[#1080] ape: Do not read object headers before Head/Get

Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2024-04-04 14:55:38 +03:00 · 2024-04-04 14:55:38 +03:00 · 4b902be81e
parent 161d33c2b7
commit 4b902be81e
3 changed files with 22 additions and 17 deletions
--- a/pkg/services/object/ape/checker.go
+++ b/pkg/services/object/ape/checker.go
@ -54,6 +54,9 @@ type Prm struct {

 	// If SoftAPECheck is set to true, then NoRuleFound is interpreted as allow.
 	SoftAPECheck bool
+
+	// If true, object headers will not retrieved from storage engine.
+	WithoutHeaderRequest bool
 }

 var errMissingOID = errors.New("object ID is not set")
--- a/pkg/services/object/ape/request.go
+++ b/pkg/services/object/ape/request.go
@ -141,7 +141,7 @@ func (c *checkerImpl) newAPERequest(ctx context.Context, prm Prm) (*request, err
 	var header *objectV2.Header
 	if prm.Header != nil {
 		header = prm.Header
-	} else if prm.Object != nil {
+	} else if prm.Object != nil && !prm.WithoutHeaderRequest {
 		headerObjSDK, err := c.headerProvider.GetHeader(ctx, prm.Container, *prm.Object)
 		if err == nil {
 			header = headerObjSDK.ToV2().GetHeader()
--- a/pkg/services/object/ape/service.go
+++ b/pkg/services/object/ape/service.go
@ -125,14 +125,15 @@ func (c *Service) Get(request *objectV2.GetRequest, stream objectSvc.GetObjectSt
 	}

 	err = c.apeChecker.CheckAPE(stream.Context(), Prm{
-		Namespace:      reqCtx.Namespace,
-		Container:      cnrID,
-		Object:         objID,
-		Method:         nativeschema.MethodGetObject,
-		Role:           nativeSchemaRole(reqCtx.Role),
-		SenderKey:      hex.EncodeToString(reqCtx.SenderKey),
-		ContainerOwner: reqCtx.ContainerOwner,
-		SoftAPECheck:   reqCtx.SoftAPECheck,
+		Namespace:            reqCtx.Namespace,
+		Container:            cnrID,
+		Object:               objID,
+		Method:               nativeschema.MethodGetObject,
+		Role:                 nativeSchemaRole(reqCtx.Role),
+		SenderKey:            hex.EncodeToString(reqCtx.SenderKey),
+		ContainerOwner:       reqCtx.ContainerOwner,
+		SoftAPECheck:         reqCtx.SoftAPECheck,
+		WithoutHeaderRequest: true,
 	})
 	if err != nil {
 		return toStatusErr(err)
@ -211,14 +212,15 @@ func (c *Service) Head(ctx context.Context, request *objectV2.HeadRequest) (*obj
 	}

 	err = c.apeChecker.CheckAPE(ctx, Prm{
-		Namespace:      reqCtx.Namespace,
-		Container:      cnrID,
-		Object:         objID,
-		Method:         nativeschema.MethodHeadObject,
-		Role:           nativeSchemaRole(reqCtx.Role),
-		SenderKey:      hex.EncodeToString(reqCtx.SenderKey),
-		ContainerOwner: reqCtx.ContainerOwner,
-		SoftAPECheck:   reqCtx.SoftAPECheck,
+		Namespace:            reqCtx.Namespace,
+		Container:            cnrID,
+		Object:               objID,
+		Method:               nativeschema.MethodHeadObject,
+		Role:                 nativeSchemaRole(reqCtx.Role),
+		SenderKey:            hex.EncodeToString(reqCtx.SenderKey),
+		ContainerOwner:       reqCtx.ContainerOwner,
+		SoftAPECheck:         reqCtx.SoftAPECheck,
+		WithoutHeaderRequest: true,
 	})
 	if err != nil {
 		return nil, toStatusErr(err)