TrueCloudLab/frostfs-node

Author	SHA1	Message	Date
Leonard Lyubich	9148980bd0	[#193 ] services/object: Support client options in all Object services Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>	2020-11-24 15:34:30 +03:00
Alex Vanin	cf1ea983e5	[#203 ] Do not fail eACL check on EACLNotFound error Now morph library returns error if there is not eACL in sidechain storage. However in this case eACL check should be passed since it is the same as having empty eACL table. Signed-off-by: Alex Vanin <alexey@nspcc.ru>	2020-11-24 15:32:26 +03:00
Leonard Lyubich	46dab77705	[#195 ] services/object: Write debug log messages on worker pool errors Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>	2020-11-24 13:38:06 +03:00
Leonard Lyubich	fa6e4a3ca4	[#195 ] services/object: Write debug log messages on internal service errors Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>	2020-11-24 13:38:06 +03:00
Leonard Lyubich	6a5c37d592	[#195 ] object/search: Add option to set logger Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>	2020-11-24 13:38:06 +03:00
Leonard Lyubich	cb46e4b154	[#195 ] object/rangehash: Add option to set logger Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>	2020-11-24 13:38:06 +03:00
Leonard Lyubich	af6484e3b1	[#195 ] object/range: Add option to set logger Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>	2020-11-24 13:38:06 +03:00
Leonard Lyubich	cf2dc37a42	[#195 ] object/put: Add option to set logger Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>	2020-11-24 13:38:06 +03:00
Leonard Lyubich	9fbfc0b5e4	[#195 ] object/head: Add option to set logger Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>	2020-11-24 13:38:06 +03:00
Leonard Lyubich	e1e5a590e9	[#195 ] object/delete: Add option to set logger Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>	2020-11-24 13:38:06 +03:00
Alex Vanin	dbf6c9efef	[#190 ] Use request sender owner in sticky bit check Sticky bit checks if object owner and request owner are the same. Container owner should not used in this check. Signed-off-by: Alex Vanin <alexey@nspcc.ru>	2020-11-19 19:07:16 +03:00
Alex Vanin	2148e282ec	[#190 ] Rename owner to cnrOwner in object request info `owner` field may be misused as request sender owner, however it is a owner of a container for that request. New naming should be clear. Signed-off-by: Alex Vanin <alexey@nspcc.ru>	2020-11-19 19:07:16 +03:00
Alex Vanin	f0537b35c1	[#190 ] Add isOwnerFromKey helper function in ACL This function takes public key and returns true if owner id was produced by this key. Signed-off-by: Alex Vanin <alexey@nspcc.ru>	2020-11-19 19:07:16 +03:00
Alex Vanin	cf85fa9fab	[#180 ] Return isInnerRing flag in request classifier Signed-off-by: Alex Vanin <alexey@nspcc.ru>	2020-11-19 15:17:18 +03:00
Alex Vanin	6f841e319d	[#180 ] Make separate basic ACL check for inner ring requests Signed-off-by: Alex Vanin <alexey@nspcc.ru>	2020-11-19 15:17:18 +03:00
Alex Vanin	e8fe07edd0	[#184 ] Use SDK client cache in object.Rangehash Signed-off-by: Alex Vanin <alexey@nspcc.ru>	2020-11-18 18:18:07 +03:00
Alex Vanin	f85e88c4f8	[#184 ] Use SDK client cache in object.Range Signed-off-by: Alex Vanin <alexey@nspcc.ru>	2020-11-18 18:18:07 +03:00
Alex Vanin	d485a5967d	[#184 ] Use SDK client cache in object.Search Signed-off-by: Alex Vanin <alexey@nspcc.ru>	2020-11-18 18:18:07 +03:00
Alex Vanin	7ba95dd5fc	[#184 ] Use SDK client cache in object.Put Signed-off-by: Alex Vanin <alexey@nspcc.ru>	2020-11-18 18:18:07 +03:00
Alex Vanin	e9a6365333	[#184 ] Use SDK client cache in object.Head Signed-off-by: Alex Vanin <alexey@nspcc.ru>	2020-11-18 18:18:07 +03:00
Leonard Lyubich	1caf15463e	[#174 ] Update to neofs-api-go v1.20.0 Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>	2020-11-17 11:56:00 +03:00
Leonard Lyubich	3de8febe57	[#174 ] Update to latest neofs-api-go changes Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>	2020-11-17 11:56:00 +03:00
Alex Vanin	32219bb294	[#160 ] Remove query match function This function duplicates query processing that is done in meta-storage now. Signed-off-by: Alex Vanin <alexey@nspcc.ru>	2020-11-16 10:02:12 +03:00
Leonard Lyubich	3c42f5b452	[#161 ] object/head: Inherit common parameters in HeadRelation Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>	2020-11-09 17:19:34 +03:00
Leonard Lyubich	d38633e047	[#161 ] object/delete: Add address from request body to tombstone content Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>	2020-11-09 15:53:58 +03:00
Leonard Lyubich	5ad013c10b	[#149 ] object/search: Return fixed error if relation not found Define ErrRelationNotFound error in searchsvc package. Return ErrRelationNotFound from RelationSearcher.SearchRelation method if search result is empty. Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>	2020-11-06 14:01:01 +03:00
Alex Vanin	65be09d3db	[#155 ] Update neofs-api-go with refactored pkg/netmap Refactored pkg/netmap package provides JSON converters for NodeInfo and PlacementPolicy structures, that has been used by client applications. It also updates Node structure itself so it is a part of grpc <-> v2 <-> pkg conversion chain. Signed-off-by: Alex Vanin <alexey@nspcc.ru>	2020-11-06 09:55:05 +03:00
Leonard Lyubich	c0aa892161	[#136 ] localstorage: Make local storage to use new metabase Replace meta Bucket with meta.DB instance in local storage implementation. Adopt all dependent components to new local storage. Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>	2020-11-03 18:42:32 +03:00
Leonard Lyubich	b48a4ede02	[#125 ] services/eacl: Use latest object header keys Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>	2020-10-29 19:25:54 +03:00
Leonard Lyubich	8d931b81a6	[#125 ] object/search: Use latest search filter keys Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>	2020-10-29 19:25:54 +03:00
Leonard Lyubich	f34ad9e730	[#125 ] services/eacl: Fix undefined method usage Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>	2020-10-29 19:25:54 +03:00
Leonard Lyubich	53efa18e14	[#109 ] object/put: Implement remote object sender Define RemoteSender structure with PutObject method that puts object to a remote node locally. Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>	2020-10-23 15:23:22 +03:00
Leonard Lyubich	968033deed	[#40 ] object/put: Assign zero return of MaxObjectSize invalid Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>	2020-10-23 14:03:25 +03:00
Leonard Lyubich	0341773318	[#83 ] services: Implement response sub-service for each service Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>	2020-10-23 10:54:48 +03:00
Leonard Lyubich	71a06f9e01	[#83 ] services/util: Define type of response message interface Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>	2020-10-23 10:54:48 +03:00
Alex Vanin	7464254680	[#106 ] Put simplest bearer token check first Signed-off-by: Alex Vanin <alexey@nspcc.ru>	2020-10-22 18:02:11 +03:00
Alex Vanin	23ec33e821	[#106 ] Check bearer token lifetime Signed-off-by: Alex Vanin <alexey@nspcc.ru>	2020-10-22 18:02:11 +03:00
Alex Vanin	bb455af05f	[#106 ] Ignore bearer token if basic ACL restrict it There is a bit to allow or deny bearer token check for each object service method. If this bit is not set then ignore bearer token and use extended ACL table from sidechain. Signed-off-by: Alex Vanin <alexey@nspcc.ru>	2020-10-22 18:02:11 +03:00
Alex Vanin	89cd2ad463	[#106 ] Process bearer token in ACL service If bearer token is presented in the request then check if it is a valid one and then use it to process extended ACL checks. Signed-off-by: Alex Vanin <alexey@nspcc.ru>	2020-10-22 18:02:11 +03:00
Alex Vanin	094248690b	[#115 ] Make ACL classifier errors transparent for client Signed-off-by: Alex Vanin <alexey@nspcc.ru>	2020-10-22 11:55:28 +03:00
Alex Vanin	ca552f53c6	[#115 ] Check session token validity Malicious user can stole public session key and use it by sending request from it's own scope. To prevent this each session token is signed and signature private key must be corresponded with owner id in token. Therefore malicious node cannot impersonate request without private key to sign token. Signed-off-by: Alex Vanin <alexey@nspcc.ru>	2020-10-22 11:55:28 +03:00
Leonard Lyubich	16a5107ef1	[#60 ] object/put: Provide network State interface to formatter Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>	2020-10-22 11:54:08 +03:00
Leonard Lyubich	4a56f82571	[#60 ] object/transformer: Group parameters of NewFormatTarget func Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>	2020-10-22 11:54:08 +03:00
Leonard Lyubich	2541ed4b8f	[#88 ] object/eacl: Use String() methods to calculate ID values Replace hex encoding of IDs with String() call (base58) in eACL processing. Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>	2020-10-21 18:53:04 +03:00
Leonard Lyubich	5318abcf38	[#88 ] object/search: Use String() methods to calculate ID values Replace hex encoding of IDs with String() call (base58) in search query processing. Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>	2020-10-21 18:53:04 +03:00
Leonard Lyubich	5017ff0e4a	[#108 ] object/head: Export remote header retrieval utility Export remote head functionality in headsvc package. Refactor head service to use RemoteHeader. Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>	2020-10-21 14:42:51 +03:00
Leonard Lyubich	5ad0df7794	[#108 ] object/head: Return 404 error if header was not found Define ErrNotFound error in headsvc package. Return ErrNotFound from Head method if the header was not found in the container. Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>	2020-10-21 14:42:51 +03:00
Alex Vanin	ae0dd9e051	[#106 ] Pass bearer token through generated requests Signed-off-by: Alex Vanin <alexey@nspcc.ru>	2020-10-20 18:05:29 +03:00
Alex Vanin	719075ca97	[#99 ] Fix no-root search matcher Wrong boolean operation order made matcher return false on `non-root` search query with non-regular objects. Instead it should return true for `non-root` query and false for `root` query. Signed-off-by: Alex Vanin <alexey@nspcc.ru>	2020-10-16 13:45:35 +03:00
Alex Vanin	1332a6d3a8	[#92 ] Provide session token to all produced requests If object service produces new request, the should contain session token. This is the only way for node to grant access for a private container. Signed-off-by: Alex Vanin <alexey@nspcc.ru>	2020-10-15 10:20:10 +03:00

1 2 3

130 commits