ape: Extend resource properties when check tree requests #1701
Labels
No labels
P0
P1
P2
P3
badger
frostfs-adm
frostfs-cli
frostfs-ir
frostfs-lens
frostfs-node
good first issue
triage
Infrastructure
blocked
bug
config
discussion
documentation
duplicate
enhancement
go
help wanted
internal
invalid
kludge
observability
perfomance
question
refactoring
wontfix
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference: TrueCloudLab/frostfs-node#1701
Loading…
Add table
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Is your feature request related to a problem? Please describe.
Sometimes we want to distinguish requests (container/object/tree) in APE rules to be able to restrict only tree requests.
Currently it's not possible because tree read/write operations matched to Object.Get/Object.Put operations and are not specific.
Describe the solution you'd like
Add new system resource property
"$Service:tree": <tid>
when form APE request to check tree operation.3bd4ac7f1a
Describe alternatives you've considered
Maybe there are some other options.
Additional context
This allows simplify forming native APE rules base on s3 actions
af21699dd8
$Tree:ID
property key in native schema #101