39e [] Fix order in astToTable
Signed-off-by: Angira Kekteeva <kira@nspcc.ru>
2022-07-19 11:54:27 +03:00
Angira Kekteeva
260fb95677 [] Fix order in tableToAst
Signed-off-by: Angira Kekteeva <kira@nspcc.ru>
2022-07-19 11:54:27 +03:00
Angira Kekteeva
74300a75a9 [] Add tests
Signed-off-by: Angira Kekteeva <kira@nspcc.ru>
2022-07-19 11:54:27 +03:00
Alex Vanin
aad4862c59 [] Don't parse lock attribute if it is omitted in container
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2022-07-15 01:33:48 +04:00
Denis Kirillov
1575da65a4 [] Fix object acl filters
Signed-off-by: Denis Kirillov <denis@nspcc.ru>
2022-07-14 13:33:11 +03:00
Alex Vanin
a57b8d34d3 [] Add more comments about eacl.RoleUnknown
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2022-07-07 12:05:25 +03:00
Alex Vanin
06d043e1eb [] Optimize target formation with multiple keys
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2022-07-07 12:05:25 +03:00
Alex Vanin
d6065c64c4 [] Check group grantee based on stored list of users
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2022-07-07 12:05:25 +03:00
Alex Vanin
c7de7d2928 [] Do not use user role with public keys in eacl target
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2022-07-07 12:05:25 +03:00
Alex Vanin
36029ca864 [] Fix user removal in astOperation
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2022-07-06 17:40:41 +03:00
Leonard Lyubich
5bfc549746 [] neofs: Merge if with same condition in CreateContainer
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2022-07-04 23:42:50 +04:00
Leonard Lyubich
4a8a248f34 [] Upgrade NeoFS SDK Go with changed container API
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2022-07-04 23:42:50 +04:00
Denis Kirillov
6e1a1f3839 [] Suppress CodeQL error
Signed-off-by: Denis Kirillov <denis@nspcc.ru>
2022-07-04 11:03:55 +03:00
Denis Kirillov
9f740b9683 [] Add detect mimetype by extension
Signed-off-by: Denis Kirillov <denis@nspcc.ru>
2022-06-29 19:13:16 +03:00
Denis Kirillov
f72bc538b9 [] Refactor notifications logs
Signed-off-by: Denis Kirillov <denis@nspcc.ru>
2022-06-27 17:31:17 +03:00
Denis Kirillov
35f55c5af5 [] Fix tests
Signed-off-by: Denis Kirillov <denis@nspcc.ru>
2022-06-27 02:23:19 +04:00
Denis Kirillov
7ca519cb32 [] Add context to errors
Signed-off-by: Denis Kirillov <denis@nspcc.ru>
2022-06-27 02:23:19 +04:00
Leonard Lyubich
e1f1e6d960 [] Upgrade NeoFS SDK Go with changed basic ACL API
SDK now provides dedicated type for basic ACL with convenient interface.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2022-06-24 16:43:50 +03:00
Leonard Lyubich
a8fc313ff5 [] layer: Remove no longer needed deleteContainer method
Call `DeleteContainer` on `NeoFS` component directly.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2022-06-24 13:00:26 +03:00
Leonard Lyubich
f596c8be06 [] layer: Add session token parameter to DeleteBucketParams
Add `DeleteBucketParams.SessionToken` field in order to unify the
parameters with `CreateBucketParams` and `PutBucketACLParams`.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2022-06-24 13:00:26 +03:00
Leonard Lyubich
028a152e04 [] Upgrade NeoFS SDK Go with another approach of container sessions
After recent changes in NeoFS SDK Go library session tokens aren't
embedded into `container.Container` and `eacl.Table` structures.
Instead, the operations of storing given values in NeoFS are
parameterized by elements of the corresponding type.

Add dedicated session parameters to operations of bucket and eACL
setting.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2022-06-24 13:00:26 +03:00
Denis Kirillov
818176e7e1 [] Adopt aws v4signer
Signed-off-by: Denis Kirillov <denis@nspcc.ru>
2022-06-20 09:44:25 +03:00
Leonard Lyubich
f0749fd23e [] Upgrade NeoFS SDK Go with changed netmap package
`PlacementPolicy` type now provides methods to work with QL-encoded
policies. System network parameters can be read using dedicated method
without iterating. Applications can work with `PlacementPolicy`
variables directly so there is no need to use pointers.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2022-06-17 08:28:59 +03:00
Angira Kekteeva
cfe7591cf7 [] Add putObjectACL notification
Signed-off-by: Angira Kekteeva <kira@nspcc.ru>
2022-06-17 01:43:46 +04:00
Angira Kekteeva
dd0d21b690 [] Fix typo
Signed-off-by: Angira Kekteeva <kira@nspcc.ru>
2022-06-17 01:43:46 +04:00
Angira Kekteeva
bd5fd041b7 [] Add object tagging notifications
Signed-off-by: Angira Kekteeva <kira@nspcc.ru>
2022-06-17 01:43:46 +04:00
Denis Kirillov
d521af2065 [] Add presign URLs support
Signed-off-by: Denis Kirillov <denis@nspcc.ru>
2022-06-16 17:17:45 +03:00
Leonard Lyubich
880ffe7108 [] layer: Don't parameterize basic ACL of created containers
`CreateBucket` handler always creates containers with extended public
ACL, so there is no need to configure it in `NeoFS.CreateContainer`.

Make internal `NeoFS` implementation to create containers with
`eacl-public-read-write` basic ACL if corresponding parameter is unset.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2022-06-16 10:46:50 +03:00
Angira Kekteeva
a8bff13801 [] Add acl to copy-object
Signed-off-by: Angira Kekteeva <kira@nspcc.ru>
2022-06-07 17:36:12 +03:00
Denis Kirillov
de7281ac58 [] Unify log messages
Signed-off-by: Denis Kirillov <denis@nspcc.ru>
2022-06-07 17:20:26 +03:00
Denis Kirillov
300d4359d8 [] Handle cache cast failure
Signed-off-by: Denis Kirillov <denis@nspcc.ru>
2022-06-07 17:20:26 +03:00
Denis Kirillov
f00ca1b6c4 [] Drop layer/neofs package
Signed-off-by: Denis Kirillov <denis@nspcc.ru>
2022-06-07 13:59:45 +03:00
Alex Vanin
4ed939773b [] Use updated SDK method to get bearer issuer
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2022-06-03 11:20:47 +03:00
Angira Kekteeva
dbfac29171 [] Fix tests
Signed-off-by: Angira Kekteeva <kira@nspcc.ru>
2022-06-03 10:57:56 +03:00
Angira Kekteeva
e904ed51c7 [] Optimize bucketInfo in initObjectPayloadReader
Signed-off-by: Angira Kekteeva <kira@nspcc.ru>
2022-06-03 10:57:56 +03:00
Angira Kekteeva
4767eeed8c [] Remove attach of bearer token
When bucket owner is not an issuer of the bearer token

Signed-off-by: Angira Kekteeva <kira@nspcc.ru>
2022-06-03 10:57:56 +03:00
Leonard Lyubich
4f43aad495 [] Upgrade SDK with latest bearer package API
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2022-06-03 09:38:49 +03:00
Denis Kirillov
ea252421f5 [] Add tests
Signed-off-by: Denis Kirillov <denis@nspcc.ru>
2022-06-03 09:35:06 +03:00
Denis Kirillov
f282e877e2 [] Handle conditional headers
Signed-off-by: Denis Kirillov <denis@nspcc.ru>
2022-06-03 09:35:06 +03:00
Alex Vanin
ee0f3fb196 [] Avoid sensitive data logging
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2022-06-02 19:42:31 +04:00
Alex Vanin
12d9eb62cb [] Sanitize log records that may contain user input
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2022-06-02 19:42:31 +04:00
Denis Kirillov
933ef2bc71 [] Remove unused
Signed-off-by: Denis Kirillov <denis@nspcc.ru>
2022-05-31 14:48:58 +03:00
Denis Kirillov
2bca4755f9 [] Optimize put objects
Signed-off-by: Denis Kirillov <denis@nspcc.ru>
2022-05-31 14:48:58 +03:00
Denis Kirillov
faa3c65290 [] Fix None versioning status
Signed-off-by: Denis Kirillov <denis@nspcc.ru>
2022-05-30 14:44:21 +03:00
Alex Vanin
0e37242b65 [] Move DefaultLocationConstraint constant into api
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2022-05-30 14:41:32 +03:00
Alex Vanin
80d4d071d8 [] Restrict overriding default location constraint in authmate
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2022-05-30 14:41:32 +03:00