frostfs-node/pkg
Alex Vanin d8f7fed10a [#881] acl: Use session token from request at object.Put
Session token can be present in both object header and
request meta header. They are the same during initial object
placement.

At the object replication, storage node puts object without
any session tokens attached to the request. If container's eACL
denies object.Put for USER role (use bearer to upload), then
replication might fail on objects with session tokens of the
signed by container owner. It is incorrect, so use session
token directly from request meta header.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-10-08 17:18:32 +03:00
..
core [#645] client/cache: Check response public key in all client operations 2021-09-30 20:57:00 +03:00
innerring [#867] governance: Add option to disable governance sync 2021-09-30 20:57:13 +03:00
local_object_storage [#868] blobstor: allow to decompress objects on-the-fly 2021-10-08 16:01:45 +03:00
metrics [#426] Put prometheus behind pkg/metrics 2021-03-17 10:58:00 +03:00
morph [#627] morph: Inherit internal.StaticClient interface in all wrappers 2021-09-30 14:47:04 +03:00
network [#645] client/cache: Check response public key in all client operations 2021-09-30 20:57:00 +03:00
services [#881] acl: Use session token from request at object.Put 2021-10-08 17:18:32 +03:00
util [#798] util/state: Implement persistent storage for application state 2021-09-07 17:22:25 +03:00