Introduce apemanager rpc interface #215
4 changed files with 213 additions and 0 deletions
52
apemanager/chain.go
Normal file
52
apemanager/chain.go
Normal file
|
@ -0,0 +1,52 @@
|
|||
package apemanager
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"fmt"
|
||||
|
||||
apemanager_v2 "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/apemanager"
|
||||
)
|
||||
|
||||
var (
|
||||
ErrInvalidChainRepresentation = errors.New("invalid chain representation")
|
||||
)
|
||||
|
||||
// ChainID is Chain's identifier.
|
||||
type ChainID []byte
|
||||
|
||||
// Chain is an SDK representation for v2's Chain.
|
||||
//
|
||||
// Note that Chain (as well as v2's Chain) and all related entities
|
||||
// are NOT operated by Access-Policy-Engine (APE). The client is responsible
|
||||
// to convert these types to policy-engine entities.
|
||||
type Chain struct {
|
||||
// Raw is the encoded chain kind.
|
||||
// It assumes that Raw's bytes are the result of encoding provided by
|
||||
// policy-engine package.
|
||||
Raw []byte
|
||||
}
|
||||
|
||||
// ToV2 converts Chain to v2.
|
||||
func (c *Chain) ToV2() *apemanager_v2.Chain {
|
||||
v2ct := new(apemanager_v2.Chain)
|
||||
|
||||
if c.Raw != nil {
|
||||
v2Raw := new(apemanager_v2.ChainRaw)
|
||||
v2Raw.SetRaw(c.Raw)
|
||||
v2ct.SetKind(v2Raw)
|
||||
}
|
||||
|
||||
return v2ct
|
||||
}
|
||||
|
||||
// ReadFromV2 fills Chain from v2.
|
||||
func (c *Chain) ReadFromV2(v2ct *apemanager_v2.Chain) error {
|
||||
switch v := v2ct.GetKind().(type) {
|
||||
default:
|
||||
return fmt.Errorf("unsupported chain kind: %T", v)
|
||||
case *apemanager_v2.ChainRaw:
|
||||
raw := v.GetRaw()
|
||||
c.Raw = raw
|
||||
}
|
||||
return nil
|
||||
}
|
53
apemanager/chain_target.go
Normal file
53
apemanager/chain_target.go
Normal file
|
@ -0,0 +1,53 @@
|
|||
package apemanager
|
||||
|
||||
import (
|
||||
apemanager_v2 "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/apemanager"
|
||||
)
|
||||
|
||||
// TargetType is an SDK representation for v2's TargetType.
|
||||
type TargetType apemanager_v2.TargetType
|
||||
|
||||
const (
|
||||
TargetTypeUndefined TargetType = iota
|
||||
TargetTypeNamespace
|
||||
TargetTypeContainer
|
||||
TargetTypeUser
|
||||
TargetTypeGroup
|
||||
)
|
||||
|
||||
// ToV2 converts TargetType to v2.
|
||||
func (targetType TargetType) ToV2() apemanager_v2.TargetType {
|
||||
return apemanager_v2.TargetType(targetType)
|
||||
}
|
||||
|
||||
// FromV2 reads TargetType to v2.
|
||||
func (targetType *TargetType) FromV2(v2targetType apemanager_v2.TargetType) {
|
||||
*targetType = TargetType(v2targetType)
|
||||
}
|
||||
|
||||
// ChainTarget is an SDK representation for v2's ChainTarget.
|
||||
//
|
||||
// Note that ChainTarget (as well as v2's ChainTarget) and all related entities
|
||||
// are NOT operated by Access-Policy-Engine (APE). The client is responsible
|
||||
// to convert these types to policy-engine entities.
|
||||
type ChainTarget struct {
|
||||
TargetType TargetType
|
||||
|
||||
Name string
|
||||
}
|
||||
|
||||
// ToV2 converts ChainTarget to v2.
|
||||
func (ct *ChainTarget) ToV2() *apemanager_v2.ChainTarget {
|
||||
v2ct := new(apemanager_v2.ChainTarget)
|
||||
|
||||
v2ct.SetTargetType(ct.TargetType.ToV2())
|
||||
v2ct.SetName(ct.Name)
|
||||
|
||||
return v2ct
|
||||
}
|
||||
|
||||
// FromV2 reads ChainTarget frpm v2.
|
||||
func (ct *ChainTarget) FromV2(v2ct *apemanager_v2.ChainTarget) {
|
||||
ct.TargetType.FromV2(v2ct.GetTargetType())
|
||||
ct.Name = v2ct.GetName()
|
||||
}
|
65
apemanager/chain_target_test.go
Normal file
65
apemanager/chain_target_test.go
Normal file
|
@ -0,0 +1,65 @@
|
|||
package apemanager_test
|
||||
|
||||
import (
|
||||
"testing"
|
||||
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/apemanager"
|
||||
"github.com/stretchr/testify/require"
|
||||
|
||||
apemanager_v2 "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/apemanager"
|
||||
)
|
||||
|
||||
var (
|
||||
m = map[apemanager.TargetType]apemanager_v2.TargetType{
|
||||
apemanager.TargetTypeUndefined: apemanager_v2.TargetTypeUndefined,
|
||||
apemanager.TargetTypeNamespace: apemanager_v2.TargetTypeNamespace,
|
||||
apemanager.TargetTypeContainer: apemanager_v2.TargetTypeContainer,
|
||||
apemanager.TargetTypeUser: apemanager_v2.TargetTypeUser,
|
||||
apemanager.TargetTypeGroup: apemanager_v2.TargetTypeGroup,
|
||||
}
|
||||
)
|
||||
|
||||
func TestTargetType(t *testing.T) {
|
||||
for typesdk, typev2 := range m {
|
||||
t.Run("from sdk to v2 "+typev2.String(), func(t *testing.T) {
|
||||
v2 := typesdk.ToV2()
|
||||
require.Equal(t, v2, typev2)
|
||||
})
|
||||
|
||||
t.Run("from v2 to sdk "+typev2.String(), func(t *testing.T) {
|
||||
var typ apemanager.TargetType
|
||||
typ.FromV2(typev2)
|
||||
require.Equal(t, typesdk, typ)
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
func TestChainTarget(t *testing.T) {
|
||||
var (
|
||||
typ = apemanager.TargetTypeNamespace
|
||||
name = "namespaceXXYYZZ"
|
||||
)
|
||||
|
||||
t.Run("from sdk to v2", func(t *testing.T) {
|
||||
ct := apemanager.ChainTarget{
|
||||
TargetType: typ,
|
||||
Name: name,
|
||||
}
|
||||
|
||||
v2 := ct.ToV2()
|
||||
require.Equal(t, m[typ], v2.GetTargetType())
|
||||
require.Equal(t, name, v2.GetName())
|
||||
})
|
||||
|
||||
t.Run("from v2 to sdk", func(t *testing.T) {
|
||||
v2 := &apemanager_v2.ChainTarget{}
|
||||
v2.SetTargetType(m[typ])
|
||||
v2.SetName(name)
|
||||
|
||||
var ct apemanager.ChainTarget
|
||||
ct.FromV2(v2)
|
||||
|
||||
require.Equal(t, typ, ct.TargetType)
|
||||
require.Equal(t, name, ct.Name)
|
||||
})
|
||||
}
|
43
apemanager/chain_test.go
Normal file
43
apemanager/chain_test.go
Normal file
|
@ -0,0 +1,43 @@
|
|||
package apemanager_test
|
||||
|
||||
import (
|
||||
"testing"
|
||||
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/apemanager"
|
||||
"github.com/stretchr/testify/require"
|
||||
|
||||
apemanager_v2 "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/apemanager"
|
||||
)
|
||||
|
||||
const (
|
||||
encoded = `{"ID":"","Rules":[{"Status":"Allow","Actions":{"Inverted":false,"Names":["GetObject"]},"Resources":{"Inverted":false,"Names":["native:object/*"]},"Any":false,"Condition":[{"Op":"StringEquals","Object":"Resource","Key":"Department","Value":"HR"}]}],"MatchType":"DenyPriority"}`
|
||||
)
|
||||
|
||||
func TestChainData(t *testing.T) {
|
||||
t.Run("raw chain", func(t *testing.T) {
|
||||
var c apemanager.Chain
|
||||
|
||||
b := []byte(encoded)
|
||||
c.Raw = b
|
||||
|
||||
v2, ok := c.ToV2().GetKind().(*apemanager_v2.ChainRaw)
|
||||
require.True(t, ok)
|
||||
require.Equal(t, b, v2.Raw)
|
||||
})
|
||||
}
|
||||
|
||||
func TestChainMessageV2(t *testing.T) {
|
||||
b := []byte(encoded)
|
||||
|
||||
v2Raw := &apemanager_v2.ChainRaw{}
|
||||
v2Raw.SetRaw(b)
|
||||
|
||||
v2 := &apemanager_v2.Chain{}
|
||||
v2.SetKind(v2Raw)
|
||||
|
||||
var c apemanager.Chain
|
||||
c.ReadFromV2(v2)
|
||||
|
||||
require.NotNil(t, c.Raw)
|
||||
require.Equal(t, b, c.Raw)
|
||||
}
|
Loading…
Reference in a new issue