afd55ac90b
Basic NeoFS ACL applies access rules to request sender. Request
senders are combined in groups that calls `targets`.
Basic ACL rules may be applied to these targets:
1. User - request sender is the owner of the container,
used in the request.
2. System - request sender is the storage node
within the container used in the request or
inner ring node.
3. Others - request sender is none of the above.
Extended ACL rules may be applied for targets, provided with
extra information.
4. PubKey - request sender has provided public key.
27 lines
809 B
Protocol Buffer
27 lines
809 B
Protocol Buffer
syntax = "proto3";
|
|
package acl;
|
|
option go_package = "github.com/nspcc-dev/neofs-api-go/acl";
|
|
option csharp_namespace = "NeoFS.API.Acl";
|
|
|
|
import "github.com/gogo/protobuf/gogoproto/gogo.proto";
|
|
option (gogoproto.stable_marshaler_all) = true;
|
|
|
|
// Target of the access control rule in access control list.
|
|
enum Target {
|
|
// Unknown target, default value.
|
|
Unknown = 0;
|
|
|
|
// User target rule is applied if sender is the owner of the container.
|
|
User = 1;
|
|
|
|
// System target rule is applied if sender is the storage node within the
|
|
// container or inner ring node.
|
|
System = 2;
|
|
|
|
// Others target rule is applied if sender is not user or system target.
|
|
Others = 3;
|
|
|
|
// PubKey target rule is applied if sender has public key provided in
|
|
// extended ACL.
|
|
PubKey = 4;
|
|
}
|