[#190] Rename owner to cnrOwner in object request info
`owner` field may be misused as request sender owner, however it is a owner of a container for that request. New naming should be clear. Signed-off-by: Alex Vanin <alexey@nspcc.ru>
This commit is contained in:
parent
f0537b35c1
commit
2148e282ec
1 changed files with 5 additions and 5 deletions
|
@ -56,7 +56,7 @@ type (
|
||||||
requestRole acl.Role
|
requestRole acl.Role
|
||||||
isInnerRing bool
|
isInnerRing bool
|
||||||
operation acl.Operation // put, get, head, etc.
|
operation acl.Operation // put, get, head, etc.
|
||||||
owner *owner.ID // container owner
|
cnrOwner *owner.ID // container owner
|
||||||
|
|
||||||
cid *container.ID
|
cid *container.ID
|
||||||
|
|
||||||
|
@ -423,7 +423,7 @@ func (b Service) findRequestInfo(
|
||||||
info.requestRole = role
|
info.requestRole = role
|
||||||
info.isInnerRing = isIR
|
info.isInnerRing = isIR
|
||||||
info.operation = verb
|
info.operation = verb
|
||||||
info.owner = cnr.OwnerID()
|
info.cnrOwner = cnr.OwnerID()
|
||||||
info.cid = cid
|
info.cid = cid
|
||||||
|
|
||||||
// it is assumed that at the moment the key will be valid,
|
// it is assumed that at the moment the key will be valid,
|
||||||
|
@ -508,7 +508,7 @@ func basicACLCheck(info requestInfo) bool {
|
||||||
}
|
}
|
||||||
|
|
||||||
func stickyBitCheck(info requestInfo, owner *owner.ID) bool {
|
func stickyBitCheck(info requestInfo, owner *owner.ID) bool {
|
||||||
if owner == nil || info.owner == nil {
|
if owner == nil || info.cnrOwner == nil {
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -516,7 +516,7 @@ func stickyBitCheck(info requestInfo, owner *owner.ID) bool {
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
|
||||||
return bytes.Equal(owner.ToV2().GetValue(), info.owner.ToV2().GetValue())
|
return bytes.Equal(owner.ToV2().GetValue(), info.cnrOwner.ToV2().GetValue())
|
||||||
}
|
}
|
||||||
|
|
||||||
func eACLCheck(msg interface{}, reqInfo requestInfo, cfg *eACLCfg) bool {
|
func eACLCheck(msg interface{}, reqInfo requestInfo, cfg *eACLCfg) bool {
|
||||||
|
@ -640,7 +640,7 @@ func isValidBearer(reqInfo requestInfo, st netmap.State) bool {
|
||||||
|
|
||||||
// 3. Then check if container owner signed this token.
|
// 3. Then check if container owner signed this token.
|
||||||
tokenIssuerKey := crypto.UnmarshalPublicKey(token.GetSignature().GetKey())
|
tokenIssuerKey := crypto.UnmarshalPublicKey(token.GetSignature().GetKey())
|
||||||
if !isOwnerFromKey(reqInfo.owner, tokenIssuerKey) {
|
if !isOwnerFromKey(reqInfo.cnrOwner, tokenIssuerKey) {
|
||||||
// todo: in this case we can issue all owner keys from neofs.id and check once again
|
// todo: in this case we can issue all owner keys from neofs.id and check once again
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue