frostfs-s3-gw/authmate/session_tokens.go
Roman Loginov ca5536d6d5
All checks were successful
/ DCO (pull_request) Successful in 4m15s
/ Vulncheck (pull_request) Successful in 5m5s
/ Builds (pull_request) Successful in 3m23s
/ Lint (pull_request) Successful in 4m47s
/ Tests (pull_request) Successful in 5m43s
[#576] Update frostfs-sdk-go version and drop frostfs-api-go
The new version of frostfs-sdk-go
contains a fix to solve the problem
of not being able to delete an EC object.

Signed-off-by: Roman Loginov <r.loginov@yadro.com>
2024-12-13 05:05:48 +03:00

72 lines
1.7 KiB
Go

package authmate
import (
"encoding/json"
"errors"
"fmt"
apisession "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/api/session"
cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/session"
)
type (
sessionTokenModel struct {
Verb string `json:"verb"`
ContainerID string `json:"ContainerID"`
}
sessionTokenContext struct {
verb session.ContainerVerb
containerID cid.ID
}
)
func (c *sessionTokenContext) UnmarshalJSON(data []byte) (err error) {
var m sessionTokenModel
if err = json.Unmarshal(data, &m); err != nil {
return fmt.Errorf("unmarshal session token context: %w", err)
}
switch m.Verb {
case apisession.ContainerVerbPut.String():
c.verb = session.VerbContainerPut
case apisession.ContainerVerbSetEACL.String():
c.verb = session.VerbContainerSetEACL
case apisession.ContainerVerbDelete.String():
c.verb = session.VerbContainerDelete
default:
return fmt.Errorf("unknown container token verb %s", m.Verb)
}
if len(m.ContainerID) > 0 {
return c.containerID.DecodeString(m.ContainerID)
}
return nil
}
func buildContext(rules []byte) ([]sessionTokenContext, error) {
var sessionCtxs []sessionTokenContext
if len(rules) != 0 {
err := json.Unmarshal(rules, &sessionCtxs)
if err != nil {
return nil, fmt.Errorf("failed to unmarshal rules for session token: %w", err)
}
for _, d := range sessionCtxs {
if d.verb == session.VerbContainerSetEACL {
return nil, errors.New("verb container SetEACL isn't supported")
}
}
return sessionCtxs, nil
}
return []sessionTokenContext{
{verb: session.VerbContainerPut},
{verb: session.VerbContainerDelete},
}, nil
}