Fill APE Request proprties with source IP in services #1142
2 changed files with 24 additions and 1 deletions
|
@ -4,6 +4,7 @@ import (
|
|||
"context"
|
||||
"crypto/sha256"
|
||||
"fmt"
|
||||
"net"
|
||||
"strconv"
|
||||
|
||||
objectV2 "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/object"
|
||||
|
@ -15,8 +16,10 @@ import (
|
|||
objectSDK "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object"
|
||||
oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
|
||||
commonschema "git.frostfs.info/TrueCloudLab/policy-engine/schema/common"
|
||||
nativeschema "git.frostfs.info/TrueCloudLab/policy-engine/schema/native"
|
||||
"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
|
||||
"google.golang.org/grpc/peer"
|
||||
)
|
||||
|
||||
var defaultRequest = aperequest.Request{}
|
||||
|
@ -129,6 +132,12 @@ func (c *checkerImpl) newAPERequest(ctx context.Context, prm Prm) (aperequest.Re
|
|||
return defaultRequest, err
|
||||
}
|
||||
|
||||
if p, ok := peer.FromContext(ctx); ok {
|
||||
if tcpAddr, ok := p.Addr.(*net.TCPAddr); ok {
|
||||
reqProps[commonschema.PropertyKeyFrostFSSourceIP] = tcpAddr.IP.String()
|
||||
}
|
||||
}
|
||||
|
||||
return aperequest.NewRequest(
|
||||
prm.Method,
|
||||
aperequest.NewResource(
|
||||
|
|
|
@ -3,6 +3,7 @@ package ape
|
|||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"net"
|
||||
"testing"
|
||||
|
||||
objectV2 "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/object"
|
||||
|
@ -14,12 +15,24 @@ import (
|
|||
commonschema "git.frostfs.info/TrueCloudLab/policy-engine/schema/common"
|
||||
nativeschema "git.frostfs.info/TrueCloudLab/policy-engine/schema/native"
|
||||
"github.com/stretchr/testify/require"
|
||||
"google.golang.org/grpc/peer"
|
||||
)
|
||||
|
||||
const (
|
||||
testOwnerID = "FPPtmAi9TCX329"
|
||||
|
||||
incomingIP = "192.92.33.1"
|
||||
)
|
||||
|
||||
func ctxWithPeerInfo() context.Context {
|
||||
return peer.NewContext(context.Background(), &peer.Peer{
|
||||
Addr: &net.TCPAddr{
|
||||
IP: net.ParseIP(incomingIP),
|
||||
Port: 41111,
|
||||
},
|
||||
})
|
||||
}
|
||||
|
||||
func TestObjectProperties(t *testing.T) {
|
||||
for _, test := range []struct {
|
||||
name string
|
||||
|
@ -253,7 +266,7 @@ func TestNewAPERequest(t *testing.T) {
|
|||
frostFSIDClient: ffidProvider,
|
||||
}
|
||||
|
||||
r, err := c.newAPERequest(context.TODO(), prm)
|
||||
r, err := c.newAPERequest(ctxWithPeerInfo(), prm)
|
||||
if test.expectErr != nil {
|
||||
require.Error(t, err)
|
||||
require.ErrorIs(t, err, test.expectErr)
|
||||
|
@ -276,6 +289,7 @@ func TestNewAPERequest(t *testing.T) {
|
|||
fmt.Sprintf(commonschema.PropertyKeyFormatFrostFSIDUserClaim, "tag-attr1"): "value1",
|
||||
fmt.Sprintf(commonschema.PropertyKeyFormatFrostFSIDUserClaim, "tag-attr2"): "value2",
|
||||
commonschema.PropertyKeyFrostFSIDGroupID: "1",
|
||||
commonschema.PropertyKeyFrostFSSourceIP: incomingIP,
|
||||
},
|
||||
)
|
||||
|
||||
|
|
Loading…
Reference in a new issue