Object is saved if token issuer and object owner identifiers don't match #681

Closed
opened 2023-09-08 15:48:16 +00:00 by mbiryukova · 2 comments
Member

Object is saved into container with REP 4 policy if token issuer and object owner identifiers don't match.

Expected Behavior

Object should not be saved.

Current Behavior

Object is saved on one node.

Steps to Reproduce

  1. Create container with REP 4 policy.
  2. Try to put object into this container (code example below). You should get an error different token issuer and object owner identifiers.
    payloadReader := bytes.NewBufferString("Hello, World")

	ctx := context.Background()
	w, err := wallet.NewWalletFromFile("<path-to-wallet>")
	if err != nil {
		log.Fatal(err)
	}
	acc := w.Accounts[0]
	acc.Decrypt("", w.Scrypt)

	var prmInit pool.InitParameters
	prmInit.SetKey(&acc.PrivateKey().PrivateKey)
	prmInit.AddNode(pool.NewNodeParam(1, "<node-storage-address>", 1))

	cli, err := pool.NewPool(prmInit)
	if err != nil {
		log.Fatal(err)
	}
	err = cli.Dial(ctx)
	if err != nil {
		log.Fatal(err)
	}

	pk, err := keys.NewPrivateKey()
	if err != nil {
		log.Fatal(err)
	}
	var owner user.ID
	user.IDFromKey(&owner, pk.PrivateKey.PublicKey)

	var cnrID cid.ID
	err = cnrID.DecodeString("<cid>")
	if err != nil {
		log.Fatal(err)
	}
	var putHeader object.Object
	putHeader.SetOwnerID(&owner)
	putHeader.SetContainerID(cnrID)

	var prmObjectPut pool.PrmObjectPut
	prmObjectPut.SetHeader(putHeader)
	prmObjectPut.SetPayload(payloadReader)

	objID, err := cli.PutObject(ctx, prmObjectPut)
	if err != nil {
		log.Fatal(err)
	}
  1. Check list of objects in container with command
frostfs-cli container list-objects --cid <cid> --wallet <path-to-wallet> -r <node-storage-address> --ttl 1

Version

FrostFS Storage node
Version: v0.0.1-881-g054e3ef3 
GoVersion: go1.20.5

Your Environment

4 nodes

Object is saved into container with REP 4 policy if token issuer and object owner identifiers don't match. ## Expected Behavior Object should not be saved. ## Current Behavior Object is saved on one node. ## Steps to Reproduce 1. Create container with REP 4 policy. 2. Try to put object into this container (code example below). You should get an error `different token issuer and object owner identifiers`. ``` payloadReader := bytes.NewBufferString("Hello, World") ctx := context.Background() w, err := wallet.NewWalletFromFile("<path-to-wallet>") if err != nil { log.Fatal(err) } acc := w.Accounts[0] acc.Decrypt("", w.Scrypt) var prmInit pool.InitParameters prmInit.SetKey(&acc.PrivateKey().PrivateKey) prmInit.AddNode(pool.NewNodeParam(1, "<node-storage-address>", 1)) cli, err := pool.NewPool(prmInit) if err != nil { log.Fatal(err) } err = cli.Dial(ctx) if err != nil { log.Fatal(err) } pk, err := keys.NewPrivateKey() if err != nil { log.Fatal(err) } var owner user.ID user.IDFromKey(&owner, pk.PrivateKey.PublicKey) var cnrID cid.ID err = cnrID.DecodeString("<cid>") if err != nil { log.Fatal(err) } var putHeader object.Object putHeader.SetOwnerID(&owner) putHeader.SetContainerID(cnrID) var prmObjectPut pool.PrmObjectPut prmObjectPut.SetHeader(putHeader) prmObjectPut.SetPayload(payloadReader) objID, err := cli.PutObject(ctx, prmObjectPut) if err != nil { log.Fatal(err) } ``` 3. Check list of objects in container with command ``` frostfs-cli container list-objects --cid <cid> --wallet <path-to-wallet> -r <node-storage-address> --ttl 1 ``` ## Version ``` FrostFS Storage node Version: v0.0.1-881-g054e3ef3 GoVersion: go1.20.5 ``` ## Your Environment 4 nodes
mbiryukova added the
bug
triage
labels 2023-09-08 15:48:16 +00:00
fyrchik added this to the v0.38.0 milestone 2023-09-11 11:17:26 +00:00
Author
Member

Still valid for version 0.37.0-rc.1-221-g931a5e9a of storage node

Still valid for version `0.37.0-rc.1-221-g931a5e9a` of storage node
fyrchik added
frostfs-node
and removed
triage
labels 2024-01-24 09:58:52 +00:00
fyrchik self-assigned this 2024-01-24 09:58:56 +00:00
Owner

I have just retest this with the latest master and got this:

2024/01/24 13:01:48 init writing on API client s01.frostfs.devenv:8080: client failure: rpc error: code = Unknown desc = could not close stream and receive response: could not close stream and receive response: (*putsvc.streamer) could not object put stream: (*putsvc.Streamer) could not close object target: could not write to next target: incomplete object PUT by placement: could not write header: (*putsvc.remoteTarget) could not put single object to [/dns4/s04.frostfs.devenv/tcp/8082/tls /dns4/s04.frostfs.devenv/tcp/8080]: put single object via client: status: code = 1024 message = (*object.FormatValidator) different token issuer and object owner identifiers NbUgTSFvPmsRxmGeWpuuGeJUoRoi6PErcM/NNEspWzh28AKk4doApTLURHuK8nXkSrrug

But the object appears in listing. This could be related to some checks being done after the put.

I have just retest this with the latest master and got this: ``` 2024/01/24 13:01:48 init writing on API client s01.frostfs.devenv:8080: client failure: rpc error: code = Unknown desc = could not close stream and receive response: could not close stream and receive response: (*putsvc.streamer) could not object put stream: (*putsvc.Streamer) could not close object target: could not write to next target: incomplete object PUT by placement: could not write header: (*putsvc.remoteTarget) could not put single object to [/dns4/s04.frostfs.devenv/tcp/8082/tls /dns4/s04.frostfs.devenv/tcp/8080]: put single object via client: status: code = 1024 message = (*object.FormatValidator) different token issuer and object owner identifiers NbUgTSFvPmsRxmGeWpuuGeJUoRoi6PErcM/NNEspWzh28AKk4doApTLURHuK8nXkSrrug ``` But the object appears in listing. This could be related to some checks being done after the put.
Sign in to join this conversation.
No milestone
No project
No assignees
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: TrueCloudLab/frostfs-node#681
No description provided.