[#16] fetcher: Remove bearer APE condition
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
This commit is contained in:
parent
04c5b65ad5
commit
ba26d975e0
1 changed files with 3 additions and 11 deletions
|
@ -4,7 +4,6 @@ import (
|
|||
"context"
|
||||
"crypto/ecdsa"
|
||||
"encoding/binary"
|
||||
"encoding/hex"
|
||||
"encoding/xml"
|
||||
"fmt"
|
||||
"io"
|
||||
|
@ -23,7 +22,6 @@ import (
|
|||
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
|
||||
"git.frostfs.info/TrueCloudLab/hrw"
|
||||
"git.frostfs.info/TrueCloudLab/policy-engine/pkg/chain"
|
||||
"git.frostfs.info/TrueCloudLab/policy-engine/schema/native"
|
||||
"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
|
||||
"github.com/nspcc-dev/neo-go/pkg/encoding/address"
|
||||
"github.com/nspcc-dev/neo-go/pkg/util"
|
||||
|
@ -217,7 +215,7 @@ func (p *JobProvider) handleUser(ctx context.Context, userHash util.Uint160, epo
|
|||
|
||||
successfullyFetchedContainers := len(containers)
|
||||
|
||||
allowedChainRaw := formAllowedAPEChain(userKey.PublicKey()).Bytes()
|
||||
allowedChainRaw := p.formAllowedAPEChain().Bytes()
|
||||
for _, container := range containers {
|
||||
uc := &UserContainer{
|
||||
ID: userID,
|
||||
|
@ -354,19 +352,13 @@ func (p *JobProvider) fetchLifecycleConfiguration(ctx context.Context, addr oid.
|
|||
return lifecycleCfg, nil
|
||||
}
|
||||
|
||||
func formAllowedAPEChain(userKey *keys.PublicKey) *chain.Chain {
|
||||
func (p *JobProvider) formAllowedAPEChain() *chain.Chain {
|
||||
return &chain.Chain{
|
||||
ID: chain.ID("lifecycler"),
|
||||
ID: chain.ID("lifecycler/" + p.currentLifecycler.Address()),
|
||||
Rules: []chain.Rule{{
|
||||
Status: chain.Allow,
|
||||
Actions: chain.Actions{Names: []string{"*"}},
|
||||
Resources: chain.Resources{Names: []string{"*"}},
|
||||
Condition: []chain.Condition{{
|
||||
Op: chain.CondStringEquals,
|
||||
Kind: chain.KindRequest,
|
||||
Key: native.PropertyKeyActorPublicKey,
|
||||
Value: hex.EncodeToString(userKey.Bytes()),
|
||||
}},
|
||||
}},
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue