e83d39e33f
[ #1253 ] deleteSvc: Use copy of common parameters
...
DCO action / DCO (pull_request) Successful in 3m29s
Vulncheck / Vulncheck (pull_request) Successful in 3m31s
Build / Build Components (1.21) (pull_request) Successful in 4m56s
Build / Build Components (1.22) (pull_request) Successful in 4m57s
Tests and linters / Staticcheck (pull_request) Successful in 5m14s
Tests and linters / gopls check (pull_request) Successful in 5m11s
Tests and linters / Lint (pull_request) Successful in 6m23s
Tests and linters / Tests (1.22) (pull_request) Successful in 12m42s
Tests and linters / Tests (1.21) (pull_request) Successful in 12m54s
Tests and linters / Tests with -race (pull_request) Successful in 16m31s
Pre-commit hooks / Pre-commit (pull_request) Successful in 21m57s
getSvc may change the values of some fields, so Head will affect Delete
or Put. In this case, the change is necessary so that the session token
is stored in the tombstone object (EC assemble calls `ForgetTokens`).
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2024-07-17 14:24:27 +03:00
fc383ea6ae
[ #1253 ] getSvc: Fix EC objects get
...
Now EC objects assembling is performed concurrently.
Also fixed issue with an error in case of getting
EC object via non-container node.
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2024-07-17 14:24:27 +03:00
d5dc14c639
[ #1243 ] object: Make APE checker set x-headers to request properties
...
* Update go.mod, go.sum;
* Add x-headers to request properties;
* Add a unit-test.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
2024-07-16 07:28:42 +00:00
84ecd61dfd
[ #1233 ] putSvc: Try to put EC chunk to any node
...
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2024-07-09 07:54:29 +00:00
d90aab5454
[ #1229 ] util: Fix session token expiration check
...
* Make session token expired at `current_epoch + 1` but
not at `current_epoch` when it's still valid.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
2024-07-08 08:15:56 +00:00
0c2b6f3dac
[ #1216 ] ape: Make services use bearer chains fed router
...
* Refactor object and tree service - they should instantiate
chain router cheking the bearer token. If there are no bearer
token rules, then defaul chain router is used.
* Fix unit-tests.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
2024-07-05 18:26:48 +00:00
f3a861806e
[ #1218 ] object: Fix bearer token validation
...
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
2024-07-03 07:22:11 +00:00
a378ff9cf6
[ #1218 ] object: Pass container owner for backward get method check
...
* `getStreamBasicChecker` must define `containerOwner` for backward checks,
otherwise bearer token cannot be validated for the token issuer.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
2024-07-03 07:22:11 +00:00
dc2867682f
[ #1213 ] deleteSvc: Do not allow to delete EC chunks
...
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2024-07-01 06:49:35 +00:00
0b87388c18
[ #1190 ] object: GroupIDs must also be target of APE checks
...
* Also add new test case for ape middleware in container service.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
2024-06-25 08:49:20 +00:00
ecd1ed7a5e
[ #1184 ] node: Add audit middleware for grpc services
...
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2024-06-19 16:05:53 +03:00
04a3f891fd
[ #1157 ] object: Make APE checker use Bearer-token's APE overrides
...
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
2024-06-07 12:11:11 +00:00
c1af13b47e
[ #1147 ] node: Fix issue from gopls
...
Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com>
2024-05-30 08:13:04 +00:00
6130650bb6
[ #1147 ] node: Implement Lock\Delete
requests for EC object
...
Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com>
2024-05-30 08:13:04 +00:00
d355274cd0
[ #1147 ] object: Use methods on pointer for searchsvc.execCtx
...
Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com>
2024-05-30 08:13:04 +00:00
3555c73225
[ #1147 ] object: Use methods on pointer for deletesvc.execCtx
...
Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com>
2024-05-30 08:13:04 +00:00
e43e7bec3a
[ #1147 ] log: Remove redundant address
field from log
...
Filled when logger created for `request` object from package `getsvc`.
Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com>
2024-05-30 08:13:04 +00:00
482c5129ac
[ #1142 ] object: Fill APE-request with source IP property
...
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
2024-05-27 10:17:17 +00:00
436c9f5558
[ #1129 ] policer: Restore EC object
...
Vulncheck / Vulncheck (pull_request) Successful in 1m43s
DCO action / DCO (pull_request) Successful in 2m53s
Build / Build Components (1.21) (pull_request) Successful in 4m6s
Build / Build Components (1.22) (pull_request) Successful in 4m31s
Tests and linters / gopls check (pull_request) Successful in 4m57s
Tests and linters / Staticcheck (pull_request) Successful in 6m14s
Tests and linters / Lint (pull_request) Successful in 6m42s
Pre-commit hooks / Pre-commit (pull_request) Successful in 9m19s
Tests and linters / Tests (1.21) (pull_request) Successful in 10m15s
Tests and linters / Tests (1.22) (pull_request) Successful in 10m36s
Tests and linters / Tests with -race (pull_request) Successful in 10m36s
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2024-05-17 14:36:18 +03:00
44f2e8f27f
[ #1129 ] putSvc: Allow to put single unprepared object to EC container
...
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2024-05-16 16:28:49 +03:00
cbe9757490
[ #1129 ] policer: Pull required EC chunks
...
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2024-05-16 16:28:49 +03:00
b3eaa8a9bc
[ #1083 ] objsvc/v2: Check response status in RANGE_HASH forwarder
...
DCO action / DCO (pull_request) Successful in 1m45s
Vulncheck / Vulncheck (pull_request) Successful in 4m11s
Pre-commit hooks / Pre-commit (pull_request) Successful in 5m44s
Build / Build Components (1.22) (pull_request) Successful in 5m25s
Build / Build Components (1.21) (pull_request) Successful in 5m30s
Tests and linters / Staticcheck (pull_request) Successful in 5m50s
Tests and linters / gopls check (pull_request) Successful in 5m51s
Tests and linters / Lint (pull_request) Successful in 7m44s
Tests and linters / Tests (1.22) (pull_request) Successful in 11m36s
Tests and linters / Tests (1.21) (pull_request) Successful in 12m13s
Tests and linters / Tests with -race (pull_request) Successful in 12m25s
Fixes #1083
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2024-05-15 12:04:21 +03:00
0924b62a95
[ #1083 ] objsvc/v2: Unify response verification after forwarding
...
1. Use the same routine for HEAD/GET_RANGE methods.
2. Make error message similar.
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2024-05-15 12:04:06 +03:00
300654b045
[ #1083 ] objsvc/v2: Properly check response status after forwarding
...
Previously we had cryptic error:
```
debug get/remote.go:38 remote call failed {"component": "Object.Get service", "request": "HEAD", "address": "9sTxoVrhJ7WBtXQfK2NJ7zDV5yCF7BPLKK1XTxYPdGsP/BbHV4KZZ8y2BPqAT5kyjdHRLkfbtY2xf5uYoMVqxACn1", "raw": false, "local": false, "with session": false, "with bearer": false, "error": "unexpected header type <nil>"}
```
Now we have and expected error:
```
debug get/remote.go:38 remote call failed {"component": "Object.Get service", "request": "HEAD", "address": "D2rqaMG4D2VHdv3HKky8UYSYmwQFH2v9oXXqtyRZPTMy/BbHV4KZZ8y2BPqAT5kyjdHRLkfbtY2xf5uYoMVqxACn1", "raw": false, "local": false, "with session": false, "with bearer": false, "error": "status: code = 2049 message = object not found"}
```
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2024-05-15 12:04:06 +03:00
952d13cd2b
[ #1124 ] cli: Improve APE rule parsing
...
Vulncheck / Vulncheck (pull_request) Successful in 1m25s
DCO action / DCO (pull_request) Successful in 1m59s
Build / Build Components (1.21) (pull_request) Successful in 2m27s
Build / Build Components (1.22) (pull_request) Successful in 4m25s
Pre-commit hooks / Pre-commit (pull_request) Successful in 4m57s
Tests and linters / Staticcheck (pull_request) Successful in 5m38s
Tests and linters / gopls check (pull_request) Successful in 5m57s
Tests and linters / Lint (pull_request) Successful in 6m26s
Tests and linters / Tests (1.22) (pull_request) Successful in 9m5s
Tests and linters / Tests (1.21) (pull_request) Successful in 9m11s
Tests and linters / Tests with -race (pull_request) Successful in 9m4s
* Make APE rule parser to read condition's kind in unambiguous using lexemes
`ResourceCondition`, `RequestCondition` instead confusing `Object.Request`, `Object.Resource`.
* Fix unit-tests.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
2024-05-14 12:23:26 +03:00
0144117cc9
[ #1125 ] objectSvc: Add EC header APE check
...
Build / Build Components (1.21) (pull_request) Successful in 6m27s
DCO action / DCO (pull_request) Successful in 6m38s
Build / Build Components (1.22) (pull_request) Successful in 8m54s
Vulncheck / Vulncheck (pull_request) Successful in 8m37s
Tests and linters / gopls check (pull_request) Successful in 10m32s
Tests and linters / Staticcheck (pull_request) Successful in 11m3s
Tests and linters / Lint (pull_request) Successful in 11m27s
Pre-commit hooks / Pre-commit (pull_request) Successful in 14m16s
Tests and linters / Tests (1.21) (pull_request) Successful in 14m26s
Tests and linters / Tests (1.22) (pull_request) Successful in 15m14s
Tests and linters / Tests with -race (pull_request) Successful in 15m45s
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2024-05-08 16:25:55 +03:00
ada1b9f737
[ #1120 ] objectSvc: Fix EC put placement
...
Use parent object ID to compute placement.
Fix too many copies saving.
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2024-05-08 15:23:57 +03:00
fe2c1c926f
[ #1112 ] node: Fix race warning for GetObjectAndWritePayload
...
DCO action / DCO (pull_request) Successful in 2m10s
Vulncheck / Vulncheck (pull_request) Successful in 2m2s
Build / Build Components (1.22) (pull_request) Successful in 3m44s
Build / Build Components (1.21) (pull_request) Successful in 3m52s
Pre-commit hooks / Pre-commit (pull_request) Successful in 5m40s
Tests and linters / Staticcheck (pull_request) Successful in 6m40s
Tests and linters / Lint (pull_request) Successful in 7m11s
Tests and linters / gopls check (pull_request) Successful in 9m16s
Tests and linters / Tests (1.21) (pull_request) Successful in 10m58s
Tests and linters / Tests (1.22) (pull_request) Successful in 11m2s
Tests and linters / Tests with -race (pull_request) Successful in 11m35s
Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com>
2024-05-07 14:47:21 +03:00
3e782527b8
[ #1112 ] node: Add test for Range
request for EC object
...
Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com>
2024-05-07 14:47:21 +03:00
21a490da8f
[ #1112 ] Fix issue from gofumpt
...
Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com>
2024-05-07 14:47:21 +03:00
93c0ccad4f
[ #1077 ] objectsvc: Fix possible panic in GetRange()
...
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2024-05-07 14:47:21 +03:00
00b2b77b26
[ #1112 ] node: Implement Range\RangeHash
requests for EC object
...
Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com>
2024-05-07 14:47:21 +03:00
b60a51b862
[ #1117 ] ape: Introduce FormFrostfsIDRequestProperties
method
...
* `FormFrostfsIDRequestProperties` gets user claim tags and group id and sets them
as ape request properties.
* Make tree, container and object service use the method.
* Fix unit-tests.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
2024-05-07 10:01:21 +00:00
6c76c9b457
[ #1117 ] core: Introduce SubjectProvider interface for FrostfsID
...
* Make tree, object and container services use SubjectProvider interface.
* Fix unit-tests.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
2024-05-07 10:01:21 +00:00
e07869a8cf
[ #1100 ] Remove unused fields
...
DCO action / DCO (pull_request) Successful in 2m47s
Build / Build Components (1.21) (pull_request) Successful in 3m21s
Vulncheck / Vulncheck (pull_request) Successful in 3m33s
Build / Build Components (1.22) (pull_request) Successful in 5m25s
Tests and linters / gopls check (pull_request) Successful in 5m13s
Tests and linters / Staticcheck (pull_request) Successful in 6m13s
Tests and linters / Lint (pull_request) Successful in 7m2s
Tests and linters / Tests (1.21) (pull_request) Successful in 10m2s
Tests and linters / Tests with -race (pull_request) Successful in 9m55s
Tests and linters / Tests (1.22) (pull_request) Successful in 10m11s
Signed-off-by: Ekaterina Lebedeva <ekaterina.lebedeva@yadro.com>
2024-05-06 10:14:36 +03:00
71789676d5
[ #1114 ] aclsvc: Add tests for request ownership
...
DCO action / DCO (pull_request) Successful in 5m13s
Build / Build Components (1.21) (pull_request) Successful in 9m51s
Build / Build Components (1.22) (pull_request) Successful in 10m21s
Vulncheck / Vulncheck (pull_request) Successful in 12m9s
Tests and linters / Lint (pull_request) Successful in 16m50s
Tests and linters / gopls check (pull_request) Successful in 18m8s
Tests and linters / Staticcheck (pull_request) Successful in 19m1s
Tests and linters / Tests (1.22) (pull_request) Successful in 19m59s
Tests and linters / Tests with -race (pull_request) Successful in 20m5s
Tests and linters / Tests (1.21) (pull_request) Successful in 2m52s
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2024-05-02 11:57:39 +03:00
112a7c690f
[ #1103 ] node: Implement Get\Head
requests for EC object
...
DCO action / DCO (pull_request) Successful in 1m44s
Vulncheck / Vulncheck (pull_request) Successful in 3m3s
Build / Build Components (1.21) (pull_request) Successful in 4m0s
Build / Build Components (1.22) (pull_request) Successful in 3m57s
Tests and linters / Staticcheck (pull_request) Successful in 4m46s
Tests and linters / gopls check (pull_request) Successful in 4m48s
Tests and linters / Lint (pull_request) Successful in 5m45s
Tests and linters / Tests (1.21) (pull_request) Successful in 8m57s
Tests and linters / Tests with -race (pull_request) Successful in 9m10s
Tests and linters / Tests (1.22) (pull_request) Successful in 9m20s
Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com>
2024-04-24 18:15:53 +03:00
c21d72ac23
[ #1096 ] object: Make ape middleware fill request with user claim tags
...
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
2024-04-16 15:12:44 +03:00
91e79c98ba
[ #1089 ] ape: Provide request actor as an additional target
...
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2024-04-16 11:03:50 +00:00
f4dcb418f2
[ #1090 ] ape: Move ape request and resource implementations to common package
...
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
2024-04-15 07:45:45 +00:00
3dc81cb4fc
Reapply "[ #972 ] Use min/max builtins"
...
This reverts commit dad56d2e98
.
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2024-04-10 12:09:34 +00:00
e74bdaa5d5
[ #1080 ] ape: Use value for APE request
...
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2024-04-09 18:42:03 +03:00
338d8cbebd
[ #1080 ] ape: Do not read object headers before Head/Get
...
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2024-04-09 15:27:40 +03:00
2b88361849
[ #1062 ] object: Fix buffer allocation for PayloadRange
...
DCO action / DCO (pull_request) Successful in 5m34s
Vulncheck / Vulncheck (pull_request) Successful in 5m14s
Build / Build Components (1.20) (pull_request) Successful in 8m56s
Build / Build Components (1.21) (pull_request) Successful in 8m56s
Tests and linters / gopls check (pull_request) Successful in 9m3s
Tests and linters / Staticcheck (pull_request) Successful in 9m39s
Tests and linters / Lint (pull_request) Successful in 10m9s
Tests and linters / Tests (1.20) (pull_request) Successful in 13m43s
Tests and linters / Tests (1.21) (pull_request) Successful in 14m4s
Tests and linters / Tests with -race (pull_request) Successful in 14m40s
Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com>
2024-04-09 11:59:07 +03:00
1c5e0f90aa
[ #1064 ] putsvc: Add EC put
...
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2024-04-09 07:08:53 +00:00
39da643354
[ #1064 ] putsvc: Refactor distributed target
...
Extract object builder.
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2024-04-09 07:08:53 +00:00
6959e617c4
[ #1047 ] object: Set container owner ID property to ape request
...
* Introduce ContainerOwner field in RequestContext.
* Set ContainerOwner in aclv2 middleware.
* Set PropertyKeyContainerOwnerID for object ape request.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
2024-03-18 15:39:50 +00:00
d7be70e93f
[ #1040 ] object: Wrap CheckAPE errors to status errors
...
* All methods should wrap CheckAPE error, if it occurs, to
status error.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
2024-03-14 07:34:03 +00:00
5c252c9193
[ #1039 ] object: Skip APE check for certain request roles
...
DCO action / DCO (pull_request) Successful in 1m31s
Vulncheck / Vulncheck (pull_request) Successful in 2m52s
Build / Build Components (1.21) (pull_request) Successful in 3m52s
Build / Build Components (1.20) (pull_request) Successful in 4m16s
Tests and linters / gopls check (pull_request) Successful in 11m54s
Tests and linters / Staticcheck (pull_request) Successful in 12m31s
Tests and linters / Tests (1.21) (pull_request) Successful in 12m49s
Tests and linters / Tests (1.20) (pull_request) Successful in 13m8s
Tests and linters / Tests with -race (pull_request) Successful in 13m14s
Tests and linters / Lint (pull_request) Successful in 13m31s
* Skip APE check if a role is Container.
* Skip APE check if a role is IR and methods are get-like.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
2024-03-12 16:15:20 +03:00
d433b49265
[ #973 ] node: Resolve perfsprint linter
...
DCO action / DCO (pull_request) Successful in 2m40s
Vulncheck / Vulncheck (pull_request) Successful in 3m41s
Build / Build Components (1.20) (pull_request) Successful in 4m27s
Build / Build Components (1.21) (pull_request) Successful in 5m6s
Tests and linters / Staticcheck (pull_request) Successful in 6m16s
Tests and linters / gopls check (pull_request) Successful in 6m23s
Tests and linters / Lint (pull_request) Successful in 6m48s
Tests and linters / Tests (1.20) (pull_request) Successful in 9m4s
Tests and linters / Tests with -race (pull_request) Successful in 9m9s
Tests and linters / Tests (1.21) (pull_request) Successful in 9m23s
`fmt.Errorf can be replaced with errors.New` and `fmt.Sprintf can be replaced with string addition`
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2024-03-11 17:55:50 +03:00
d6534fd755
[ #1016 ] frostfs-node: Fix gopls issues
...
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2024-03-01 12:13:43 +03:00
7cc368e188
[ #986 ] object: Introduce soft ape checks
...
* Soft APE check means that APE should allow request even
it gets status NoRuleFound for a request. Otherwise,
it is interpreted as Deny.
* Soft APE check is performed if basic ACL mask is not set.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
2024-02-28 19:05:57 +00:00
dad56d2e98
Revert "[ #972 ] Use min/max builtins"
...
This reverts commit 89784b2e0a
.
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2024-02-19 15:36:01 +00:00
89784b2e0a
[ #972 ] Use min/max builtins
...
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2024-02-19 13:13:09 +00:00
2680192ba0
[ #988 ] objectSvc: Fix SetMarshalData
for PutSingle
...
DCO action / DCO (pull_request) Successful in 5m10s
Vulncheck / Vulncheck (pull_request) Successful in 5m24s
Build / Build Components (1.21) (pull_request) Successful in 7m40s
Build / Build Components (1.20) (pull_request) Successful in 7m50s
Tests and linters / Staticcheck (pull_request) Successful in 7m52s
Tests and linters / Lint (pull_request) Successful in 9m8s
Tests and linters / Tests with -race (pull_request) Successful in 10m54s
Tests and linters / Tests (1.20) (pull_request) Successful in 11m12s
Tests and linters / Tests (1.21) (pull_request) Successful in 11m7s
After api-go update it is required to pass marshal data
to `SetMarshalData`.
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2024-02-15 17:21:08 +03:00
a5446bc17d
[ #952 ] object: Pass namespace within context in ACL service
...
DCO action / DCO (pull_request) Successful in 6m23s
Vulncheck / Vulncheck (pull_request) Successful in 7m3s
Build / Build Components (1.21) (pull_request) Successful in 8m21s
Build / Build Components (1.20) (pull_request) Successful in 8m31s
Tests and linters / Staticcheck (pull_request) Successful in 11m1s
Tests and linters / Lint (pull_request) Successful in 11m26s
Tests and linters / Tests (1.20) (pull_request) Successful in 12m51s
Tests and linters / Tests (1.21) (pull_request) Successful in 13m14s
Tests and linters / Tests with -race (pull_request) Successful in 13m31s
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
2024-02-02 14:48:11 +03:00
5be2af881a
[ #934 ] container: Make container APE middleware read namespaces
...
* Those methods that can access already existing containers and thus
can get container properties should read namespace from Zone
property. If Zone is not set, take a namespace for root.
* Otherwise, define namespaces by owner ID via frostfs-id contract.
* Improve unit-tests, consider more cases.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
2024-02-01 17:38:24 +00:00
6e2cc32768
[ #681 ] objsvc: Validate session token owner for local sessions
...
Previously, the check was in place only when session token was missing.
Format validator checks are applied only to fully-prepared object, so
this lead to the following situation:
1. Object is put locally with malformed token, because there are no
checks.
2. Object cannot be replicated, because the token is malformed.
This is now fixed and token check is done before any payload receival.
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2024-01-26 08:52:29 +00:00
b6fc3321c5
[ #876 ] Fix linters
...
Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com>
2024-01-25 20:26:13 +03:00
f2f3294fc3
[ #919 ] ape: Improve error messages in ape service
...
* Wrap all APE middleware errors in apeErr that
makes errors more explicit with status AccessDenied.
* Use denyingRuleErr for denying status from chain router.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
2024-01-23 08:11:24 +00:00
96b020626f
[ #915 ] ape: Fix method name in getStreamBasicChecker
...
DCO action / DCO (pull_request) Successful in 2m2s
Build / Build Components (1.21) (pull_request) Successful in 2m17s
Build / Build Components (1.20) (pull_request) Successful in 3m2s
Vulncheck / Vulncheck (pull_request) Successful in 2m39s
Tests and linters / Tests (1.21) (pull_request) Successful in 5m54s
Tests and linters / Staticcheck (pull_request) Successful in 5m49s
Tests and linters / Tests (1.20) (pull_request) Successful in 6m11s
Tests and linters / Lint (pull_request) Successful in 6m44s
Tests and linters / Tests with -race (pull_request) Successful in 6m32s
* Replace incorrect MethodGetContainer by MethodGetObject constant.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
2024-01-16 23:52:37 +03:00
c8baf76fae
[ #872 ] object: Introduce APE middlewar for object service
...
DCO action / DCO (pull_request) Successful in 2m4s
Vulncheck / Vulncheck (pull_request) Successful in 3m12s
Build / Build Components (1.21) (pull_request) Successful in 4m1s
Build / Build Components (1.20) (pull_request) Successful in 4m13s
Tests and linters / Staticcheck (pull_request) Successful in 4m3s
Tests and linters / Lint (pull_request) Successful in 8m7s
Tests and linters / Tests (1.20) (pull_request) Successful in 8m14s
Tests and linters / Tests (1.21) (pull_request) Successful in 8m18s
Tests and linters / Tests with -race (pull_request) Successful in 8m24s
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
2024-01-12 18:41:35 +03:00
52ffa9f164
[ #891 ] getSvc: Refactor Get service V2 creation
...
DCO action / DCO (pull_request) Successful in 2m46s
Vulncheck / Vulncheck (pull_request) Successful in 2m53s
Build / Build Components (1.20) (pull_request) Successful in 4m31s
Build / Build Components (1.21) (pull_request) Successful in 4m26s
Tests and linters / Lint (pull_request) Successful in 6m9s
Tests and linters / Staticcheck (pull_request) Successful in 6m7s
Tests and linters / Tests (1.20) (pull_request) Successful in 8m27s
Tests and linters / Tests (1.21) (pull_request) Successful in 9m4s
Tests and linters / Tests with -race (pull_request) Successful in 9m48s
Use arguments for mandatory fields.
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2024-01-12 13:35:38 +03:00
394f086fe2
[ #891 ] getSvc: Fix get range hash implementation
...
Get range can perform GET request, so this request must be done
from container node to not to get access denied error.
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2024-01-12 13:35:38 +03:00
f1b2b8bffa
[ #895 ] test: Fix NewLogger arguments list
...
`debug` is always true.
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2024-01-11 12:32:09 +00:00
b118734909
[ #890 ] getsvc: Log node PK
...
DCO action / DCO (pull_request) Successful in 13m55s
Vulncheck / Vulncheck (pull_request) Successful in 16m51s
Build / Build Components (1.20) (pull_request) Successful in 17m52s
Build / Build Components (1.21) (pull_request) Successful in 18m9s
Tests and linters / Tests (1.20) (pull_request) Failing after 24m34s
Tests and linters / Tests (1.21) (pull_request) Failing after 25m56s
Tests and linters / Staticcheck (pull_request) Successful in 26m46s
Tests and linters / Lint (pull_request) Successful in 28m6s
Tests and linters / Tests with -race (pull_request) Failing after 33m35s
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-12-29 14:24:13 +03:00
bdd43f6211
[ #869 ] object: Pass just CID to chain router
...
* Do not convert CID from request to native-schema resource
format - this step is unneccessary for APE.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
2023-12-14 11:01:20 +00:00
0f45e3d344
[ #804 ] ape: Implement boltdb storage for local overrides
...
DCO action / DCO (pull_request) Successful in 2m10s
Vulncheck / Vulncheck (pull_request) Successful in 3m26s
Build / Build Components (1.20) (pull_request) Successful in 5m41s
Build / Build Components (1.21) (pull_request) Successful in 5m44s
Tests and linters / Staticcheck (pull_request) Successful in 7m10s
Tests and linters / Lint (pull_request) Successful in 8m14s
Tests and linters / Tests (1.21) (pull_request) Successful in 14m24s
Tests and linters / Tests (1.20) (pull_request) Successful in 14m41s
Tests and linters / Tests with -race (pull_request) Successful in 14m38s
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
2023-12-07 19:08:41 +03:00
e361e017f3
[ #842 ] control: Pass target instead resource name
...
* Update policy-engine package version in go.mod, go.sum.
* Refactor CheckIfRequestPermitted: pass container target
instead container ID.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
2023-12-07 14:21:55 +00:00
c516c7c5f4
[ #821 ] node: Pass user.ID by value
...
DCO action / DCO (pull_request) Successful in 3m45s
Build / Build Components (1.21) (pull_request) Successful in 5m18s
Build / Build Components (1.20) (pull_request) Successful in 5m28s
Tests and linters / Tests (1.20) (pull_request) Successful in 7m30s
Tests and linters / Tests (1.21) (pull_request) Successful in 7m42s
Tests and linters / Lint (pull_request) Successful in 8m25s
Vulncheck / Vulncheck (pull_request) Successful in 9m22s
Tests and linters / Staticcheck (pull_request) Successful in 10m57s
Tests and linters / Tests with -race (pull_request) Successful in 16m53s
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-11-23 10:21:07 +03:00
4d5be5ccb5
[ #811 ] ape: Update policy-engine module version and rebase
...
DCO action / DCO (pull_request) Successful in 4m23s
Vulncheck / Vulncheck (pull_request) Successful in 5m31s
Build / Build Components (1.21) (pull_request) Successful in 7m33s
Build / Build Components (1.20) (pull_request) Successful in 7m40s
Tests and linters / Staticcheck (pull_request) Successful in 8m22s
Tests and linters / Lint (pull_request) Successful in 9m23s
Tests and linters / Tests with -race (pull_request) Successful in 11m20s
Tests and linters / Tests (1.21) (pull_request) Successful in 11m32s
Tests and linters / Tests (1.20) (pull_request) Successful in 11m41s
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
2023-11-16 11:31:37 +03:00
9133b4389e
[ #788 ] objectsvc: Fix formatting (gofumpt)
...
DCO action / DCO (pull_request) Successful in 3m19s
Vulncheck / Vulncheck (pull_request) Successful in 3m40s
Build / Build Components (1.21) (pull_request) Successful in 4m17s
Build / Build Components (1.20) (pull_request) Successful in 4m32s
Tests and linters / Staticcheck (pull_request) Successful in 4m46s
Tests and linters / Tests (1.21) (pull_request) Successful in 5m9s
Tests and linters / Lint (pull_request) Successful in 5m28s
Tests and linters / Tests (1.20) (pull_request) Successful in 5m24s
Tests and linters / Tests with -race (pull_request) Successful in 7m38s
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-11-09 10:27:32 +03:00
3534d6d05b
[ #794 ] objectsvc: Return accidentally removed acl checks for Head
...
DCO action / DCO (pull_request) Successful in 1m42s
Vulncheck / Vulncheck (pull_request) Successful in 3m23s
Build / Build Components (1.21) (pull_request) Successful in 4m22s
Build / Build Components (1.20) (pull_request) Successful in 5m44s
Tests and linters / Staticcheck (pull_request) Successful in 6m3s
Tests and linters / Lint (pull_request) Successful in 6m35s
Tests and linters / Tests (1.20) (pull_request) Successful in 8m32s
Tests and linters / Tests with -race (pull_request) Successful in 8m47s
Tests and linters / Tests (1.21) (pull_request) Successful in 8m54s
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
2023-11-08 17:13:58 +03:00
66848d3288
[ #770 ] cli: Add methods to work with APE rules via control svc
...
* Add methods to frostfs-cli
* Implement rpc in control service
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
2023-11-08 13:34:03 +00:00
8e11ef46b8
[ #770 ] object: Introduce ape chain checker for object svc
...
* Introduce Request type converted from RequestInfo type
to implement policy-engine's Request interface
* Implement basic ape checker to check if a request is
permitted to be performed
* Make put handlers use APE checker instead EACL
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
2023-11-08 13:34:03 +00:00
74c91eeef5
[ #777 ] client: Refactor PrmContainerList, PrmObjectSearch usage
...
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
2023-11-06 06:50:11 +00:00
20d6132f31
[ #531 ] signSvc: Add SetMarshaledData method call
...
Vulncheck / Vulncheck (pull_request) Successful in 1m25s
DCO action / DCO (pull_request) Successful in 1m36s
Build / Build Components (1.21) (pull_request) Successful in 2m40s
Build / Build Components (1.20) (pull_request) Successful in 3m2s
Tests and linters / Tests (1.21) (pull_request) Successful in 5m41s
Tests and linters / Staticcheck (pull_request) Successful in 5m32s
Tests and linters / Lint (pull_request) Successful in 5m59s
Tests and linters / Tests (1.20) (pull_request) Successful in 6m3s
Tests and linters / Tests with -race (pull_request) Successful in 6m6s
To reduce memory allocations add `SetMarshaledData` method call
to return already marshalled data in next `StableMarshal` calls.
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-11-02 17:34:33 +03:00
79088baa06
[ #772 ] node: Apply gofumpt
...
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-10-31 17:03:03 +03:00
58b6224dd8
[ #747 ] client: Refactor PrmObjectPutInit usage
...
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
2023-10-20 11:55:40 +00:00
12b7cf2533
[ #747 ] client: Refactor PrmObjectPutSingle usage
...
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
2023-10-20 11:55:40 +00:00
c1e4130020
[ #146 ] node: Add trace_id to logs
...
Vulncheck / Vulncheck (pull_request) Successful in 3m7s
DCO action / DCO (pull_request) Successful in 3m36s
Build / Build Components (1.21) (pull_request) Successful in 3m29s
Build / Build Components (1.20) (pull_request) Successful in 3m37s
Tests and linters / Staticcheck (pull_request) Successful in 4m39s
Tests and linters / Lint (pull_request) Successful in 5m2s
Tests and linters / Tests (1.21) (pull_request) Successful in 6m27s
Tests and linters / Tests with -race (pull_request) Successful in 6m29s
Tests and linters / Tests (1.20) (pull_request) Successful in 9m19s
Signed-off-by: Alexander Chuprov <a.chuprov@yadro.com>
2023-09-27 11:05:27 +03:00
aeeb8193d2
[ #676 ] node: Fix header source creation when checking eacl
...
DCO action / DCO (pull_request) Successful in 2m55s
Build / Build Components (1.20) (pull_request) Successful in 4m53s
Vulncheck / Vulncheck (pull_request) Successful in 4m36s
Tests and linters / Staticcheck (pull_request) Successful in 6m35s
Tests and linters / Tests (1.21) (pull_request) Successful in 7m7s
Tests and linters / Tests (1.20) (pull_request) Successful in 7m47s
Tests and linters / Tests with -race (pull_request) Failing after 10m7s
Build / Build Components (1.21) (pull_request) Successful in 11m3s
Tests and linters / Lint (pull_request) Successful in 17m34s
Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com>
2023-09-06 17:06:54 +03:00
806cc13d9f
[ #658 ] client: Refactor PrmObjectGet/Head/Range usage
...
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
2023-08-30 17:13:23 +00:00
55b82e744b
[ #529 ] objectcore: Use common sender classifier
...
DCO action / DCO (pull_request) Successful in 2m19s
Vulncheck / Vulncheck (pull_request) Successful in 3m5s
Build / Build Components (1.21) (pull_request) Successful in 4m8s
Build / Build Components (1.20) (pull_request) Successful in 4m24s
Tests and linters / Tests (1.20) (pull_request) Successful in 4m57s
Tests and linters / Staticcheck (pull_request) Successful in 4m43s
Tests and linters / Tests (1.21) (pull_request) Successful in 5m2s
Tests and linters / Lint (pull_request) Successful in 5m21s
Tests and linters / Tests with -race (pull_request) Successful in 6m17s
Use common sender classifier for ACL service and format validator.
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-29 10:33:06 +03:00
ae81d6660a
[ #529 ] objectcore: Fix object content validation
...
There are old objects where the owner of the object
may not match the one who issued the token.
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-29 10:33:06 +03:00
f8ba60aa0c
[ #648 ] objsvc/delete: Handle errors in Go style
...
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2023-08-25 09:45:35 +00:00
d2084ece41
[ #648 ] objsvc/delete: Remove redundant logs
...
We never propagate delete requests to the container node, because
tombstone broadcast is done via PUT. No need to pollute logs.
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2023-08-25 09:45:35 +00:00
40b556fc19
[ #647 ] objsvc/search: Improve testing coverage
...
DCO action / DCO (pull_request) Successful in 1m32s
Build / Build Components (1.20) (pull_request) Successful in 3m54s
Tests and linters / Staticcheck (pull_request) Successful in 3m44s
Tests and linters / Tests (1.21) (pull_request) Successful in 4m18s
Tests and linters / Tests (1.20) (pull_request) Successful in 4m35s
Tests and linters / Lint (pull_request) Successful in 4m42s
Vulncheck / Vulncheck (pull_request) Successful in 5m11s
Tests and linters / Tests with -race (pull_request) Successful in 6m23s
Build / Build Components (1.21) (pull_request) Successful in 8m38s
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2023-08-25 10:40:01 +03:00
4db2cbc927
[ #647 ] objsvc/search: Wrap in uniqueIDWriter during parameter setting
...
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2023-08-25 10:40:01 +03:00
966ad22abf
[ #647 ] objsvc/search: Simplify error handling
...
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2023-08-25 10:40:01 +03:00
56f841b022
[ #647 ] objsvc/search: Remove TraverserGenerator wrapper
...
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2023-08-25 10:40:01 +03:00
ba58144de1
[ #647 ] objsvc/search: Remove netmap.Source wrapper
...
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2023-08-25 10:40:01 +03:00
c9e3c9956e
[ #643 ] objsvc/put: Unify extraBroadcastEnabled usage
...
DCO action / DCO (pull_request) Successful in 1m26s
Vulncheck / Vulncheck (pull_request) Successful in 2m44s
Build / Build Components (1.20) (pull_request) Successful in 3m26s
Tests and linters / Staticcheck (pull_request) Successful in 3m51s
Tests and linters / Tests (1.20) (pull_request) Successful in 5m4s
Tests and linters / Tests (1.21) (pull_request) Successful in 5m46s
Tests and linters / Tests with -race (pull_request) Successful in 6m23s
Build / Build Components (1.21) (pull_request) Successful in 13m1s
Tests and linters / Lint (pull_request) Successful in 19m46s
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2023-08-24 11:03:17 +03:00
facd3b2c4b
[ #643 ] objsvc/put: Unify placement iterators
...
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2023-08-24 11:03:17 +03:00
3fcf56f2fb
[ #643 ] objsvc/put: Copy config to distributedTarget
...
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2023-08-24 11:03:17 +03:00
96e690883f
[ #638 ] Unify test loggers
...
In some places we have debug=false, in others debug=true.
Let's be consistent.
Semantic patch:
```
@@
@@
-test.NewLogger(..., false)
+test.NewLogger(..., true)
```
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2023-08-23 11:21:05 +00:00
5a51b78946
[ #620 ] object: Send status response for server-side streams
...
Previously status responses were wrapped in the gRPC error and thus
couldn't be correctly handled on client.
Introduced in c2617baf63
, thanks @ale64bit for having found.
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2023-08-17 12:52:38 +00:00
21800e9fcc
[ #162 ] core: Move literals to constants
...
Signed-off-by: Alexander Chuprov <a.chuprov@yadro.com>
2023-08-11 15:48:42 +03:00
5b7e4a51b7
[ #481 ] Update frostfs-sdk-go and error pointer receivers
...
Signed-off-by: Alejandro Lopez <a.lopez@yadro.com>
2023-08-09 10:26:53 +00:00
8d589314b5
[ #560 ] node: Fix Put
in multi REP with intersecting sets of nodes
...
Once the node was processed it skipped, at the step of forming
result in case when all nodes skipped, because processed for
previous REP, service mark the whole request as incomplete.
Example of policies which are unblocked:
- REP 1 REP 1 CBF 1
- REP 4 IN X REP 4 IN Y
CBF 4
SELECT 2 FROM FX AS X SELECT 2 FROM FY AS Y
FILTER Country EQ Russia OR Country EQ Sweden OR Country EQ Finland AS FY
FILTER Price GE 0 AS FX
Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com>
2023-08-08 10:22:53 +00:00