Static object session with search verb allows to search all objects in container #155

Merged

fyrchik merged 2 commits from dstepanov-yadro/frostfs-node:bugfix/object-1982_session_token_search into master

2023-03-22 07:21:10 +00:00

dstepanov-yadro commented

2023-03-21 12:47:35 +00:00

Collaborator

Description

Have 3 objects in container (oid1, oid2, oid3)
Create static session with search verb for 2 objects in container
Sign token
Using signed token as static session make search request

Expected Behavior

Search should return only objects allowed in static session: oid1 and oid2

Current Behavior

Search returns all objects in container: oid1, oid2, oid3
Which makes user with limited rights to scan whole container.

Autotest

testsuites.session_token.test_object_session_token#test_static_session_search

### Description Have 3 objects in container (oid1, oid2, oid3) Create static session with search verb for 2 objects in container Sign token Using signed token as static session make search request ### Expected Behavior Search should return only objects allowed in static session: oid1 and oid2 ### Current Behavior Search returns all objects in container: oid1, oid2, oid3 Which makes user with limited rights to scan whole container. ### Autotest testsuites.session_token.test_object_session_token#test_static_session_search

dstepanov-yadro force-pushed bugfix/object-1982_session_token_search from 62138af1b8 to cb0ffa6b6c

2023-03-21 12:49:06 +00:00

Compare

dstepanov-yadro commented

2023-03-21 12:49:48 +00:00

Poster

Collaborator

Autotests

Autotests ![image](/attachments/7777d1a8-7524-4dec-8429-cc171ba2bffa)

81 KiB

dstepanov-yadro referenced this pull request from TrueCloudLab/frostfs-testcases

2023-03-21 13:17:15 +00:00

Fix test_static_session_search: lists should be compared sorted #25

dstepanov-yadro force-pushed bugfix/object-1982_session_token_search from cb0ffa6b6c to 5f9a0f99b9

2023-03-21 13:29:14 +00:00

Compare

dstepanov-yadro force-pushed bugfix/object-1982_session_token_search from 5f9a0f99b9 to 97b9d165e6

2023-03-21 13:31:04 +00:00

Compare

dstepanov-yadro requested review from storage-core-committers 2023-03-21 13:31:17 +00:00

dstepanov-yadro requested review from storage-core-developers 2023-03-21 13:31:17 +00:00

fyrchik approved these changes 2023-03-21 14:47:22 +00:00

carpawell approved these changes 2023-03-21 19:17:06 +00:00

carpawell left a comment

Collaborator

@fyrchik, was that approved? See no discussion: https://github.com/nspcc-dev/neofs-node/issues/2030#issuecomment-1311467898

@fyrchik, was that approved? See no discussion: https://github.com/nspcc-dev/neofs-node/issues/2030#issuecomment-1311467898

acid-ant approved these changes 2023-03-22 06:53:54 +00:00

fyrchik merged commit 49234b915e into master

2023-03-22 07:21:10 +00:00

fyrchik referenced this issue from a commit

2023-03-22 07:21:10 +00:00

[#155] search-service: Add search with ST test

fyrchik referenced this issue from a commit

2023-03-22 07:21:10 +00:00

[#155] search-service: Fix search with ST

dstepanov-yadro referenced this pull request from TrueCloudLab/frostfs-testcases

2023-03-22 08:06:08 +00:00

Fix test_static_session_search: lists should be compared sorted #25

Sign in to join this conversation.

No reviewers

TrueCloudLab/storage-core-developers

No Label

good first issue

No Milestone

No Assignees

4 Participants

Notifications

Due Date

The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: TrueCloudLab/frostfs-node#155

There is no content yet.