From c99157f0b20a503a3baab25e96eafbef0cff82cb Mon Sep 17 00:00:00 2001
From: Dmitrii Stepanov <d.stepanov@yadro.com>
Date: Tue, 21 Nov 2023 11:42:08 +0300
Subject: [PATCH 1/2] [#821] go.mod: Update SDK-Go version

Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
---
 go.mod | 2 +-
 go.sum | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/go.mod b/go.mod
index 7d2b93486..2714e1567 100644
--- a/go.mod
+++ b/go.mod
@@ -6,7 +6,7 @@ require (
 	git.frostfs.info/TrueCloudLab/frostfs-api-go/v2 v2.16.1-0.20231031104748-498877e378fd
 	git.frostfs.info/TrueCloudLab/frostfs-contract v0.18.1-0.20231102065436-9ed3845aa989
 	git.frostfs.info/TrueCloudLab/frostfs-observability v0.0.0-20231101111734-b3ad3335ff65
-	git.frostfs.info/TrueCloudLab/frostfs-sdk-go v0.0.0-20231114081800-3787477133f3
+	git.frostfs.info/TrueCloudLab/frostfs-sdk-go v0.0.0-20231122162120-56debcfa569e
 	git.frostfs.info/TrueCloudLab/hrw v1.2.1
 	git.frostfs.info/TrueCloudLab/policy-engine v0.0.0-20231115094736-5db67021e10f
 	git.frostfs.info/TrueCloudLab/tzhash v1.8.0
diff --git a/go.sum b/go.sum
index 070c246ba..7660d9dcd 100644
--- a/go.sum
+++ b/go.sum
@@ -732,8 +732,8 @@ git.frostfs.info/TrueCloudLab/frostfs-crypto v0.6.0 h1:FxqFDhQYYgpe41qsIHVOcdzSV
 git.frostfs.info/TrueCloudLab/frostfs-crypto v0.6.0/go.mod h1:RUIKZATQLJ+TaYQa60X2fTDwfuhMfm8Ar60bQ5fr+vU=
 git.frostfs.info/TrueCloudLab/frostfs-observability v0.0.0-20231101111734-b3ad3335ff65 h1:PaZ8GpnUoXxUoNsc1qp36bT2u7FU+neU4Jn9cl8AWqI=
 git.frostfs.info/TrueCloudLab/frostfs-observability v0.0.0-20231101111734-b3ad3335ff65/go.mod h1:6aAX80dvJ3r5fjN9CzzPglRptoiPgIC9KFGGsUA+1Hw=
-git.frostfs.info/TrueCloudLab/frostfs-sdk-go v0.0.0-20231114081800-3787477133f3 h1:Qa35bB58plMb14LIsYzu2ibeYfsY2taFnbZytv9Ao3M=
-git.frostfs.info/TrueCloudLab/frostfs-sdk-go v0.0.0-20231114081800-3787477133f3/go.mod h1:t1akKcUH7iBrFHX8rSXScYMP17k2kYQXMbZooiL5Juw=
+git.frostfs.info/TrueCloudLab/frostfs-sdk-go v0.0.0-20231122162120-56debcfa569e h1:RoGxgSNyVxDaYgjb40P+Xy6val+rs7b5QQtGkIUpUoY=
+git.frostfs.info/TrueCloudLab/frostfs-sdk-go v0.0.0-20231122162120-56debcfa569e/go.mod h1:t1akKcUH7iBrFHX8rSXScYMP17k2kYQXMbZooiL5Juw=
 git.frostfs.info/TrueCloudLab/hrw v1.2.1 h1:ccBRK21rFvY5R1WotI6LNoPlizk7qSvdfD8lNIRudVc=
 git.frostfs.info/TrueCloudLab/hrw v1.2.1/go.mod h1:C1Ygde2n843yTZEQ0FP69jYiuaYV0kriLvP4zm8JuvM=
 git.frostfs.info/TrueCloudLab/policy-engine v0.0.0-20231115094736-5db67021e10f h1:Rq95TuEkqc3T1EN5ZU1Vgf6H33TR95hz97ca8jrUciQ=
-- 
2.45.3


From c516c7c5f46d6a3ae8e183f4582baf112ca0a50e Mon Sep 17 00:00:00 2001
From: Dmitrii Stepanov <d.stepanov@yadro.com>
Date: Tue, 21 Nov 2023 11:42:30 +0300
Subject: [PATCH 2/2] [#821] node: Pass user.ID by value

Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
---
 cmd/frostfs-cli/modules/accounting/balance.go      |  2 +-
 cmd/frostfs-cli/modules/container/list.go          |  2 +-
 cmd/frostfs-cli/modules/object/lock.go             |  2 +-
 cmd/frostfs-cli/modules/object/put.go              |  4 ++--
 pkg/core/object/fmt.go                             |  4 ++--
 pkg/core/object/fmt_test.go                        | 14 +++++++-------
 pkg/services/object/acl/acl_test.go                |  6 +++---
 pkg/services/object/acl/eacl/v2/object.go          |  4 ++--
 pkg/services/object/delete/exec.go                 |  4 ++--
 pkg/services/object/put/streamer.go                |  2 +-
 pkg/services/object/util/key_test.go               |  4 ++--
 .../session/storage/persistent/executor_test.go    |  6 +++---
 12 files changed, 27 insertions(+), 27 deletions(-)

diff --git a/cmd/frostfs-cli/modules/accounting/balance.go b/cmd/frostfs-cli/modules/accounting/balance.go
index 8e975fb03..d10b9eaa1 100644
--- a/cmd/frostfs-cli/modules/accounting/balance.go
+++ b/cmd/frostfs-cli/modules/accounting/balance.go
@@ -39,7 +39,7 @@ var accountingBalanceCmd = &cobra.Command{
 
 		var prm internalclient.BalanceOfPrm
 		prm.SetClient(cli)
-		prm.Account = &idUser
+		prm.Account = idUser
 
 		res, err := internalclient.BalanceOf(cmd.Context(), prm)
 		commonCmd.ExitOnErr(cmd, "rpc error: %w", err)
diff --git a/cmd/frostfs-cli/modules/container/list.go b/cmd/frostfs-cli/modules/container/list.go
index 1e7ba96ea..86c1e5fba 100644
--- a/cmd/frostfs-cli/modules/container/list.go
+++ b/cmd/frostfs-cli/modules/container/list.go
@@ -47,7 +47,7 @@ var listContainersCmd = &cobra.Command{
 
 		var prm internalclient.ListContainersPrm
 		prm.SetClient(cli)
-		prm.Account = &idUser
+		prm.Account = idUser
 
 		res, err := internalclient.ListContainers(cmd.Context(), prm)
 		commonCmd.ExitOnErr(cmd, "rpc error: %w", err)
diff --git a/cmd/frostfs-cli/modules/object/lock.go b/cmd/frostfs-cli/modules/object/lock.go
index fa1898586..d2e9af24c 100644
--- a/cmd/frostfs-cli/modules/object/lock.go
+++ b/cmd/frostfs-cli/modules/object/lock.go
@@ -94,7 +94,7 @@ var objectLockCmd = &cobra.Command{
 
 		obj := objectSDK.New()
 		obj.SetContainerID(cnr)
-		obj.SetOwnerID(&idOwner)
+		obj.SetOwnerID(idOwner)
 		obj.SetType(objectSDK.TypeLock)
 		obj.SetAttributes(expirationAttr)
 		obj.SetPayload(lock.Marshal())
diff --git a/cmd/frostfs-cli/modules/object/put.go b/cmd/frostfs-cli/modules/object/put.go
index 97bb12dbc..a41d3c0aa 100644
--- a/cmd/frostfs-cli/modules/object/put.go
+++ b/cmd/frostfs-cli/modules/object/put.go
@@ -93,7 +93,7 @@ func putObject(cmd *cobra.Command, _ []string) {
 	attrs := getAllObjectAttributes(cmd)
 
 	obj.SetContainerID(cnr)
-	obj.SetOwnerID(&ownerID)
+	obj.SetOwnerID(ownerID)
 	obj.SetAttributes(attrs...)
 
 	notificationInfo, err := parseObjectNotifications(cmd)
@@ -160,7 +160,7 @@ func readFilePayload(filename string, cmd *cobra.Command) (io.Reader, cid.ID, us
 	commonCmd.ExitOnErr(cmd, "can't unmarshal object from given file: %w", objTemp.Unmarshal(buf))
 	payloadReader := bytes.NewReader(objTemp.Payload())
 	cnr, _ := objTemp.ContainerID()
-	ownerID := *objTemp.OwnerID()
+	ownerID := objTemp.OwnerID()
 	return payloadReader, cnr, ownerID
 }
 
diff --git a/pkg/core/object/fmt.go b/pkg/core/object/fmt.go
index e65767723..e266800b2 100644
--- a/pkg/core/object/fmt.go
+++ b/pkg/core/object/fmt.go
@@ -165,7 +165,7 @@ func (v *FormatValidator) validateSignatureKey(obj *objectSDK.Object) error {
 	}
 
 	token := obj.SessionToken()
-	ownerID := *obj.OwnerID()
+	ownerID := obj.OwnerID()
 
 	if token == nil || !token.AssertAuthKey(&key) {
 		return v.checkOwnerKey(ownerID, key)
@@ -412,7 +412,7 @@ func (v *FormatValidator) checkAttributes(obj *objectSDK.Object) error {
 var errIncorrectOwner = errors.New("incorrect object owner")
 
 func (v *FormatValidator) checkOwner(obj *objectSDK.Object) error {
-	if idOwner := obj.OwnerID(); idOwner == nil || len(idOwner.WalletBytes()) == 0 {
+	if idOwner := obj.OwnerID(); idOwner.IsEmpty() {
 		return errIncorrectOwner
 	}
 
diff --git a/pkg/core/object/fmt_test.go b/pkg/core/object/fmt_test.go
index 2a5b5690c..a8901ad6d 100644
--- a/pkg/core/object/fmt_test.go
+++ b/pkg/core/object/fmt_test.go
@@ -32,7 +32,7 @@ func blankValidObject(key *ecdsa.PrivateKey) *objectSDK.Object {
 
 	obj := objectSDK.New()
 	obj.SetContainerID(cidtest.ID())
-	obj.SetOwnerID(&idOwner)
+	obj.SetOwnerID(idOwner)
 
 	return obj
 }
@@ -107,7 +107,7 @@ func TestFormatValidator_Validate(t *testing.T) {
 		obj := objectSDK.New()
 		obj.SetContainerID(cidtest.ID())
 		obj.SetSessionToken(tok)
-		obj.SetOwnerID(&idOwner)
+		obj.SetOwnerID(idOwner)
 
 		require.NoError(t, objectSDK.SetIDWithSignature(ownerKey.PrivateKey, obj))
 
@@ -303,7 +303,7 @@ func TestFormatValidator_ValidateTokenIssuer(t *testing.T) {
 		obj := objectSDK.New()
 		obj.SetContainerID(cidtest.ID())
 		obj.SetSessionToken(tok)
-		obj.SetOwnerID(&owner)
+		obj.SetOwnerID(owner)
 		require.NoError(t, objectSDK.SetIDWithSignature(signer.PrivateKey, obj))
 
 		require.NoError(t, v.Validate(context.Background(), obj, false))
@@ -352,7 +352,7 @@ func TestFormatValidator_ValidateTokenIssuer(t *testing.T) {
 		obj := objectSDK.New()
 		obj.SetContainerID(cnrID)
 		obj.SetSessionToken(tok)
-		obj.SetOwnerID(&owner)
+		obj.SetOwnerID(owner)
 		require.NoError(t, objectSDK.SetIDWithSignature(signer.PrivateKey, obj))
 
 		require.NoError(t, v.Validate(context.Background(), obj, false))
@@ -386,7 +386,7 @@ func TestFormatValidator_ValidateTokenIssuer(t *testing.T) {
 		obj := objectSDK.New()
 		obj.SetContainerID(cnrID)
 		obj.SetSessionToken(tok)
-		obj.SetOwnerID(&owner)
+		obj.SetOwnerID(owner)
 		require.NoError(t, objectSDK.SetIDWithSignature(signer.PrivateKey, obj))
 
 		v := NewFormatValidator(
@@ -459,7 +459,7 @@ func TestFormatValidator_ValidateTokenIssuer(t *testing.T) {
 		obj := objectSDK.New()
 		obj.SetContainerID(cnrID)
 		obj.SetSessionToken(tok)
-		obj.SetOwnerID(&owner)
+		obj.SetOwnerID(owner)
 		require.NoError(t, objectSDK.SetIDWithSignature(signer.PrivateKey, obj))
 
 		v := NewFormatValidator(
@@ -535,7 +535,7 @@ func TestFormatValidator_ValidateTokenIssuer(t *testing.T) {
 		obj := objectSDK.New()
 		obj.SetContainerID(cnrID)
 		obj.SetSessionToken(tok)
-		obj.SetOwnerID(&owner)
+		obj.SetOwnerID(owner)
 		require.NoError(t, objectSDK.SetIDWithSignature(signer.PrivateKey, obj))
 
 		v := NewFormatValidator(
diff --git a/pkg/services/object/acl/acl_test.go b/pkg/services/object/acl/acl_test.go
index b9b82dac8..d63cb1285 100644
--- a/pkg/services/object/acl/acl_test.go
+++ b/pkg/services/object/acl/acl_test.go
@@ -39,14 +39,14 @@ func TestStickyCheck(t *testing.T) {
 		info.SetSenderKey(make([]byte, 33)) // any non-empty key
 		info.SetRequestRole(acl.RoleContainer)
 
-		require.True(t, checker.StickyBitCheck(info, *usertest.ID()))
+		require.True(t, checker.StickyBitCheck(info, usertest.ID()))
 
 		var basicACL acl.Basic
 		basicACL.MakeSticky()
 
 		info.SetBasicACL(basicACL)
 
-		require.True(t, checker.StickyBitCheck(info, *usertest.ID()))
+		require.True(t, checker.StickyBitCheck(info, usertest.ID()))
 	})
 
 	t.Run("owner ID and/or public key emptiness", func(t *testing.T) {
@@ -72,7 +72,7 @@ func TestStickyCheck(t *testing.T) {
 			var ownerID user.ID
 
 			if withOwner {
-				ownerID = *usertest.ID()
+				ownerID = usertest.ID()
 			}
 
 			require.Equal(t, expected, checker.StickyBitCheck(info, ownerID))
diff --git a/pkg/services/object/acl/eacl/v2/object.go b/pkg/services/object/acl/eacl/v2/object.go
index 690e4aa70..72bd4c2d2 100644
--- a/pkg/services/object/acl/eacl/v2/object.go
+++ b/pkg/services/object/acl/eacl/v2/object.go
@@ -62,8 +62,8 @@ func headersFromObject(obj *objectSDK.Object, cnr cid.ID, oid *oid.ID) []eaclSDK
 			res = append(res, oidHeader(*oid))
 		}
 
-		if idOwner := obj.OwnerID(); idOwner != nil {
-			res = append(res, ownerIDHeader(*idOwner))
+		if idOwner := obj.OwnerID(); !idOwner.IsEmpty() {
+			res = append(res, ownerIDHeader(idOwner))
 		}
 
 		cs, ok := obj.PayloadChecksum()
diff --git a/pkg/services/object/delete/exec.go b/pkg/services/object/delete/exec.go
index aac8c8860..d48f8ab7b 100644
--- a/pkg/services/object/delete/exec.go
+++ b/pkg/services/object/delete/exec.go
@@ -176,11 +176,11 @@ func (exec *execCtx) initTombstoneObject() error {
 	tokenSession := exec.commonParameters().SessionToken()
 	if tokenSession != nil {
 		issuer := tokenSession.Issuer()
-		exec.tombstoneObj.SetOwnerID(&issuer)
+		exec.tombstoneObj.SetOwnerID(issuer)
 	} else {
 		// make local node a tombstone object owner
 		localUser := exec.svc.netInfo.LocalNodeID()
-		exec.tombstoneObj.SetOwnerID(&localUser)
+		exec.tombstoneObj.SetOwnerID(localUser)
 	}
 
 	var a objectSDK.Attribute
diff --git a/pkg/services/object/put/streamer.go b/pkg/services/object/put/streamer.go
index 10f932849..a9abe407d 100644
--- a/pkg/services/object/put/streamer.go
+++ b/pkg/services/object/put/streamer.go
@@ -112,7 +112,7 @@ func (p *Streamer) initTrustedTarget(prm *PutInitPrm) error {
 	// If it isn't owner key, replication attempts will fail, thus this check.
 	if sToken == nil {
 		ownerObj := prm.hdr.OwnerID()
-		if ownerObj == nil {
+		if ownerObj.IsEmpty() {
 			return errors.New("missing object owner")
 		}
 
diff --git a/pkg/services/object/util/key_test.go b/pkg/services/object/util/key_test.go
index 76e320e0c..cb7ddfde5 100644
--- a/pkg/services/object/util/key_test.go
+++ b/pkg/services/object/util/key_test.go
@@ -25,7 +25,7 @@ func TestNewKeyStorage(t *testing.T) {
 	tokenStor := tokenStorage.NewTokenStore()
 	stor := util.NewKeyStorage(&nodeKey.PrivateKey, tokenStor, mockedNetworkState{42})
 
-	owner := *usertest.ID()
+	owner := usertest.ID()
 
 	t.Run("node key", func(t *testing.T) {
 		key, err := stor.GetKey(nil)
@@ -36,7 +36,7 @@ func TestNewKeyStorage(t *testing.T) {
 	t.Run("unknown token", func(t *testing.T) {
 		_, err = stor.GetKey(&util.SessionInfo{
 			ID:    uuid.New(),
-			Owner: *usertest.ID(),
+			Owner: usertest.ID(),
 		})
 		require.Error(t, err)
 	})
diff --git a/pkg/services/session/storage/persistent/executor_test.go b/pkg/services/session/storage/persistent/executor_test.go
index ee0c8f915..39cb14359 100644
--- a/pkg/services/session/storage/persistent/executor_test.go
+++ b/pkg/services/session/storage/persistent/executor_test.go
@@ -22,7 +22,7 @@ func TestTokenStore(t *testing.T) {
 
 	defer ts.Close()
 
-	owner := *usertest.ID()
+	owner := usertest.ID()
 
 	var ownerV2 refs.OwnerID
 	owner.WriteToV2(&ownerV2)
@@ -66,7 +66,7 @@ func TestTokenStore_Persistent(t *testing.T) {
 	ts, err := NewTokenStore(path)
 	require.NoError(t, err)
 
-	idOwner := *usertest.ID()
+	idOwner := usertest.ID()
 
 	var idOwnerV2 refs.OwnerID
 	idOwner.WriteToV2(&idOwnerV2)
@@ -127,7 +127,7 @@ func TestTokenStore_RemoveOld(t *testing.T) {
 
 	defer ts.Close()
 
-	owner := *usertest.ID()
+	owner := usertest.ID()
 
 	var ownerV2 refs.OwnerID
 	owner.WriteToV2(&ownerV2)
-- 
2.45.3