[#1090] tree: Make workaround for APE checks

* Make `verifyClient` method perform APE check if a container was created with zero-filled basic ACL. * Object verbs are used in APE, until tree verbs are introduced. Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
2024-04-11 18:10:33 +03:00 · 2024-04-11 18:10:33 +03:00 · 59d7a6940d
commit 59d7a6940d
parent 2ecd427df4
4 changed files with 89 additions and 6 deletions
--- a/pkg/services/tree/options.go
+++ b/pkg/services/tree/options.go
@ -9,6 +9,7 @@ import (
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/local_object_storage/pilorama"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/util/logger"
 	cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
+	policyengine "git.frostfs.info/TrueCloudLab/policy-engine/pkg/engine"
 	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
 )

@ -38,6 +39,8 @@ type cfg struct {
 	containerCacheSize        int
 	authorizedKeys            [][]byte

+	router policyengine.ChainRouter
+
 	metrics MetricsRegister
 }

@ -139,3 +142,9 @@ func WithAuthorizedKeys(keys keys.PublicKeys) Option {
 		}
 	}
 }
+
+func WithAPERouter(router policyengine.ChainRouter) Option {
+	return func(c *cfg) {
+		c.router = router
+	}
+}