Merge pull request #60 from nspcc-dev/bump/api-v-0-6-0
Update neo-api library to v0.6.0
This commit is contained in:
commit
08fe4f8383
12 changed files with 106 additions and 81 deletions
2
Makefile
2
Makefile
|
@ -1,4 +1,4 @@
|
||||||
PROTO_VERSION=v0.5.0
|
PROTO_VERSION=v0.6.0
|
||||||
PROTO_URL=https://github.com/nspcc-dev/neofs-api/archive/$(PROTO_VERSION).tar.gz
|
PROTO_URL=https://github.com/nspcc-dev/neofs-api/archive/$(PROTO_VERSION).tar.gz
|
||||||
|
|
||||||
B=\033[0;1m
|
B=\033[0;1m
|
||||||
|
|
BIN
acl/types.pb.go
Normal file
BIN
acl/types.pb.go
Normal file
Binary file not shown.
27
acl/types.proto
Normal file
27
acl/types.proto
Normal file
|
@ -0,0 +1,27 @@
|
||||||
|
syntax = "proto3";
|
||||||
|
package acl;
|
||||||
|
option go_package = "github.com/nspcc-dev/neofs-api-go/acl";
|
||||||
|
option csharp_namespace = "NeoFS.API.Acl";
|
||||||
|
|
||||||
|
import "github.com/gogo/protobuf/gogoproto/gogo.proto";
|
||||||
|
option (gogoproto.stable_marshaler_all) = true;
|
||||||
|
|
||||||
|
// Target of the access control rule in access control list.
|
||||||
|
enum Target {
|
||||||
|
// Unknown target, default value.
|
||||||
|
Unknown = 0;
|
||||||
|
|
||||||
|
// User target rule is applied if sender is the owner of the container.
|
||||||
|
User = 1;
|
||||||
|
|
||||||
|
// System target rule is applied if sender is the storage node within the
|
||||||
|
// container or inner ring node.
|
||||||
|
System = 2;
|
||||||
|
|
||||||
|
// Others target rule is applied if sender is not user or system target.
|
||||||
|
Others = 3;
|
||||||
|
|
||||||
|
// PubKey target rule is applied if sender has public key provided in
|
||||||
|
// extended ACL.
|
||||||
|
PubKey = 4;
|
||||||
|
}
|
|
@ -31,9 +31,11 @@ func (m *PutRequest) PrepareData() ([]byte, error) {
|
||||||
err error
|
err error
|
||||||
buf = new(bytes.Buffer)
|
buf = new(bytes.Buffer)
|
||||||
capBytes = make([]byte, 8)
|
capBytes = make([]byte, 8)
|
||||||
|
aclBytes = make([]byte, 4)
|
||||||
)
|
)
|
||||||
|
|
||||||
binary.BigEndian.PutUint64(capBytes, m.Capacity)
|
binary.BigEndian.PutUint64(capBytes, m.Capacity)
|
||||||
|
binary.BigEndian.PutUint32(capBytes, m.BasicACL)
|
||||||
|
|
||||||
if _, err = buf.Write(m.MessageID.Bytes()); err != nil {
|
if _, err = buf.Write(m.MessageID.Bytes()); err != nil {
|
||||||
return nil, errors.Wrap(err, "could not write message id")
|
return nil, errors.Wrap(err, "could not write message id")
|
||||||
|
@ -45,6 +47,8 @@ func (m *PutRequest) PrepareData() ([]byte, error) {
|
||||||
return nil, errors.Wrap(err, "could not marshal placement")
|
return nil, errors.Wrap(err, "could not marshal placement")
|
||||||
} else if _, err = buf.Write(data); err != nil {
|
} else if _, err = buf.Write(data); err != nil {
|
||||||
return nil, errors.Wrap(err, "could not write placement")
|
return nil, errors.Wrap(err, "could not write placement")
|
||||||
|
} else if _, err = buf.Write(aclBytes); err != nil {
|
||||||
|
return nil, errors.Wrap(err, "could not write basic acl")
|
||||||
}
|
}
|
||||||
|
|
||||||
return buf.Bytes(), nil
|
return buf.Bytes(), nil
|
||||||
|
|
Binary file not shown.
|
@ -42,8 +42,8 @@ message PutRequest {
|
||||||
// Rules define storage policy for the object inside the container.
|
// Rules define storage policy for the object inside the container.
|
||||||
netmap.PlacementRule rules = 4 [(gogoproto.nullable) = false];
|
netmap.PlacementRule rules = 4 [(gogoproto.nullable) = false];
|
||||||
|
|
||||||
// Container ACL.
|
// BasicACL of the container.
|
||||||
AccessGroup Group = 5 [(gogoproto.nullable) = false];
|
uint32 BasicACL = 5;
|
||||||
|
|
||||||
// RequestMetaHeader contains information about request meta headers (should be embedded into message)
|
// RequestMetaHeader contains information about request meta headers (should be embedded into message)
|
||||||
service.RequestMetaHeader Meta = 98 [(gogoproto.embed) = true, (gogoproto.nullable) = false];
|
service.RequestMetaHeader Meta = 98 [(gogoproto.embed) = true, (gogoproto.nullable) = false];
|
||||||
|
|
|
@ -11,19 +11,6 @@ import (
|
||||||
"github.com/pkg/errors"
|
"github.com/pkg/errors"
|
||||||
)
|
)
|
||||||
|
|
||||||
// AccessMode is a container access mode type.
|
|
||||||
type AccessMode uint32
|
|
||||||
|
|
||||||
const (
|
|
||||||
// AccessModeRead is a read access mode.
|
|
||||||
AccessModeRead AccessMode = 1 << iota
|
|
||||||
// AccessModeWrite is a write access mode.
|
|
||||||
AccessModeWrite
|
|
||||||
)
|
|
||||||
|
|
||||||
// AccessModeReadWrite is a read/write container access mode.
|
|
||||||
const AccessModeReadWrite = AccessModeRead | AccessModeWrite
|
|
||||||
|
|
||||||
var (
|
var (
|
||||||
_ internal.Custom = (*Container)(nil)
|
_ internal.Custom = (*Container)(nil)
|
||||||
|
|
||||||
|
@ -31,8 +18,8 @@ var (
|
||||||
emptyOwner = (OwnerID{}).Bytes()
|
emptyOwner = (OwnerID{}).Bytes()
|
||||||
)
|
)
|
||||||
|
|
||||||
// New creates new user container based on capacity, OwnerID and PlacementRules.
|
// New creates new user container based on capacity, OwnerID, ACL and PlacementRules.
|
||||||
func New(cap uint64, owner OwnerID, rules netmap.PlacementRule) (*Container, error) {
|
func New(cap uint64, owner OwnerID, acl uint32, rules netmap.PlacementRule) (*Container, error) {
|
||||||
if bytes.Equal(owner[:], emptyOwner) {
|
if bytes.Equal(owner[:], emptyOwner) {
|
||||||
return nil, refs.ErrEmptyOwner
|
return nil, refs.ErrEmptyOwner
|
||||||
} else if cap == 0 {
|
} else if cap == 0 {
|
||||||
|
@ -49,6 +36,7 @@ func New(cap uint64, owner OwnerID, rules netmap.PlacementRule) (*Container, err
|
||||||
Salt: UUID(salt),
|
Salt: UUID(salt),
|
||||||
Capacity: cap,
|
Capacity: cap,
|
||||||
Rules: rules,
|
Rules: rules,
|
||||||
|
BasicACL: acl,
|
||||||
}, nil
|
}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -90,7 +78,7 @@ func NewTestContainer() (*Container, error) {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
return New(100, owner, netmap.PlacementRule{
|
return New(100, owner, 0xFFFFFFFF, netmap.PlacementRule{
|
||||||
ReplFactor: 2,
|
ReplFactor: 2,
|
||||||
SFGroups: []netmap.SFGroup{
|
SFGroups: []netmap.SFGroup{
|
||||||
{
|
{
|
||||||
|
|
Binary file not shown.
|
@ -18,18 +18,7 @@ message Container {
|
||||||
uint64 Capacity = 3;
|
uint64 Capacity = 3;
|
||||||
// Rules define storage policy for the object inside the container.
|
// Rules define storage policy for the object inside the container.
|
||||||
netmap.PlacementRule Rules = 4 [(gogoproto.nullable) = false];
|
netmap.PlacementRule Rules = 4 [(gogoproto.nullable) = false];
|
||||||
// Container ACL.
|
// BasicACL with access control rules for owner, system, others and
|
||||||
AccessControlList List = 5 [(gogoproto.nullable) = false];
|
// permission bits for bearer token and extended ACL.
|
||||||
}
|
uint32 BasicACL = 5;
|
||||||
|
|
||||||
message AccessGroup {
|
|
||||||
// Group access mode.
|
|
||||||
uint32 AccessMode = 1;
|
|
||||||
// Group members.
|
|
||||||
repeated bytes UserGroup = 2 [(gogoproto.customtype) = "OwnerID", (gogoproto.nullable) = false];
|
|
||||||
}
|
|
||||||
|
|
||||||
message AccessControlList {
|
|
||||||
// List of access groups.
|
|
||||||
repeated AccessGroup List = 1 [(gogoproto.nullable) = false];
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -36,7 +36,7 @@ func TestCID(t *testing.T) {
|
||||||
owner, err := refs.NewOwnerID(&key.PublicKey)
|
owner, err := refs.NewOwnerID(&key.PublicKey)
|
||||||
require.NoError(t, err)
|
require.NoError(t, err)
|
||||||
|
|
||||||
c1, err := New(10, owner, rules)
|
c1, err := New(10, owner, 0xDEADBEEF, rules)
|
||||||
require.NoError(t, err)
|
require.NoError(t, err)
|
||||||
|
|
||||||
data, err := proto.Marshal(c1)
|
data, err := proto.Marshal(c1)
|
||||||
|
@ -55,23 +55,3 @@ func TestCID(t *testing.T) {
|
||||||
require.Equal(t, cid1, cid2)
|
require.Equal(t, cid1, cid2)
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestAccessMode(t *testing.T) {
|
|
||||||
t.Run("read access to read/write mode", func(t *testing.T) {
|
|
||||||
require.Equal(t, AccessModeRead, AccessModeReadWrite&AccessModeRead)
|
|
||||||
})
|
|
||||||
|
|
||||||
t.Run("write access to read/write mode", func(t *testing.T) {
|
|
||||||
require.Equal(t, AccessModeWrite, AccessModeReadWrite&AccessModeWrite)
|
|
||||||
})
|
|
||||||
|
|
||||||
t.Run("read(write) access to write(read) mode", func(t *testing.T) {
|
|
||||||
require.Zero(t, AccessModeRead&AccessModeWrite)
|
|
||||||
})
|
|
||||||
|
|
||||||
t.Run("access to same mode", func(t *testing.T) {
|
|
||||||
require.Equal(t, AccessModeWrite, AccessModeWrite&AccessModeWrite)
|
|
||||||
require.Equal(t, AccessModeRead, AccessModeRead&AccessModeRead)
|
|
||||||
require.Equal(t, AccessModeReadWrite, AccessModeReadWrite&AccessModeReadWrite)
|
|
||||||
})
|
|
||||||
}
|
|
||||||
|
|
62
docs/acl.md
Normal file
62
docs/acl.md
Normal file
|
@ -0,0 +1,62 @@
|
||||||
|
# Protocol Documentation
|
||||||
|
<a name="top"></a>
|
||||||
|
|
||||||
|
## Table of Contents
|
||||||
|
|
||||||
|
- [acl/types.proto](#acl/types.proto)
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
- [Scalar Value Types](#scalar-value-types)
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<a name="acl/types.proto"></a>
|
||||||
|
<p align="right"><a href="#top">Top</a></p>
|
||||||
|
|
||||||
|
## acl/types.proto
|
||||||
|
|
||||||
|
|
||||||
|
<!-- end services -->
|
||||||
|
|
||||||
|
<!-- end messages -->
|
||||||
|
|
||||||
|
|
||||||
|
<a name="acl.Target"></a>
|
||||||
|
|
||||||
|
### Target
|
||||||
|
Target of the access control rule in access control list.
|
||||||
|
|
||||||
|
| Name | Number | Description |
|
||||||
|
| ---- | ------ | ----------- |
|
||||||
|
| Unknown | 0 | Unknown target, default value. |
|
||||||
|
| User | 1 | User target rule is applied if sender is the owner of the container. |
|
||||||
|
| System | 2 | System target rule is applied if sender is the storage node within the container or inner ring node. |
|
||||||
|
| Others | 3 | Others target rule is applied if sender is not user or system target. |
|
||||||
|
| PubKey | 4 | PubKey target rule is applied if sender has public key provided in extended ACL. |
|
||||||
|
|
||||||
|
|
||||||
|
<!-- end enums -->
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
## Scalar Value Types
|
||||||
|
|
||||||
|
| .proto Type | Notes | C++ Type | Java Type | Python Type |
|
||||||
|
| ----------- | ----- | -------- | --------- | ----------- |
|
||||||
|
| <a name="double" /> double | | double | double | float |
|
||||||
|
| <a name="float" /> float | | float | float | float |
|
||||||
|
| <a name="int32" /> int32 | Uses variable-length encoding. Inefficient for encoding negative numbers – if your field is likely to have negative values, use sint32 instead. | int32 | int | int |
|
||||||
|
| <a name="int64" /> int64 | Uses variable-length encoding. Inefficient for encoding negative numbers – if your field is likely to have negative values, use sint64 instead. | int64 | long | int/long |
|
||||||
|
| <a name="uint32" /> uint32 | Uses variable-length encoding. | uint32 | int | int/long |
|
||||||
|
| <a name="uint64" /> uint64 | Uses variable-length encoding. | uint64 | long | int/long |
|
||||||
|
| <a name="sint32" /> sint32 | Uses variable-length encoding. Signed int value. These more efficiently encode negative numbers than regular int32s. | int32 | int | int |
|
||||||
|
| <a name="sint64" /> sint64 | Uses variable-length encoding. Signed int value. These more efficiently encode negative numbers than regular int64s. | int64 | long | int/long |
|
||||||
|
| <a name="fixed32" /> fixed32 | Always four bytes. More efficient than uint32 if values are often greater than 2^28. | uint32 | int | int |
|
||||||
|
| <a name="fixed64" /> fixed64 | Always eight bytes. More efficient than uint64 if values are often greater than 2^56. | uint64 | long | int/long |
|
||||||
|
| <a name="sfixed32" /> sfixed32 | Always four bytes. | int32 | int | int |
|
||||||
|
| <a name="sfixed64" /> sfixed64 | Always eight bytes. | int64 | long | int/long |
|
||||||
|
| <a name="bool" /> bool | | bool | boolean | boolean |
|
||||||
|
| <a name="string" /> string | A string must always contain UTF-8 encoded or 7-bit ASCII text. | string | String | str/unicode |
|
||||||
|
| <a name="bytes" /> bytes | May contain any arbitrary sequence of bytes. | string | ByteString | str |
|
||||||
|
|
|
@ -21,8 +21,6 @@
|
||||||
- [container/types.proto](#container/types.proto)
|
- [container/types.proto](#container/types.proto)
|
||||||
|
|
||||||
- Messages
|
- Messages
|
||||||
- [AccessControlList](#container.AccessControlList)
|
|
||||||
- [AccessGroup](#container.AccessGroup)
|
|
||||||
- [Container](#container.Container)
|
- [Container](#container.Container)
|
||||||
|
|
||||||
|
|
||||||
|
@ -166,7 +164,7 @@ via consensus in inner ring nodes
|
||||||
| Capacity | [uint64](#uint64) | | Capacity defines amount of data that can be stored in the container (doesn't used for now). |
|
| Capacity | [uint64](#uint64) | | Capacity defines amount of data that can be stored in the container (doesn't used for now). |
|
||||||
| OwnerID | [bytes](#bytes) | | OwnerID is a wallet address |
|
| OwnerID | [bytes](#bytes) | | OwnerID is a wallet address |
|
||||||
| rules | [netmap.PlacementRule](#netmap.PlacementRule) | | Rules define storage policy for the object inside the container. |
|
| rules | [netmap.PlacementRule](#netmap.PlacementRule) | | Rules define storage policy for the object inside the container. |
|
||||||
| Group | [AccessGroup](#container.AccessGroup) | | Container ACL. |
|
| BasicACL | [uint32](#uint32) | | BasicACL of the container. |
|
||||||
| Meta | [service.RequestMetaHeader](#service.RequestMetaHeader) | | RequestMetaHeader contains information about request meta headers (should be embedded into message) |
|
| Meta | [service.RequestMetaHeader](#service.RequestMetaHeader) | | RequestMetaHeader contains information about request meta headers (should be embedded into message) |
|
||||||
| Verify | [service.RequestVerificationHeader](#service.RequestVerificationHeader) | | RequestVerificationHeader is a set of signatures of every NeoFS Node that processed request (should be embedded into message) |
|
| Verify | [service.RequestVerificationHeader](#service.RequestVerificationHeader) | | RequestVerificationHeader is a set of signatures of every NeoFS Node that processed request (should be embedded into message) |
|
||||||
|
|
||||||
|
@ -196,29 +194,6 @@ via consensus in inner ring nodes
|
||||||
<!-- end services -->
|
<!-- end services -->
|
||||||
|
|
||||||
|
|
||||||
<a name="container.AccessControlList"></a>
|
|
||||||
|
|
||||||
### Message AccessControlList
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
| Field | Type | Label | Description |
|
|
||||||
| ----- | ---- | ----- | ----------- |
|
|
||||||
| List | [AccessGroup](#container.AccessGroup) | repeated | List of access groups. |
|
|
||||||
|
|
||||||
|
|
||||||
<a name="container.AccessGroup"></a>
|
|
||||||
|
|
||||||
### Message AccessGroup
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
| Field | Type | Label | Description |
|
|
||||||
| ----- | ---- | ----- | ----------- |
|
|
||||||
| AccessMode | [uint32](#uint32) | | Group access mode. |
|
|
||||||
| UserGroup | [bytes](#bytes) | repeated | Group members. |
|
|
||||||
|
|
||||||
|
|
||||||
<a name="container.Container"></a>
|
<a name="container.Container"></a>
|
||||||
|
|
||||||
### Message Container
|
### Message Container
|
||||||
|
@ -231,7 +206,7 @@ The Container service definition.
|
||||||
| Salt | [bytes](#bytes) | | Salt is a nonce for unique container id calculation. |
|
| Salt | [bytes](#bytes) | | Salt is a nonce for unique container id calculation. |
|
||||||
| Capacity | [uint64](#uint64) | | Capacity defines amount of data that can be stored in the container (doesn't used for now). |
|
| Capacity | [uint64](#uint64) | | Capacity defines amount of data that can be stored in the container (doesn't used for now). |
|
||||||
| Rules | [netmap.PlacementRule](#netmap.PlacementRule) | | Rules define storage policy for the object inside the container. |
|
| Rules | [netmap.PlacementRule](#netmap.PlacementRule) | | Rules define storage policy for the object inside the container. |
|
||||||
| List | [AccessControlList](#container.AccessControlList) | | Container ACL. |
|
| BasicACL | [uint32](#uint32) | | BasicACL with access control rules for owner, system, others and permission bits for bearer token and extended ACL. |
|
||||||
|
|
||||||
<!-- end messages -->
|
<!-- end messages -->
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue