Static object session with search verb allows to search all objects in container #155

Merged

fyrchik merged 2 commits from dstepanov-yadro/frostfs-node:bugfix/object-1982_session_token_search into master 2023-03-22 07:21:10 +00:00

Conversation 1 Commits 2 Files changed 2 +145

dstepanov-yadro commented 2023-03-21 12:47:35 +00:00

Member

Copy link

Description

Have 3 objects in container (oid1, oid2, oid3)
Create static session with search verb for 2 objects in container
Sign token
Using signed token as static session make search request

Expected Behavior

Search should return only objects allowed in static session: oid1 and oid2

Current Behavior

Search returns all objects in container: oid1, oid2, oid3
Which makes user with limited rights to scan whole container.

Autotest

testsuites.session_token.test_object_session_token#test_static_session_search

### Description Have 3 objects in container (oid1, oid2, oid3) Create static session with search verb for 2 objects in container Sign token Using signed token as static session make search request ### Expected Behavior Search should return only objects allowed in static session: oid1 and oid2 ### Current Behavior Search returns all objects in container: oid1, oid2, oid3 Which makes user with limited rights to scan whole container. ### Autotest testsuites.session_token.test_object_session_token#test_static_session_search

dstepanov-yadro force-pushed bugfix/object-1982_session_token_search from 62138af1b8 to cb0ffa6b6c 2023-03-21 12:49:06 +00:00 Compare

dstepanov-yadro commented 2023-03-21 12:49:48 +00:00

Author

Member

Copy link

Autotests

Autotests 

image.png

81 KiB

dstepanov-yadro referenced this pull request from TrueCloudLab/frostfs-testcases 2023-03-21 13:17:15 +00:00

Fix test_static_session_search: lists should be compared sorted #25

dstepanov-yadro force-pushed bugfix/object-1982_session_token_search from cb0ffa6b6c to 5f9a0f99b9 2023-03-21 13:29:14 +00:00 Compare

dstepanov-yadro force-pushed bugfix/object-1982_session_token_search from 5f9a0f99b9 to 97b9d165e6 2023-03-21 13:31:04 +00:00 Compare

dstepanov-yadro requested review from storage-core-committers 2023-03-21 13:31:17 +00:00

dstepanov-yadro requested review from storage-core-developers 2023-03-21 13:31:17 +00:00

fyrchik approved these changes 2023-03-21 14:47:22 +00:00

carpawell approved these changes 2023-03-21 19:17:06 +00:00

carpawell left a comment

Contributor

Copy link

@fyrchik, was that approved? See no discussion: https://github.com/nspcc-dev/neofs-node/issues/2030#issuecomment-1311467898

@fyrchik, was that approved? See no discussion: https://github.com/nspcc-dev/neofs-node/issues/2030#issuecomment-1311467898

acid-ant approved these changes 2023-03-22 06:53:54 +00:00

fyrchik merged commit 49234b915e into master 2023-03-22 07:21:10 +00:00

fyrchik referenced this pull request from a commit 2023-03-22 07:21:10 +00:00

[#155] search-service: Add search with ST test

fyrchik referenced this pull request from a commit 2023-03-22 07:21:10 +00:00

[#155] search-service: Fix search with ST

dstepanov-yadro referenced this pull request from TrueCloudLab/frostfs-testcases 2023-03-22 08:06:08 +00:00

Fix test_static_session_search: lists should be compared sorted #25

Sign in to join this conversation.

Reviewers

No reviewers

fyrchik

carpawell

acid-ant

TrueCloudLab/storage-core-developers

Labels

Clear labels   

P0

Highest

  

P1

High

  

P2

Medium

  

P3

Low

  

badger

Badger DB related issues

  

frostfs-adm

  

frostfs-cli

  

frostfs-ir

  

frostfs-lens

  

frostfs-node

  

good first issue

Good for newcomers

  

triage

  

Infrastructure

Infrastructure, Automation, CI/CD or DevOps related stuff

  

blocked

The issue or PR is blocked by something

  

bug

Something is not working

  

config

Configuration format update or breaking change

  

discussion

Talking about something in order to reach a decision or to exchange ideas

  

documentation

Documentation related

  

duplicate

This issue or pull request already exists

  

enhancement

New feature

  

go

Language features adoption

  

help wanted

Extra attention is needed

  

internal

  

invalid

Something is wrong

  

kludge

This is a kludge and we know it

  

observability

Related to metrics, tracing and logs

  

perfomance

Perfomance related

  

question

More information is needed

  

refactoring

Refactoring

  

wontfix

This won't be fixed

No labels

P0

P1

P2

P3

badger

frostfs-adm

frostfs-cli

frostfs-ir

frostfs-lens

frostfs-node

good first issue

triage

Infrastructure

blocked

bug

config

discussion

documentation

duplicate

enhancement

go

help wanted

internal

invalid

kludge

observability

perfomance

question

refactoring

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

4 participants

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: TrueCloudLab/frostfs-node#155

No description provided.