TrueCloudLab/frostfs-node
20
1
Fork 27
Code Issues 100 Pull requests 4 Projects Releases 1 Activity Actions

Fix access denied error handling for GET requests support/v0.42 #1339

Merged
fyrchik merged 1 commit from dstepanov-yadro/frostfs-node:fix/get_ape_err_handling_v042 into support/v0.42 2024-08-28 11:53:25 +00:00
Conversation 0 Commits 1 Files changed 3 +29 -12
dstepanov-yadro commented 2024-08-28 11:00:38 +00:00
Member
Copy link
  1. Do not try to get object from remote nodes if local failed with AccessDenied error.
  2. Return AccessDenied error if remote get failed with AccessDenied error.
  3. Send header to output stream again if previous try fail with error.
1. Do not try to get object from remote nodes if local failed with AccessDenied error. 2. Return AccessDenied error if remote get failed with AccessDenied error. 3. Send header to output stream again if previous try fail with error.
dstepanov-yadro added 1 commit 2024-08-28 11:00:44 +00:00
[#9999] getSvc: Fix access denied error handling
All checks were successful
Vulncheck / Vulncheck (pull_request) Successful in 3m58s
Details
DCO action / DCO (pull_request) Successful in 3m54s
Details
Pre-commit hooks / Pre-commit (pull_request) Successful in 4m13s
Details
Tests and linters / Staticcheck (pull_request) Successful in 5m29s
Details
Tests and linters / gopls check (pull_request) Successful in 5m26s
Details
Tests and linters / Tests (1.22) (pull_request) Successful in 5m33s
Details
Tests and linters / Tests (1.21) (pull_request) Successful in 5m35s
Details
Tests and linters / Lint (pull_request) Successful in 5m53s
Details
Tests and linters / Tests with -race (pull_request) Successful in 5m57s
Details
Build / Build Components (1.21) (pull_request) Successful in 7m25s
Details
Build / Build Components (1.22) (pull_request) Successful in 7m21s
Details
02d7b023d4 
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
dstepanov-yadro force-pushed fix/get_ape_err_handling_v042 from 02d7b023d4 to 43d6fbf73b 2024-08-28 11:01:26 +00:00 Compare
dstepanov-yadro changed title from Fix access denied error handling for GET requests to Fix access denied error handling for GET requests support/v0.42 2024-08-28 11:03:18 +00:00
aarifullin approved these changes 2024-08-28 11:07:46 +00:00
acid-ant approved these changes 2024-08-28 11:09:23 +00:00
fyrchik requested changes 2024-08-28 11:20:46 +00:00
pkg/services/object/get/get.go
@ -123,0 +125,4 @@
var errAccessDenied *apistatus.ObjectAccessDenied
if execCnr && errors.As(exec.err, &errAccessDenied) {
// Local get can't return access denied error, so this error was returned by
// write to the output stream. So there is no need to try to find object on other nodes.
fyrchik commented 2024-08-28 11:19:56 +00:00
Owner
Copy link

How can we get this error while returning the result?

How can we get this error while returning the result?
dstepanov-yadro commented 2024-08-28 11:25:15 +00:00
Author
Member
Copy link

APE check for GET request performed on header send to check object headers.

APE check for GET request performed on header send to check object headers.
fyrchik marked this conversation as resolved
pkg/services/object/get/remote.go
@ -39,3 +40,3 @@
// for raw requests, continue to collect other parts
r.status = statusUndefined
r.err = new(apistatus.ObjectNotFound)
if errors.As(err, &errAccessDenied) {
fyrchik commented 2024-08-28 11:20:43 +00:00
Owner
Copy link

Why is it in the default branch, instead of being similar to other status errors?

Why is it in the default branch, instead of being similar to other status errors?
dstepanov-yadro commented 2024-08-28 11:28:56 +00:00
Author
Member
Copy link

Because i think it is a part of default branch: default branch continues iteration (returns false)

Because i think it is a part of default branch: default branch continues iteration (returns false)
fyrchik marked this conversation as resolved
fyrchik merged commit 43d6fbf73b into support/v0.42 2024-08-28 11:53:23 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
aarifullin
acid-ant
fyrchik
Labels
Clear labels   
P0

Highest

  
P1

High

  
P2

Medium

  
P3

Low

  
badger

Badger DB related issues

  
frostfs-adm

   
frostfs-cli

   
frostfs-ir

   
frostfs-lens

   
frostfs-node

   
good first issue

Good for newcomers

  
triage
  
Infrastructure

Infrastructure, Automation, CI/CD or DevOps related stuff

  
blocked

The issue or PR is blocked by something

  
bug

Something is not working

  
config

Configuration format update or breaking change

  
discussion

Talking about something in order to reach a decision or to exchange ideas

  
documentation

Documentation related

  
duplicate

This issue or pull request already exists

  
enhancement

New feature

  
go

Language features adoption

  
help wanted

Extra attention is needed

  
internal

   
invalid

Something is wrong

  
kludge

This is a kludge and we know it

  
observability

Related to metrics, tracing and logs

  
perfomance

Perfomance related

  
question

More information is needed

  
refactoring

Refactoring

  
wontfix

This won't be fixed

No labels
P0
P1
P2
P3
badger
frostfs-adm
frostfs-cli
frostfs-ir
frostfs-lens
frostfs-node
good first issue
triage
Infrastructure
blocked
bug
config
discussion
documentation
duplicate
enhancement
go
help wanted
internal
invalid
kludge
observability
perfomance
question
refactoring
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
4 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: TrueCloudLab/frostfs-node#1339
No description provided.
Delete branch "dstepanov-yadro/frostfs-node:fix/get_ape_err_handling_v042"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?