[#267] add no rule found object and morph chain
Some checks failed
DCO action / DCO (pull_request) Has been cancelled
Some checks failed
DCO action / DCO (pull_request) Has been cancelled
This commit is contained in:
parent
d2f8323fb9
commit
18b8d6ba46
3 changed files with 128 additions and 1 deletions
|
@ -22,4 +22,4 @@ class FrostfsAdm:
|
||||||
self.storage_config = FrostfsAdmStorageConfig(
|
self.storage_config = FrostfsAdmStorageConfig(
|
||||||
shell, frostfs_adm_exec_path, config=config_file
|
shell, frostfs_adm_exec_path, config=config_file
|
||||||
)
|
)
|
||||||
self.version = FrostfsAdmVersion(shell, frostfs_adm_exec_path, config=config_file)
|
self.version = FrostfsAdmVersion(shell, frostfs_adm_exec_path, config=config_file)
|
|
@ -350,3 +350,129 @@ class FrostfsAdmMorph(CliCommand):
|
||||||
if param not in ["self", "node_netmap_keys"]
|
if param not in ["self", "node_netmap_keys"]
|
||||||
},
|
},
|
||||||
)
|
)
|
||||||
|
|
||||||
|
def add_rule(
|
||||||
|
self,
|
||||||
|
endpoint: str,
|
||||||
|
chain_id: str,
|
||||||
|
target_name: str,
|
||||||
|
target_type: str,
|
||||||
|
rule: Optional[list[str]] = None,
|
||||||
|
path: Optional[str] = None,
|
||||||
|
chain_id_hex: Optional[bool] = None,
|
||||||
|
wallet: Optional[str] = None,
|
||||||
|
address: Optional[str] = None,
|
||||||
|
timeout: Optional[str] = None,
|
||||||
|
) -> CommandResult:
|
||||||
|
"""Drop objects from the node's local storage
|
||||||
|
|
||||||
|
Args:
|
||||||
|
address: Address of wallet account
|
||||||
|
chain-id: Assign ID to the parsed chain
|
||||||
|
chain-id-hex: Flag to parse chain ID as hex
|
||||||
|
endpoint: Remote node control address (as 'multiaddr' or '<host>:<port>')
|
||||||
|
path: Path to encoded chain in JSON or binary format
|
||||||
|
rule: Rule statement
|
||||||
|
target-name: Resource name in APE resource name format
|
||||||
|
target-type: Resource type(container/namespace)
|
||||||
|
timeout: Timeout for an operation (default 15s)
|
||||||
|
wallet: Path to the wallet or binary key
|
||||||
|
|
||||||
|
Returns:
|
||||||
|
Command`s result.
|
||||||
|
"""
|
||||||
|
return self._execute(
|
||||||
|
"control add-rule",
|
||||||
|
**{param: value for param, value in locals().items() if param not in ["self"]},
|
||||||
|
)
|
||||||
|
|
||||||
|
def get_rule(
|
||||||
|
self,
|
||||||
|
endpoint: str,
|
||||||
|
chain_id: str,
|
||||||
|
target_name: str,
|
||||||
|
target_type: str,
|
||||||
|
chain_id_hex: Optional[bool] = None,
|
||||||
|
wallet: Optional[str] = None,
|
||||||
|
address: Optional[str] = None,
|
||||||
|
timeout: Optional[str] = None,
|
||||||
|
) -> CommandResult:
|
||||||
|
"""Drop objects from the node's local storage
|
||||||
|
|
||||||
|
Args:
|
||||||
|
address string Address of wallet account
|
||||||
|
chain-id string Chain id
|
||||||
|
chain-id-hex Flag to parse chain ID as hex
|
||||||
|
endpoint string Remote node control address (as 'multiaddr' or '<host>:<port>')
|
||||||
|
target-name string Resource name in APE resource name format
|
||||||
|
target-type string Resource type(container/namespace)
|
||||||
|
timeout duration Timeout for an operation (default 15s)
|
||||||
|
wallet string Path to the wallet or binary key
|
||||||
|
|
||||||
|
Returns:
|
||||||
|
Command`s result.
|
||||||
|
"""
|
||||||
|
return self._execute(
|
||||||
|
"control get-rule",
|
||||||
|
**{param: value for param, value in locals().items() if param not in ["self"]},
|
||||||
|
)
|
||||||
|
|
||||||
|
def list_rules(
|
||||||
|
self,
|
||||||
|
target_type: str,
|
||||||
|
target_name: Optional[str] = None,
|
||||||
|
rpc_endpoint: Optional[str] = None,
|
||||||
|
wallet: Optional[str] = None,
|
||||||
|
address: Optional[str] = None,
|
||||||
|
timeout: Optional[str] = None,
|
||||||
|
) -> CommandResult:
|
||||||
|
"""Drop objects from the node's local storage
|
||||||
|
|
||||||
|
Args:
|
||||||
|
address: Address of wallet account
|
||||||
|
endpoint: Remote node control address (as 'multiaddr' or '<host>:<port>')
|
||||||
|
target-name: Resource name in APE resource name format
|
||||||
|
target-type: Resource type(container/namespace)
|
||||||
|
timeout: Timeout for an operation (default 15s)
|
||||||
|
wallet: Path to the wallet or binary key
|
||||||
|
|
||||||
|
Returns:
|
||||||
|
Command`s result.
|
||||||
|
"""
|
||||||
|
return self._execute(
|
||||||
|
"morph ape list-rule-chains",
|
||||||
|
**{param: value for param, value in locals().items() if param not in ["self"]},
|
||||||
|
)
|
||||||
|
|
||||||
|
def remove_rule(
|
||||||
|
self,
|
||||||
|
endpoint: str,
|
||||||
|
chain_id: str,
|
||||||
|
target_name: str,
|
||||||
|
target_type: str,
|
||||||
|
all: Optional[bool] = None,
|
||||||
|
chain_id_hex: Optional[bool] = None,
|
||||||
|
wallet: Optional[str] = None,
|
||||||
|
address: Optional[str] = None,
|
||||||
|
timeout: Optional[str] = None,
|
||||||
|
) -> CommandResult:
|
||||||
|
"""Drop objects from the node's local storage
|
||||||
|
|
||||||
|
Args:
|
||||||
|
address: Address of wallet account
|
||||||
|
all: Remove all chains
|
||||||
|
chain-id: Assign ID to the parsed chain
|
||||||
|
chain-id-hex: Flag to parse chain ID as hex
|
||||||
|
endpoint: Remote node control address (as 'multiaddr' or '<host>:<port>')
|
||||||
|
target-name: Resource name in APE resource name format
|
||||||
|
target-type: Resource type(container/namespace)
|
||||||
|
timeout: Timeout for an operation (default 15s)
|
||||||
|
wallet: Path to the wallet or binary key
|
||||||
|
|
||||||
|
Returns:
|
||||||
|
Command`s result.
|
||||||
|
"""
|
||||||
|
return self._execute(
|
||||||
|
"control remove-rule",
|
||||||
|
**{param: value for param, value in locals().items() if param not in ["self"]},
|
||||||
|
)
|
|
@ -29,3 +29,4 @@ S3_MALFORMED_XML_REQUEST = "The XML you provided was not well-formed or did not
|
||||||
RULE_ACCESS_DENIED_CONTAINER = "access to container operation {operation} is denied by access policy engine: Access denied"
|
RULE_ACCESS_DENIED_CONTAINER = "access to container operation {operation} is denied by access policy engine: Access denied"
|
||||||
RULE_ACCESS_DENIED_OBJECT = "access to object operation denied: ape denied request: method {operation}: Access denied"
|
RULE_ACCESS_DENIED_OBJECT = "access to object operation denied: ape denied request: method {operation}: Access denied"
|
||||||
NO_RULE_FOUND_CONTAINER = "access to container operation {operation} is denied by access policy engine: NoRuleFound"
|
NO_RULE_FOUND_CONTAINER = "access to container operation {operation} is denied by access policy engine: NoRuleFound"
|
||||||
|
NO_RULE_FOUND_OBJECT = "access to object operation denied: ape denied request: method {operation}: NoRuleFound"
|
||||||
|
|
Loading…
Reference in a new issue