TrueCloudLab/frostfs-node

Fork 27

Commit graph

Author	SHA1	Message	Date
Alex Vanin	cd34145969	[#73 ] Use request owner public key in eACL check Classifier fetches public key of the request owner and owner itself. Extended ACL check should rely on this public key, because it might be extracted from session token. Signed-off-by: Alex Vanin <alexey@nspcc.ru>	2020-10-05 18:02:37 +03:00
Alex Vanin	5045b0c3d4	[#32 ] Add request sender classifier ACL has to classify request senders by roles: - owner of the container, - request from container or inner ring node, - any other request. According to this roles ACL checker use different bits of basic ACL to grant or deny access. Signed-off-by: Alex Vanin <alexey@nspcc.ru>	2020-10-02 11:25:36 +03:00
Alex Vanin	ab565b1862	[#32 ] Add basis of basic ACL check service Signed-off-by: Alex Vanin <alexey@nspcc.ru>	2020-10-02 11:25:36 +03:00

Author

SHA1

Message

Date

Alex Vanin

cd34145969

[#73 ] Use request owner public key in eACL check

Classifier fetches public key of the request owner
and owner itself. Extended ACL check should rely on
this public key, because it might be extracted from
session token.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>

2020-10-05 18:02:37 +03:00

Alex Vanin

5045b0c3d4

[#32 ] Add request sender classifier

ACL has to classify request senders by roles:
- owner of the container,
- request from container or inner ring node,
- any other request.

According to this roles ACL checker use different
bits of basic ACL to grant or deny access.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>

2020-10-02 11:25:36 +03:00

Alex Vanin

ab565b1862

[#32 ] Add basis of basic ACL check service

Signed-off-by: Alex Vanin <alexey@nspcc.ru>

2020-10-02 11:25:36 +03:00

3 commits