Fill APE Request proprties with source IP in services #1142

Merged
fyrchik merged 3 commits from aarifullin/frostfs-node:feat/ape_sourceip into master 2024-05-27 10:17:21 +00:00
2 changed files with 24 additions and 1 deletions
Showing only changes of commit ea668cf6cd - Show all commits

View file

@ -4,6 +4,7 @@ import (
"context" "context"
"crypto/sha256" "crypto/sha256"
"fmt" "fmt"
"net"
"strconv" "strconv"
objectV2 "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/object" objectV2 "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/object"
@ -15,8 +16,10 @@ import (
objectSDK "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object" objectSDK "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object"
oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id" oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user" "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
commonschema "git.frostfs.info/TrueCloudLab/policy-engine/schema/common"
nativeschema "git.frostfs.info/TrueCloudLab/policy-engine/schema/native" nativeschema "git.frostfs.info/TrueCloudLab/policy-engine/schema/native"
"github.com/nspcc-dev/neo-go/pkg/crypto/keys" "github.com/nspcc-dev/neo-go/pkg/crypto/keys"
"google.golang.org/grpc/peer"
) )
var defaultRequest = aperequest.Request{} var defaultRequest = aperequest.Request{}
@ -129,6 +132,12 @@ func (c *checkerImpl) newAPERequest(ctx context.Context, prm Prm) (aperequest.Re
return defaultRequest, err return defaultRequest, err
} }
if p, ok := peer.FromContext(ctx); ok {
if tcpAddr, ok := p.Addr.(*net.TCPAddr); ok {
reqProps[commonschema.PropertyKeyFrostFSSourceIP] = tcpAddr.IP.String()
}
}
return aperequest.NewRequest( return aperequest.NewRequest(
prm.Method, prm.Method,
aperequest.NewResource( aperequest.NewResource(

View file

@ -3,6 +3,7 @@ package ape
import ( import (
"context" "context"
"fmt" "fmt"
"net"
"testing" "testing"
objectV2 "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/object" objectV2 "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/object"
@ -14,12 +15,24 @@ import (
commonschema "git.frostfs.info/TrueCloudLab/policy-engine/schema/common" commonschema "git.frostfs.info/TrueCloudLab/policy-engine/schema/common"
nativeschema "git.frostfs.info/TrueCloudLab/policy-engine/schema/native" nativeschema "git.frostfs.info/TrueCloudLab/policy-engine/schema/native"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
"google.golang.org/grpc/peer"
) )
const ( const (
testOwnerID = "FPPtmAi9TCX329" testOwnerID = "FPPtmAi9TCX329"
incomingIP = "192.92.33.1"
) )
func ctxWithPeerInfo() context.Context {
return peer.NewContext(context.Background(), &peer.Peer{
Addr: &net.TCPAddr{
IP: net.ParseIP(incomingIP),
Port: 41111,
},
})
}
func TestObjectProperties(t *testing.T) { func TestObjectProperties(t *testing.T) {
for _, test := range []struct { for _, test := range []struct {
name string name string
@ -253,7 +266,7 @@ func TestNewAPERequest(t *testing.T) {
frostFSIDClient: ffidProvider, frostFSIDClient: ffidProvider,
} }
r, err := c.newAPERequest(context.TODO(), prm) r, err := c.newAPERequest(ctxWithPeerInfo(), prm)
if test.expectErr != nil { if test.expectErr != nil {
require.Error(t, err) require.Error(t, err)
require.ErrorIs(t, err, test.expectErr) require.ErrorIs(t, err, test.expectErr)
@ -276,6 +289,7 @@ func TestNewAPERequest(t *testing.T) {
fmt.Sprintf(commonschema.PropertyKeyFormatFrostFSIDUserClaim, "tag-attr1"): "value1", fmt.Sprintf(commonschema.PropertyKeyFormatFrostFSIDUserClaim, "tag-attr1"): "value1",
fmt.Sprintf(commonschema.PropertyKeyFormatFrostFSIDUserClaim, "tag-attr2"): "value2", fmt.Sprintf(commonschema.PropertyKeyFormatFrostFSIDUserClaim, "tag-attr2"): "value2",
commonschema.PropertyKeyFrostFSIDGroupID: "1", commonschema.PropertyKeyFrostFSIDGroupID: "1",
commonschema.PropertyKeyFrostFSSourceIP: incomingIP,
}, },
) )