diff --git a/mfa/mfa.go b/mfa/mfa.go index 6b7aebb..f159d7b 100644 --- a/mfa/mfa.go +++ b/mfa/mfa.go @@ -22,8 +22,14 @@ type ( // and KeyStore interface to encode and decode OTP keys inside FrostFS // objects. Manager struct { - storage Storage - unlocker KeyStore + ReadManager + storage Storage + unlocker KeyStore + } + + ReadManager struct { + storage StorageReader + unlocker KeyStoreReader container cid.ID logger *zap.Logger } @@ -31,13 +37,17 @@ type ( // KeyStore is an interface for Manager to provide keys to encode and decode // OTP keys of MFA devices. KeyStore interface { - // PrivateKey returns private key of this Manager. - PrivateKey() *keys.PrivateKey + KeyStoreReader // PublicKeys returns list of public keys for all managers, including // this Manager. PublicKeys() []*keys.PublicKey } + KeyStoreReader interface { + // PrivateKey returns private key of this Manager. + PrivateKey() *keys.PrivateKey + } + // Config contains parameters for Manager constructor. Config struct { Storage Storage @@ -45,6 +55,13 @@ type ( Container cid.ID Logger *zap.Logger } + + ReadConfig struct { + Storage StorageReader + Unlocker KeyStoreReader + Container cid.ID + Logger *zap.Logger + } ) // NewManager creates new instance of Manager. @@ -60,9 +77,32 @@ func NewManager(cfg Config) (*Manager, error) { } return &Manager{ + ReadManager: ReadManager{ + storage: cfg.Storage, + unlocker: cfg.Unlocker, + container: cfg.Container, + logger: cfg.Logger, + }, + storage: cfg.Storage, + unlocker: cfg.Unlocker, + }, nil +} + +func NewReadManager(cfg ReadConfig) (*ReadManager, error) { + if cfg.Storage == nil { + return nil, errors.New("mfa storage is nil") + } + if cfg.Logger == nil { + return nil, errors.New("mfa logger is nil") + } + if cfg.Unlocker == nil { + return nil, errors.New("mfa key store is nil") + } + + return &ReadManager{ storage: cfg.Storage, - container: cfg.Container, unlocker: cfg.Unlocker, + container: cfg.Container, logger: cfg.Logger, }, nil } @@ -83,7 +123,7 @@ func (m *Manager) CreateMFADevice(ctx context.Context, device SecretDevice) erro } // GetMFADevice returns decoded MFA device from MFA container. -func (m *Manager) GetMFADevice(ctx context.Context, ns, mfaName string) (*SecretDevice, error) { +func (m *ReadManager) GetMFADevice(ctx context.Context, ns, mfaName string) (*SecretDevice, error) { ctx, span := tracing.StartSpanFromContext(ctx, "mfa.GetMFADevice") defer span.End() @@ -133,7 +173,7 @@ func (m *Manager) GetMFADevice(ctx context.Context, ns, mfaName string) (*Secret } // GetTinyMFADevice returns MFA device metadata without OTP key from the tree of MFA container. -func (m *Manager) GetTinyMFADevice(ctx context.Context, ns, mfaName string) (*Device, error) { +func (m *ReadManager) GetTinyMFADevice(ctx context.Context, ns, mfaName string) (*Device, error) { ctx, span := tracing.StartSpanFromContext(ctx, "mfa.GetTinyMFADevice") defer span.End() @@ -151,7 +191,7 @@ func (m *Manager) GetTinyMFADevice(ctx context.Context, ns, mfaName string) (*De } // ListMFADevices lists all available MFA device metadata with specified device namespace from the tree of MFA container. -func (m *Manager) ListMFADevices(ctx context.Context, ns string) ([]*Device, error) { +func (m *ReadManager) ListMFADevices(ctx context.Context, ns string) ([]*Device, error) { ctx, span := tracing.StartSpanFromContext(ctx, "mfa.ListMFADevices") defer span.End() @@ -164,7 +204,7 @@ func (m *Manager) ListMFADevices(ctx context.Context, ns string) ([]*Device, err } // ListAllMFADevices lists all available MFA device metadata from the tree of MFA container. -func (m *Manager) ListAllMFADevices(ctx context.Context) ([]*Device, error) { +func (m *ReadManager) ListAllMFADevices(ctx context.Context) ([]*Device, error) { ctx, span := tracing.StartSpanFromContext(ctx, "mfa.ListAllMFADevices") defer span.End() @@ -327,7 +367,7 @@ func (m *Manager) putMFADevice(ctx context.Context, device SecretDevice) error { return nil } -func (m *Manager) formDevices(list []*TreeNode) ([]*Device, error) { +func (m *ReadManager) formDevices(list []*TreeNode) ([]*Device, error) { res := make([]*Device, 0, len(list)) for _, item := range list { dev, err := newDevice(item) diff --git a/mfa/storage.go b/mfa/storage.go index 7f995a6..e146d0b 100644 --- a/mfa/storage.go +++ b/mfa/storage.go @@ -13,19 +13,23 @@ type ( // Storage is an interface for Manager to manage FrostFS objects // and metadata in tree service. Storage interface { + StorageReader // CreateObject creates new FrostFS object. CreateObject(context.Context, PrmObjectCreate) (oid.ID, error) - // GetObject returns payload of FrostFS object. - GetObject(context.Context, oid.Address) ([]byte, error) // DeleteObject deletes FrostFS object. DeleteObject(context.Context, oid.Address) error // SetTreeNode creates or updates specified tree node the tree service and returns updated data. SetTreeNode(ctx context.Context, cnrID cid.ID, name string, meta map[string]string) (*TreeMultiNode, error) + // DeleteTreeNode removes all specified tree nodes from the tree and returns copy of it. + DeleteTreeNode(ctx context.Context, cnrID cid.ID, name string) ([]*TreeNode, error) + } + + StorageReader interface { + // GetObject returns payload of FrostFS object. + GetObject(context.Context, oid.Address) ([]byte, error) // GetTreeNode returns data about latest and remaining versions of specified tree node. // Must return 'ErrTreeNodeNotFound' if tree does not exist. GetTreeNode(ctx context.Context, cnrID cid.ID, name string) (*TreeMultiNode, error) - // DeleteTreeNode removes all specified tree nodes from the tree and returns copy of it. - DeleteTreeNode(ctx context.Context, cnrID cid.ID, name string) ([]*TreeNode, error) // GetTreeNodes returns all available tree nodes with specified prefix. GetTreeNodes(ctx context.Context, cnrID cid.ID, prefix string) ([]*TreeNode, error) }