Static object session with search verb allows to search all objects in container #155
2 changed files with 145 additions and 0 deletions
|
@ -119,6 +119,7 @@ func (exec *execCtx) generateTraverser(cnr cid.ID) (*placement.Traverser, bool)
|
|||
}
|
||||
|
||||
func (exec *execCtx) writeIDList(ids []oid.ID) {
|
||||
ids = exec.filterAllowedObjectIDs(ids)
|
||||
err := exec.prm.writer.WriteIDs(ids)
|
||||
|
||||
switch {
|
||||
|
@ -134,3 +135,17 @@ func (exec *execCtx) writeIDList(ids []oid.ID) {
|
|||
exec.err = nil
|
||||
}
|
||||
}
|
||||
|
||||
func (exec *execCtx) filterAllowedObjectIDs(objIDs []oid.ID) []oid.ID {
|
||||
sessionToken := exec.prm.common.SessionToken()
|
||||
if sessionToken == nil {
|
||||
return objIDs
|
||||
}
|
||||
result := make([]oid.ID, 0, len(objIDs))
|
||||
for _, objID := range objIDs {
|
||||
if sessionToken.AssertObject(objID) {
|
||||
result = append(result, objID)
|
||||
}
|
||||
}
|
||||
return result
|
||||
}
|
||||
|
|
|
@ -9,6 +9,7 @@ import (
|
|||
"strconv"
|
||||
"testing"
|
||||
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/session"
|
||||
clientcore "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/core/client"
|
||||
netmapcore "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/core/netmap"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/network"
|
||||
|
@ -18,8 +19,12 @@ import (
|
|||
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container"
|
||||
cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
|
||||
cidtest "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id/test"
|
||||
frostfsecdsa "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/crypto/ecdsa"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/netmap"
|
||||
oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
|
||||
sessionsdk "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/session"
|
||||
"github.com/google/uuid"
|
||||
"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
|
@ -425,3 +430,128 @@ func TestGetFromPastEpoch(t *testing.T) {
|
|||
require.NoError(t, err)
|
||||
assertContains(ids11, ids12, ids21, ids22)
|
||||
}
|
||||
|
||||
func TestGetWithSessionToken(t *testing.T) {
|
||||
ctx := context.Background()
|
||||
|
||||
placementDim := []int{2}
|
||||
|
||||
rs := make([]netmap.ReplicaDescriptor, len(placementDim))
|
||||
for i := range placementDim {
|
||||
rs[i].SetNumberOfObjects(uint32(placementDim[i]))
|
||||
}
|
||||
|
||||
var pp netmap.PlacementPolicy
|
||||
pp.AddReplicas(rs...)
|
||||
|
||||
var cnr container.Container
|
||||
cnr.SetPlacementPolicy(pp)
|
||||
|
||||
var id cid.ID
|
||||
container.CalculateID(&id, cnr)
|
||||
|
||||
var addr oid.Address
|
||||
addr.SetContainer(id)
|
||||
|
||||
ns, as := testNodeMatrix(t, placementDim)
|
||||
|
||||
builder := &testPlacementBuilder{
|
||||
vectors: map[string][][]netmap.NodeInfo{
|
||||
addr.EncodeToString(): ns,
|
||||
},
|
||||
}
|
||||
|
||||
localStorage := newTestStorage()
|
||||
localIDs := generateIDs(10)
|
||||
localStorage.addResult(id, localIDs, nil)
|
||||
|
||||
c1 := newTestStorage()
|
||||
ids1 := generateIDs(10)
|
||||
c1.addResult(id, ids1, nil)
|
||||
|
||||
c2 := newTestStorage()
|
||||
ids2 := generateIDs(10)
|
||||
c2.addResult(id, ids2, nil)
|
||||
|
||||
w := new(simpleIDWriter)
|
||||
|
||||
svc := &Service{cfg: new(cfg)}
|
||||
svc.log = test.NewLogger(false)
|
||||
svc.localStorage = localStorage
|
||||
|
||||
const curEpoch = 13
|
||||
|
||||
svc.traverserGenerator = &testTraverserGenerator{
|
||||
c: cnr,
|
||||
b: map[uint64]placement.Builder{
|
||||
curEpoch: builder,
|
||||
},
|
||||
}
|
||||
svc.clientConstructor = &testClientCache{
|
||||
clients: map[string]*testStorage{
|
||||
as[0][0]: c1,
|
||||
as[0][1]: c2,
|
||||
},
|
||||
}
|
||||
|
||||
svc.currentEpochReceiver = testEpochReceiver(curEpoch)
|
||||
|
||||
metaStub := &metaStub{
|
||||
TTL: 5,
|
||||
LimitByObjectIDs: append(append(localIDs[:5], ids1[:5]...), ids2[:5]...),
|
||||
T: t,
|
||||
Exp: 20,
|
||||
ContainerID: id,
|
||||
}
|
||||
|
||||
p := Prm{}
|
||||
p.WithContainerID(id)
|
||||
p.SetWriter(w)
|
||||
var err error
|
||||
p.common, err = util.CommonPrmFromV2(metaStub)
|
||||
require.NoError(t, err)
|
||||
|
||||
err = svc.Search(ctx, p)
|
||||
require.NoError(t, err)
|
||||
require.Len(t, w.ids, 15)
|
||||
|
||||
for _, id := range metaStub.LimitByObjectIDs {
|
||||
require.Contains(t, w.ids, id)
|
||||
}
|
||||
}
|
||||
|
||||
type metaStub struct {
|
||||
TTL uint32
|
||||
Exp uint64
|
||||
LimitByObjectIDs []oid.ID
|
||||
T *testing.T
|
||||
ContainerID cid.ID
|
||||
}
|
||||
|
||||
func (m *metaStub) GetMetaHeader() *session.RequestMetaHeader {
|
||||
var result session.RequestMetaHeader
|
||||
result.SetTTL(m.TTL)
|
||||
|
||||
tokenObj := new(sessionsdk.Object)
|
||||
tokenObj.ForVerb(sessionsdk.VerbObjectSearch)
|
||||
tokenObj.LimitByObjects(m.LimitByObjectIDs...)
|
||||
tokenObj.SetID(uuid.New())
|
||||
tokenObj.SetExp(m.Exp)
|
||||
tokenObj.BindContainer(m.ContainerID)
|
||||
|
||||
pubKey := &frostfsecdsa.PublicKey{}
|
||||
|
||||
tokenObj.SetAuthKey(pubKey)
|
||||
|
||||
priv, err := keys.NewPrivateKey()
|
||||
require.NoError(m.T, err)
|
||||
|
||||
require.NoError(m.T, tokenObj.Sign(priv.PrivateKey))
|
||||
|
||||
var token session.Token
|
||||
tokenObj.WriteToV2(&token)
|
||||
|
||||
result.SetSessionToken(&token)
|
||||
|
||||
return &result
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue