[#851] ape: Initialize and use policy contract interface
Some checks failed
DCO action / DCO (pull_request) Successful in 2m1s
Build / Build Components (1.20) (pull_request) Successful in 2m56s
Build / Build Components (1.21) (pull_request) Successful in 4m8s
Vulncheck / Vulncheck (pull_request) Successful in 3m40s
Tests and linters / Staticcheck (pull_request) Successful in 5m48s
Tests and linters / Lint (pull_request) Successful in 6m38s
Tests and linters / Tests (1.21) (pull_request) Failing after 11m18s
Tests and linters / Tests (1.20) (pull_request) Successful in 12m48s
Tests and linters / Tests with -race (pull_request) Successful in 13m45s

* Replace inmemory policy contract mock by initialized
  policy contract interface.

Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
This commit is contained in:
Airat Arifullin 2023-12-13 15:46:31 +03:00
parent bdd43f6211
commit 6e6eb92d17
7 changed files with 20 additions and 5 deletions

View file

@ -70,7 +70,7 @@ import (
objectSDK "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object" objectSDK "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object"
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user" "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/version" "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/version"
"git.frostfs.info/TrueCloudLab/policy-engine/pkg/engine/inmemory" policy_client "git.frostfs.info/TrueCloudLab/policy-engine/pkg/morph/policy"
"github.com/nspcc-dev/neo-go/pkg/crypto/keys" "github.com/nspcc-dev/neo-go/pkg/crypto/keys"
neogoutil "github.com/nspcc-dev/neo-go/pkg/util" neogoutil "github.com/nspcc-dev/neo-go/pkg/util"
"github.com/panjf2000/ants/v2" "github.com/panjf2000/ants/v2"
@ -545,6 +545,8 @@ type cfgLocalStorage struct {
} }
type cfgAccessPolicyEngine struct { type cfgAccessPolicyEngine struct {
policyContractHash neogoutil.Uint160
accessPolicyEngine *accessPolicyEngine accessPolicyEngine *accessPolicyEngine
} }
@ -999,7 +1001,9 @@ func initAccessPolicyEngine(_ context.Context, c *cfg) {
) )
} }
morphRuleStorage := inmemory.NewInmemoryMorphRuleChainStorage() morphRuleStorage := policy_client.NewContractStorage(
c.cfgMorph.client.GetActor(),
c.cfgObject.cfgAccessPolicyEngine.policyContractHash)
ape := newAccessPolicyEngine(morphRuleStorage, localOverrideDB) ape := newAccessPolicyEngine(morphRuleStorage, localOverrideDB)
c.cfgObject.cfgAccessPolicyEngine.accessPolicyEngine = ape c.cfgObject.cfgAccessPolicyEngine.accessPolicyEngine = ape

View file

@ -98,14 +98,15 @@ func initApp(ctx context.Context, c *cfg) {
fatalOnErr(c.cfgObject.cfgLocalStorage.localStorage.Init(ctx)) fatalOnErr(c.cfgObject.cfgLocalStorage.localStorage.Init(ctx))
}) })
initAndLog(c, "gRPC", initGRPC)
initAndLog(c, "netmap", func(c *cfg) { initNetmapService(ctx, c) })
initAccessPolicyEngine(ctx, c) initAccessPolicyEngine(ctx, c)
initAndLog(c, "access policy engine", func(c *cfg) { initAndLog(c, "access policy engine", func(c *cfg) {
fatalOnErr(c.cfgObject.cfgAccessPolicyEngine.accessPolicyEngine.LocalOverrideDatabaseCore().Open(ctx)) fatalOnErr(c.cfgObject.cfgAccessPolicyEngine.accessPolicyEngine.LocalOverrideDatabaseCore().Open(ctx))
fatalOnErr(c.cfgObject.cfgAccessPolicyEngine.accessPolicyEngine.LocalOverrideDatabaseCore().Init()) fatalOnErr(c.cfgObject.cfgAccessPolicyEngine.accessPolicyEngine.LocalOverrideDatabaseCore().Init())
}) })
initAndLog(c, "gRPC", initGRPC)
initAndLog(c, "netmap", func(c *cfg) { initNetmapService(ctx, c) })
initAndLog(c, "accounting", func(c *cfg) { initAccountingService(ctx, c) }) initAndLog(c, "accounting", func(c *cfg) { initAccountingService(ctx, c) })
initAndLog(c, "container", func(c *cfg) { initContainerService(ctx, c) }) initAndLog(c, "container", func(c *cfg) { initContainerService(ctx, c) })
initAndLog(c, "session", initSessionService) initAndLog(c, "session", initSessionService)

View file

@ -289,6 +289,7 @@ func lookupScriptHashesInNNS(c *cfg) {
{&c.cfgAccounting.scriptHash, client.NNSBalanceContractName}, {&c.cfgAccounting.scriptHash, client.NNSBalanceContractName},
{&c.cfgContainer.scriptHash, client.NNSContainerContractName}, {&c.cfgContainer.scriptHash, client.NNSContainerContractName},
{&c.cfgMorph.proxyScriptHash, client.NNSProxyContractName}, {&c.cfgMorph.proxyScriptHash, client.NNSProxyContractName},
{&c.cfgObject.cfgAccessPolicyEngine.policyContractHash, client.NNSPolicyContractName},
} }
) )

2
go.mod
View file

@ -8,7 +8,7 @@ require (
git.frostfs.info/TrueCloudLab/frostfs-observability v0.0.0-20231101111734-b3ad3335ff65 git.frostfs.info/TrueCloudLab/frostfs-observability v0.0.0-20231101111734-b3ad3335ff65
git.frostfs.info/TrueCloudLab/frostfs-sdk-go v0.0.0-20231122162120-56debcfa569e git.frostfs.info/TrueCloudLab/frostfs-sdk-go v0.0.0-20231122162120-56debcfa569e
git.frostfs.info/TrueCloudLab/hrw v1.2.1 git.frostfs.info/TrueCloudLab/hrw v1.2.1
git.frostfs.info/TrueCloudLab/policy-engine v0.0.0-20231211080303-8c673ee4f4af git.frostfs.info/TrueCloudLab/policy-engine v0.0.0-20231214122253-62ea96b82ce3
git.frostfs.info/TrueCloudLab/tzhash v1.8.0 git.frostfs.info/TrueCloudLab/tzhash v1.8.0
github.com/cheggaaa/pb v1.0.29 github.com/cheggaaa/pb v1.0.29
github.com/chzyer/readline v1.5.1 github.com/chzyer/readline v1.5.1

BIN
go.sum

Binary file not shown.

View file

@ -539,3 +539,10 @@ func (c *Client) setActor(act *actor.Actor) {
c.gasToken = nep17.New(act, gas.Hash) c.gasToken = nep17.New(act, gas.Hash)
c.rolemgmt = rolemgmt.New(act) c.rolemgmt = rolemgmt.New(act)
} }
func (c *Client) GetActor() *actor.Actor {
c.switchLock.RLock()
defer c.switchLock.RUnlock()
return c.rpcActor
}

View file

@ -33,6 +33,8 @@ const (
NNSProxyContractName = "proxy.frostfs" NNSProxyContractName = "proxy.frostfs"
// NNSGroupKeyName is a name for the FrostFS group key record in NNS. // NNSGroupKeyName is a name for the FrostFS group key record in NNS.
NNSGroupKeyName = "group.frostfs" NNSGroupKeyName = "group.frostfs"
// NNSPolicyContractName is a name of the policy contract in NNS.
NNSPolicyContractName = "policy.frostfs"
) )
var ( var (