255 lines
6.9 KiB
Go
255 lines
6.9 KiB
Go
package object
|
|
|
|
import (
|
|
"context"
|
|
"crypto/ecdsa"
|
|
"fmt"
|
|
|
|
"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/object"
|
|
"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/util"
|
|
)
|
|
|
|
type SignService struct {
|
|
key *ecdsa.PrivateKey
|
|
|
|
sigSvc *util.SignService
|
|
|
|
svc ServiceServer
|
|
}
|
|
|
|
type searchStreamSigner struct {
|
|
SearchStream
|
|
sigSvc *util.SignService
|
|
|
|
nonEmptyResp bool // set on first Send call
|
|
}
|
|
|
|
type getStreamSigner struct {
|
|
GetObjectStream
|
|
sigSvc *util.SignService
|
|
}
|
|
|
|
type putStreamSigner struct {
|
|
sigSvc *util.SignService
|
|
stream PutObjectStream
|
|
err error
|
|
}
|
|
|
|
type patchStreamSigner struct {
|
|
sigSvc *util.SignService
|
|
stream PatchObjectStream
|
|
err error
|
|
}
|
|
|
|
type getRangeStreamSigner struct {
|
|
GetObjectRangeStream
|
|
sigSvc *util.SignService
|
|
}
|
|
|
|
func NewSignService(key *ecdsa.PrivateKey, svc ServiceServer) *SignService {
|
|
return &SignService{
|
|
key: key,
|
|
sigSvc: util.NewUnarySignService(key),
|
|
svc: svc,
|
|
}
|
|
}
|
|
|
|
func (s *getStreamSigner) Send(resp *object.GetResponse) error {
|
|
return s.send(resp, nil)
|
|
}
|
|
|
|
func (s *getStreamSigner) send(resp *object.GetResponse, err error) error {
|
|
if err := s.sigSvc.SignResponse(resp, err); err != nil {
|
|
return err
|
|
}
|
|
return s.GetObjectStream.Send(resp)
|
|
}
|
|
|
|
func (s *SignService) Get(req *object.GetRequest, stream GetObjectStream) error {
|
|
if err := s.sigSvc.VerifyRequest(req); err != nil {
|
|
resp := new(object.GetResponse)
|
|
_ = s.sigSvc.SignResponse(resp, err)
|
|
return stream.Send(resp)
|
|
}
|
|
|
|
w := &getStreamSigner{
|
|
GetObjectStream: stream,
|
|
sigSvc: s.sigSvc,
|
|
}
|
|
if err := s.svc.Get(req, w); err != nil {
|
|
return w.send(new(object.GetResponse), err)
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (s *putStreamSigner) Send(ctx context.Context, req *object.PutRequest) error {
|
|
if s.err = s.sigSvc.VerifyRequest(req); s.err != nil {
|
|
return util.ErrAbortStream
|
|
}
|
|
if s.err = s.stream.Send(ctx, req); s.err != nil {
|
|
return util.ErrAbortStream
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (s *putStreamSigner) CloseAndRecv(ctx context.Context) (resp *object.PutResponse, err error) {
|
|
if s.err != nil {
|
|
err = s.err
|
|
resp = new(object.PutResponse)
|
|
} else {
|
|
resp, err = s.stream.CloseAndRecv(ctx)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("could not close stream and receive response: %w", err)
|
|
}
|
|
}
|
|
|
|
return resp, s.sigSvc.SignResponse(resp, err)
|
|
}
|
|
|
|
func (s *SignService) Put() (PutObjectStream, error) {
|
|
stream, err := s.svc.Put()
|
|
if err != nil {
|
|
return nil, fmt.Errorf("could not create Put object streamer: %w", err)
|
|
}
|
|
|
|
return &putStreamSigner{
|
|
stream: stream,
|
|
sigSvc: s.sigSvc,
|
|
}, nil
|
|
}
|
|
|
|
func (s *patchStreamSigner) Send(ctx context.Context, req *object.PatchRequest) error {
|
|
if s.err = s.sigSvc.VerifyRequest(req); s.err != nil {
|
|
return util.ErrAbortStream
|
|
}
|
|
if s.err = s.stream.Send(ctx, req); s.err != nil {
|
|
return util.ErrAbortStream
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (s *patchStreamSigner) CloseAndRecv(ctx context.Context) (resp *object.PatchResponse, err error) {
|
|
if s.err != nil {
|
|
err = s.err
|
|
resp = new(object.PatchResponse)
|
|
} else {
|
|
resp, err = s.stream.CloseAndRecv(ctx)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("could not close stream and receive response: %w", err)
|
|
}
|
|
}
|
|
|
|
return resp, s.sigSvc.SignResponse(resp, err)
|
|
}
|
|
|
|
func (s *SignService) Patch() (PatchObjectStream, error) {
|
|
stream, err := s.svc.Patch()
|
|
if err != nil {
|
|
return nil, fmt.Errorf("could not create Put object streamer: %w", err)
|
|
}
|
|
|
|
return &patchStreamSigner{
|
|
stream: stream,
|
|
sigSvc: s.sigSvc,
|
|
}, nil
|
|
}
|
|
|
|
func (s *SignService) Head(ctx context.Context, req *object.HeadRequest) (*object.HeadResponse, error) {
|
|
if err := s.sigSvc.VerifyRequest(req); err != nil {
|
|
resp := new(object.HeadResponse)
|
|
return resp, s.sigSvc.SignResponse(resp, err)
|
|
}
|
|
resp, err := util.EnsureNonNilResponse(s.svc.Head(ctx, req))
|
|
return resp, s.sigSvc.SignResponse(resp, err)
|
|
}
|
|
|
|
func (s *SignService) PutSingle(ctx context.Context, req *object.PutSingleRequest) (*object.PutSingleResponse, error) {
|
|
req.GetBody().SetMarshalData(req.GetBody().StableMarshal(nil))
|
|
if err := s.sigSvc.VerifyRequest(req); err != nil {
|
|
resp := new(object.PutSingleResponse)
|
|
return resp, s.sigSvc.SignResponse(resp, err)
|
|
}
|
|
resp, err := util.EnsureNonNilResponse(s.svc.PutSingle(ctx, req))
|
|
return resp, s.sigSvc.SignResponse(resp, err)
|
|
}
|
|
|
|
func (s *searchStreamSigner) Send(resp *object.SearchResponse) error {
|
|
s.nonEmptyResp = true
|
|
return s.send(resp, nil)
|
|
}
|
|
|
|
func (s *searchStreamSigner) send(resp *object.SearchResponse, err error) error {
|
|
if err := s.sigSvc.SignResponse(resp, err); err != nil {
|
|
return err
|
|
}
|
|
return s.SearchStream.Send(resp)
|
|
}
|
|
|
|
func (s *SignService) Search(req *object.SearchRequest, stream SearchStream) error {
|
|
if err := s.sigSvc.VerifyRequest(req); err != nil {
|
|
resp := new(object.SearchResponse)
|
|
_ = s.sigSvc.SignResponse(resp, err)
|
|
return stream.Send(resp)
|
|
}
|
|
|
|
ss := &searchStreamSigner{
|
|
SearchStream: stream,
|
|
sigSvc: s.sigSvc,
|
|
}
|
|
err := s.svc.Search(req, ss)
|
|
if err != nil || !ss.nonEmptyResp {
|
|
// The higher component does not write any response in the case of an empty result (which is correct).
|
|
// With the introduction of status returns at least one answer must be signed and sent to the client.
|
|
// This approach is supported by clients who do not know how to work with statuses (one could make
|
|
// a switch according to the protocol version from the request, but the costs of sending an empty
|
|
// answer can be neglected due to the gradual refusal to use the "old" clients).
|
|
return ss.send(new(object.SearchResponse), err)
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (s *SignService) Delete(ctx context.Context, req *object.DeleteRequest) (*object.DeleteResponse, error) {
|
|
if err := s.sigSvc.VerifyRequest(req); err != nil {
|
|
resp := new(object.DeleteResponse)
|
|
return resp, s.sigSvc.SignResponse(resp, err)
|
|
}
|
|
resp, err := util.EnsureNonNilResponse(s.svc.Delete(ctx, req))
|
|
return resp, s.sigSvc.SignResponse(resp, err)
|
|
}
|
|
|
|
func (s *getRangeStreamSigner) Send(resp *object.GetRangeResponse) error {
|
|
return s.send(resp, nil)
|
|
}
|
|
|
|
func (s *getRangeStreamSigner) send(resp *object.GetRangeResponse, err error) error {
|
|
if err := s.sigSvc.SignResponse(resp, err); err != nil {
|
|
return err
|
|
}
|
|
return s.GetObjectRangeStream.Send(resp)
|
|
}
|
|
|
|
func (s *SignService) GetRange(req *object.GetRangeRequest, stream GetObjectRangeStream) error {
|
|
if err := s.sigSvc.VerifyRequest(req); err != nil {
|
|
resp := new(object.GetRangeResponse)
|
|
_ = s.sigSvc.SignResponse(resp, err)
|
|
return stream.Send(resp)
|
|
}
|
|
|
|
w := &getRangeStreamSigner{
|
|
GetObjectRangeStream: stream,
|
|
sigSvc: s.sigSvc,
|
|
}
|
|
if err := s.svc.GetRange(req, w); err != nil {
|
|
return w.send(new(object.GetRangeResponse), err)
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (s *SignService) GetRangeHash(ctx context.Context, req *object.GetRangeHashRequest) (*object.GetRangeHashResponse, error) {
|
|
if err := s.sigSvc.VerifyRequest(req); err != nil {
|
|
resp := new(object.GetRangeHashResponse)
|
|
return resp, s.sigSvc.SignResponse(resp, err)
|
|
}
|
|
resp, err := util.EnsureNonNilResponse(s.svc.GetRangeHash(ctx, req))
|
|
return resp, s.sigSvc.SignResponse(resp, err)
|
|
}
|