[#19] fetcher: Don't user btoken for separate lifecycle container

Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-09-03 15:13:19 +03:00 · 2024-09-03 15:13:19 +03:00 · fce631be59
commit fce631be59
parent a3089bc89e
2 changed files with 79 additions and 8 deletions
--- a/internal/lifecycle/fetcher.go
+++ b/internal/lifecycle/fetcher.go
@ -261,12 +261,16 @@ func (p *JobProvider) handleContainer(ctx context.Context, uc *UserContainer, ep
 		return fmt.Errorf("form bearer token: %w", err)
 	}

-	ctx = addBearerToContext(ctx, btoken)
-	addr, err := p.treeFetcher.GetBucketLifecycleConfiguration(ctx, bktInfo)
+	bCtx := addBearerToContext(ctx, btoken)
+	addr, err := p.treeFetcher.GetBucketLifecycleConfiguration(bCtx, bktInfo)
 	if err != nil {
 		return fmt.Errorf("get lifecycle configuration from tree: %w", err)
 	}

+	if uc.Container.Equals(addr.Container()) {
+		ctx = bCtx
+	}
+
 	configuration, err := p.fetchLifecycleConfiguration(ctx, addr)
 	if err != nil {
 		return fmt.Errorf("get lifecycle configuration from storage: %w", err)
--- a/internal/lifecycle/fetcher_test.go
+++ b/internal/lifecycle/fetcher_test.go
@ -11,8 +11,10 @@ import (
 	"time"

 	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
+	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/middleware"
 	apistatus "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/client/status"
 	cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
+	cidtest "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id/test"
 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/netmap"
 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object"
 	oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
@ -92,11 +94,13 @@ func (c *containerFetcherMock) Containers(owner user.ID) ([]cid.ID, error) {
 var _ FrostFSFetcher = (*frostfsFetcherMock)(nil)

 type frostfsFetcherMock struct {
-	mu            sync.RWMutex
-	objects       map[oid.Address]*object.Object
-	epoch         uint64
-	epochDuration uint64
-	msPerBlock    int64
+	mu                 sync.RWMutex
+	objects            map[oid.Address]*object.Object
+	epoch              uint64
+	epochDuration      uint64
+	msPerBlock         int64
+	lifecycleContainer cid.ID
+	enableBearerCheck  bool
 }

 func newFrostFSFetcherMock() *frostfsFetcherMock {
@ -136,10 +140,21 @@ func (c *frostfsFetcherMock) setMsPerBlock(msPerBlock int64) {
 	c.msPerBlock = msPerBlock
 }

-func (c *frostfsFetcherMock) GetObject(_ context.Context, addr oid.Address) (pool.ResGetObject, error) {
+func (c *frostfsFetcherMock) GetObject(ctx context.Context, addr oid.Address) (pool.ResGetObject, error) {
 	c.mu.RLock()
 	defer c.mu.RUnlock()

+	if c.enableBearerCheck {
+		_, err := middleware.GetBoxData(ctx)
+		if c.lifecycleContainer.Equals(addr.Container()) {
+			if err == nil {
+				return pool.ResGetObject{}, errors.New("box data present in context for lifecycle container")
+			}
+		} else if err != nil {
+			return pool.ResGetObject{}, err
+		}
+	}
+
 	val, ok := c.objects[addr]
 	if !ok {
 		return pool.ResGetObject{}, &apistatus.ObjectNotFound{}
@ -274,6 +289,58 @@ func TestFetcherBase(t *testing.T) {
 	require.Len(t, res, 2)
 }

+func TestFetcherBearer(t *testing.T) {
+	ctx := context.Background()
+	log := zaptest.NewLogger(t)
+
+	key, err := keys.NewPrivateKey()
+	require.NoError(t, err)
+
+	mocks, err := initFetcherMocks(1, 2)
+	require.NoError(t, err)
+
+	epochCh := make(chan uint64)
+	go func() {
+		epochCh <- 1
+		close(epochCh)
+	}()
+
+	users, err := mocks.userFetcher.Users()
+	require.NoError(t, err)
+	require.Len(t, users, 1)
+	cids := mocks.containerFetcher.containers[users[0]]
+	require.Len(t, cids, 2)
+
+	// emulate lifecycle container for one bucket
+	addr := mocks.treeFetcher.configurations[cids[0]]
+	obj := mocks.configurationFetcher.objects[addr]
+	addr.SetContainer(cidtest.ID())
+	mocks.treeFetcher.configurations[cids[0]] = addr
+	obj.SetContainerID(addr.Container())
+	mocks.configurationFetcher.objects[addr] = obj
+	mocks.configurationFetcher.lifecycleContainer = addr.Container()
+	mocks.configurationFetcher.enableBearerCheck = true
+
+	cfg := Config{
+		UserFetcher:       mocks.userFetcher,
+		ContainerFetcher:  mocks.containerFetcher,
+		FrostFSFetcher:    mocks.configurationFetcher,
+		CredentialSource:  mocks.credentialSource,
+		TreeFetcher:       mocks.treeFetcher,
+		Settings:          &settingsMock{},
+		CurrentLifecycler: key,
+		Logger:            log,
+		EpochChannel:      epochCh,
+	}
+
+	f := NewJobProvider(ctx, cfg)
+	var res []Job
+	for job := range f.Jobs() {
+		res = append(res, job)
+	}
+	require.Len(t, res, 2)
+}
+
 func TestFetcherCancel(t *testing.T) {
 	ctx, cancel := context.WithCancel(context.Background())
 	defer cancel()