[#561] acl: Fetch session token from original request meta header

As it explained in previous commit, session token also should be presented in original meta header but can be omitted in higher layers. Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-05-26 19:51:24 +03:00 · 2021-05-26 19:51:24 +03:00 · a025e6250e
parent d368afffe5
commit a025e6250e
1 changed files with 16 additions and 6 deletions
--- a/pkg/services/object/acl/acl.go
+++ b/pkg/services/object/acl/acl.go
@ -144,7 +144,7 @@ func (b Service) Get(request *object.GetRequest, stream objectSvc.GetObjectStrea
 		return err
 	}

-	sTok := request.GetMetaHeader().GetSessionToken()
+	sTok := originalSessionToken(request.GetMetaHeader())

 	req := metaWithToken{
 		vheader: request.GetVerificationHeader(),
@ -192,7 +192,7 @@ func (b Service) Head(
 		return nil, err
 	}

-	sTok := request.GetMetaHeader().GetSessionToken()
+	sTok := originalSessionToken(request.GetMetaHeader())

 	req := metaWithToken{
 		vheader: request.GetVerificationHeader(),
@ -235,7 +235,7 @@ func (b Service) Search(request *object.SearchRequest, stream objectSvc.SearchSt

 	req := metaWithToken{
 		vheader: request.GetVerificationHeader(),
-		token:   request.GetMetaHeader().GetSessionToken(),
+		token:   originalSessionToken(request.GetMetaHeader()),
 		bearer:  originalBearerToken(request.GetMetaHeader()),
 		src:     request,
 	}
@ -268,7 +268,7 @@ func (b Service) Delete(
 		return nil, err
 	}

-	sTok := request.GetMetaHeader().GetSessionToken()
+	sTok := originalSessionToken(request.GetMetaHeader())

 	req := metaWithToken{
 		vheader: request.GetVerificationHeader(),
@ -300,7 +300,7 @@ func (b Service) GetRange(request *object.GetRangeRequest, stream objectSvc.GetO
 		return err
 	}

-	sTok := request.GetMetaHeader().GetSessionToken()
+	sTok := originalSessionToken(request.GetMetaHeader())

 	req := metaWithToken{
 		vheader: request.GetVerificationHeader(),
@ -338,7 +338,7 @@ func (b Service) GetRangeHash(
 		return nil, err
 	}

-	sTok := request.GetMetaHeader().GetSessionToken()
+	sTok := originalSessionToken(request.GetMetaHeader())

 	req := metaWithToken{
 		vheader: request.GetVerificationHeader(),
@ -781,3 +781,13 @@ func originalBearerToken(header *session.RequestMetaHeader) *bearer.BearerToken

 	return header.GetBearerToken()
 }
+
+// originalSessionToken goes down to original request meta header and fetches
+// session token from there.
+func originalSessionToken(header *session.RequestMetaHeader) *session.SessionToken {
+	for header.GetOrigin() != nil {
+		header = header.GetOrigin()
+	}
+
+	return header.GetSessionToken()
+}