frostfs-node/pkg/services/object
Alex Vanin d8f7fed10a [#881] acl: Use session token from request at object.Put
Session token can be present in both object header and
request meta header. They are the same during initial object
placement.

At the object replication, storage node puts object without
any session tokens attached to the request. If container's eACL
denies object.Put for USER role (use bearer to upload), then
replication might fail on objects with session tokens of the
signed by container owner. It is incorrect, so use session
token directly from request meta header.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-10-08 17:18:32 +03:00
..
acl [#881] acl: Use session token from request at object.Put 2021-10-08 17:18:32 +03:00
delete [#643] pkg: Sync method names and commentaries to them 2021-06-24 16:10:44 +03:00
get [#645] client/cache: Check response public key in all client operations 2021-09-30 20:57:00 +03:00
head [#645] *: Use helper functions to build client.NodeInfo structures 2021-09-30 20:57:00 +03:00
internal [#645] client/cache: Check response public key in all client operations 2021-09-30 20:57:00 +03:00
put [#645] client/cache: Check response public key in all client operations 2021-09-30 20:57:00 +03:00
search [#645] client/cache: Check response public key in all client operations 2021-09-30 20:57:00 +03:00
util [#645] *: Change the locality condition of the node from the placement 2021-09-07 09:53:18 +03:00
metrics.go [#425] services: Define service interfaces that was removed from API lib 2021-03-17 15:00:37 +03:00
response.go [#521] *: use stdlib errors package 2021-05-19 16:42:54 +03:00
server.go [#425] services: Define service interfaces that was removed from API lib 2021-03-17 15:00:37 +03:00
sign.go [#521] *: use stdlib errors package 2021-05-19 16:42:54 +03:00
transport_splitter.go [#425] services: Define service interfaces that was removed from API lib 2021-03-17 15:00:37 +03:00