Commit graph

89 commits

Author SHA1 Message Date
eb7be61798 [#91] go.mod: Bump go version to 1.22
Signed-off-by: Ekaterina Lebedeva <ekaterina.lebedeva@yadro.com>
2024-08-22 12:22:15 +03:00
a1386f6d25 [#90] engine: Fix ruleFound return value
It can be false if the first targets allows operation and the last one
returns NoRuleFound.

Found by @mbiryukova.
Introduced in #86.

Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2024-08-21 07:20:38 +00:00
2300995af2 [#88] iam: Support lifecycle actions in native map
All checks were successful
Tests and linters / Tests (1.21) (pull_request) Successful in 46s
Tests and linters / Tests (1.20) (pull_request) Successful in 49s
DCO action / DCO (pull_request) Successful in 49s
Tests and linters / Tests with -race (pull_request) Successful in 1m7s
Tests and linters / Lint (pull_request) Successful in 1m46s
Tests and linters / Staticcheck (pull_request) Successful in 1m43s
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-08-20 17:17:17 +03:00
a11e80e2c7 [#86] engine: Simplify multiple chains processing
All checks were successful
DCO action / DCO (pull_request) Successful in 43s
Tests and linters / Tests (1.21) (pull_request) Successful in 50s
Tests and linters / Tests (1.20) (pull_request) Successful in 55s
Tests and linters / Tests with -race (pull_request) Successful in 1m9s
Tests and linters / Staticcheck (pull_request) Successful in 1m38s
Tests and linters / Lint (pull_request) Successful in 1m46s
So, it's sunday evening and I am sitting on-call trying to debug strange
node behaviour. It took me 3 whole minutes to understand the code being
changed: it accumulates bools in slices, even though no slice is needed;
it uses subtle condition from the first loop to make decision in the
second one, and finally it uses named return values.

In this commit we remove the slice and the second loop, because why not.

Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2024-08-19 09:37:38 +03:00
Airat Arifullin
96225afacb [#85] schema: Introduce PatchObject method
All checks were successful
Tests and linters / Tests (1.20) (pull_request) Successful in 54s
Tests and linters / Tests (1.21) (pull_request) Successful in 52s
DCO action / DCO (pull_request) Successful in 50s
Tests and linters / Tests with -race (pull_request) Successful in 1m10s
Tests and linters / Lint (pull_request) Successful in 1m36s
Tests and linters / Staticcheck (pull_request) Successful in 1m37s
Signed-off-by: Airat Arifullin <aarifullin@yadro.com>
2024-08-14 11:02:54 +03:00
Airat Arifullin
2628f61849 [#84] schema: Introduce xheader property
All checks were successful
DCO action / DCO (pull_request) Successful in 1m11s
Tests and linters / Tests (1.21) (pull_request) Successful in 1m13s
Tests and linters / Tests (1.20) (pull_request) Successful in 1m24s
Tests and linters / Staticcheck (pull_request) Successful in 1m33s
Tests and linters / Tests with -race (pull_request) Successful in 1m44s
Tests and linters / Lint (pull_request) Successful in 2m24s
Signed-off-by: Airat Arifullin <aarifullin@yadro.com>
2024-07-12 11:14:03 +03:00
ac965e8d17 [#80] iam: Move resource tag to resource property
All checks were successful
DCO action / DCO (pull_request) Successful in 1m8s
Tests and linters / Tests (1.21) (pull_request) Successful in 1m3s
Tests and linters / Tests (1.20) (pull_request) Successful in 1m19s
Tests and linters / Staticcheck (pull_request) Successful in 1m27s
Tests and linters / Tests with -race (pull_request) Successful in 1m45s
Tests and linters / Lint (pull_request) Successful in 2m15s
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-06-11 13:29:30 +03:00
64e06f5b7c [#80] iam: Skip unsupported conditions in native chains
All checks were successful
DCO action / DCO (pull_request) Successful in 1m16s
Tests and linters / Tests (1.21) (pull_request) Successful in 1m30s
Tests and linters / Tests (1.20) (pull_request) Successful in 1m43s
Tests and linters / Tests with -race (pull_request) Successful in 1m51s
Tests and linters / Staticcheck (pull_request) Successful in 1m57s
Tests and linters / Lint (pull_request) Successful in 2m42s
Skip conditions with
* aws:RequestTag
* aws:ResourceTag
keys

Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-06-11 11:15:22 +03:00
303a81cdc6 [#78] iam: Don't check IP for private
All checks were successful
DCO action / DCO (pull_request) Successful in 1m15s
Tests and linters / Tests (1.21) (pull_request) Successful in 1m19s
Tests and linters / Tests (1.20) (pull_request) Successful in 1m26s
Tests and linters / Staticcheck (pull_request) Successful in 1m29s
Tests and linters / Tests with -race (pull_request) Successful in 1m45s
Tests and linters / Lint (pull_request) Successful in 2m35s
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-05-27 09:54:02 +03:00
Airat Arifullin
d7ed188f68 [#76] chain: Increase unit-test coverage for chain related types
All checks were successful
DCO action / DCO (pull_request) Successful in 1m8s
Tests and linters / Tests (1.20) (pull_request) Successful in 1m22s
Tests and linters / Tests (1.21) (pull_request) Successful in 1m17s
Tests and linters / Staticcheck (pull_request) Successful in 1m31s
Tests and linters / Tests with -race (pull_request) Successful in 1m43s
Tests and linters / Lint (pull_request) Successful in 2m17s
* Add more unit-test cases.

Signed-off-by: Airat Arifullin <aarifullin@yadro.com>
2024-05-22 15:08:11 +03:00
aarifullin
1f6f4163d4 [#71] docs: Introduce APE overview
Signed-off-by: Airat Arifullin <aarifullin@yadro.com>
2024-05-13 16:37:44 +00:00
Airat Arifullin
84c4872b20 [#75] chain: Refactor ObjectType type
All checks were successful
DCO action / DCO (pull_request) Successful in 1m11s
Tests and linters / Tests (1.20) (pull_request) Successful in 1m22s
Tests and linters / Tests (1.21) (pull_request) Successful in 1m29s
Tests and linters / Tests with -race (pull_request) Successful in 1m39s
Tests and linters / Staticcheck (pull_request) Successful in 1m40s
Tests and linters / Lint (pull_request) Successful in 2m29s
* Rename `ObjectType` to `Kind`;
* Rename `Object` field in `Condition` to `ConditionKind`;
* Regenerate easy-json marshalers/unmarshalers;
* Fix unit-tests

Signed-off-by: Airat Arifullin <aarifullin@yadro.com>
2024-05-13 17:36:17 +03:00
Airat Arifullin
e75200bb8e [#75] chain: Remove ContaierResource, ContainerRequest constants
Signed-off-by: Airat Arifullin <aarifullin@yadro.com>
2024-05-13 13:50:17 +03:00
2e7518c453 [#74] docs: Describe converters
All checks were successful
Tests and linters / Tests (1.20) (pull_request) Successful in 55s
Tests and linters / Tests (1.21) (pull_request) Successful in 1m5s
DCO action / DCO (pull_request) Successful in 58s
Tests and linters / Staticcheck (pull_request) Successful in 1m14s
Tests and linters / Tests with -race (pull_request) Successful in 1m31s
Tests and linters / Lint (pull_request) Successful in 2m16s
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-05-07 13:10:02 +03:00
2fa27b6557 [#72] chain/test: Refactor fuzz tests
Make it possible to execute fuzz tests with different backend, such as
go-fuzz which supports coverage collection.

Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2024-05-03 10:16:35 +00:00
38f947ac0a [#73] pre-commit: Use cached tests in hook
All checks were successful
DCO action / DCO (pull_request) Successful in 1m41s
Tests and linters / Tests (1.21) (pull_request) Successful in 1m45s
Tests and linters / Tests (1.20) (pull_request) Successful in 2m22s
Tests and linters / Staticcheck (pull_request) Successful in 2m35s
Tests and linters / Tests with -race (pull_request) Successful in 2m46s
Tests and linters / Lint (pull_request) Successful in 3m20s
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2024-05-02 18:15:53 +03:00
34c1eafa56 [#73] Makefile: Allow to override test flags
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2024-05-02 18:15:53 +03:00
84c15a559c [#73] pre-commit: Remove gitlint hook
It is annoying during local development and is unused on CI.

Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2024-05-02 18:15:53 +03:00
aarifullin
c539728641 [#62] morph: List morph rules chains by traversing iterator
* Make `ListMorphRuleChains` methods use `commonclient.ReadIteratorItems`.
* Introduce `ContractStorageActor` interface.
* Iterators are used because listing by `ListChainsByPrefix` may cause
  stack overflow from neo-go side (len(items) > 1024).

Signed-off-by: Airat Arifullin <aarifullin@yadro.com>
2024-04-26 06:20:43 +00:00
04a79f57ef [#70] iam: Support aws:MultiFactorAuthPresent key
All checks were successful
Tests and linters / Tests (1.20) (pull_request) Successful in 1m35s
DCO action / DCO (pull_request) Successful in 1m16s
Tests and linters / Tests (1.21) (pull_request) Successful in 1m32s
Tests and linters / Tests with -race (pull_request) Successful in 1m39s
Tests and linters / Staticcheck (pull_request) Successful in 1m51s
Tests and linters / Lint (pull_request) Successful in 2m32s
Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>
2024-04-16 10:17:28 +03:00
ff5d05ac92 [#67] chain: Support IPAddress conditions
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-04-15 12:52:41 +00:00
0e69e48511 [#64] engine: Add user and group targets
All checks were successful
DCO action / DCO (pull_request) Successful in 1m6s
Tests and linters / Tests (1.20) (pull_request) Successful in 1m19s
Tests and linters / Tests (1.21) (pull_request) Successful in 1m25s
Tests and linters / Tests with -race (pull_request) Successful in 1m41s
Tests and linters / Staticcheck (pull_request) Successful in 1m42s
Tests and linters / Lint (pull_request) Successful in 2m28s
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2024-04-12 16:07:34 +03:00
530248de75 [#69] iam: Extend native actions with tree service methods
All checks were successful
DCO action / DCO (pull_request) Successful in 1m19s
Tests and linters / Tests (1.20) (pull_request) Successful in 1m47s
Tests and linters / Tests (1.21) (pull_request) Successful in 1m54s
Tests and linters / Staticcheck (pull_request) Successful in 2m3s
Tests and linters / Tests with -race (pull_request) Successful in 2m13s
Tests and linters / Lint (pull_request) Successful in 3m24s
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-04-12 13:22:12 +03:00
b6a6816800 [#68] iam: Allow read object on delete operation
All checks were successful
DCO action / DCO (pull_request) Successful in 1m4s
Tests and linters / Tests (1.20) (pull_request) Successful in 1m19s
Tests and linters / Tests (1.21) (pull_request) Successful in 1m24s
Tests and linters / Tests with -race (pull_request) Successful in 1m40s
Tests and linters / Staticcheck (pull_request) Successful in 1m39s
Tests and linters / Lint (pull_request) Successful in 2m29s
We must be able to read s3 multipart object from storage
(to find out the parts it consists of)
to fully delete such multipart object

Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-04-12 09:57:53 +03:00
1f190e1668 [#58] iam: Fix native actions mapping
All checks were successful
DCO action / DCO (pull_request) Successful in 44s
Tests and linters / Tests (1.20) (pull_request) Successful in 59s
Tests and linters / Tests (1.21) (pull_request) Successful in 1m19s
Tests and linters / Staticcheck (pull_request) Successful in 1m26s
Tests and linters / Tests with -race (pull_request) Successful in 1m36s
Tests and linters / Lint (pull_request) Successful in 2m11s
We have to add native:PutObject when want to delete object
 because of tombstone must be created (it's a put operation)

Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-04-10 14:48:23 +03:00
67cf09f51d [#63] iam: Add formatters for resource/request tags
All checks were successful
Tests and linters / Tests (1.21) (pull_request) Successful in 1m21s
DCO action / DCO (pull_request) Successful in 1m13s
Tests and linters / Tests (1.20) (pull_request) Successful in 1m34s
Tests and linters / Tests with -race (pull_request) Successful in 1m44s
Tests and linters / Staticcheck (pull_request) Successful in 1m46s
Tests and linters / Lint (pull_request) Successful in 2m34s
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-04-10 11:14:57 +03:00
84c6be01de [#60] chain: Support numeric conditions
All checks were successful
DCO action / DCO (pull_request) Successful in 1m1s
Tests and linters / Tests (1.20) (pull_request) Successful in 1m17s
Tests and linters / Tests (1.21) (pull_request) Successful in 1m23s
Tests and linters / Tests with -race (pull_request) Successful in 1m42s
Tests and linters / Staticcheck (pull_request) Successful in 1m40s
Tests and linters / Lint (pull_request) Successful in 2m24s
Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>
2024-04-08 14:30:43 +03:00
67e4595a91 [#63] iam: Support tag keys
All checks were successful
Tests and linters / Tests (1.20) (pull_request) Successful in 1m20s
DCO action / DCO (pull_request) Successful in 1m10s
Tests and linters / Tests (1.21) (pull_request) Successful in 1m31s
Tests and linters / Tests with -race (pull_request) Successful in 1m52s
Tests and linters / Staticcheck (pull_request) Successful in 1m54s
Tests and linters / Lint (pull_request) Successful in 2m44s
Support:
* aws:PrincipalTag
* aws:ResourceTag
* aws:Request

Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-04-05 09:36:01 +03:00
42497ad242 [#59] router: Inmemory implementation should take empty name for "root"
All checks were successful
DCO action / DCO (pull_request) Successful in 1m0s
Tests and linters / Tests (1.21) (pull_request) Successful in 1m10s
Tests and linters / Tests (1.20) (pull_request) Successful in 1m27s
Tests and linters / Staticcheck (pull_request) Successful in 1m25s
Tests and linters / Tests with -race (pull_request) Successful in 1m41s
Tests and linters / Lint (pull_request) Successful in 2m18s
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-04-02 11:09:42 +03:00
1d51f2121d [#58] iam: Support more s3 actions
All checks were successful
DCO action / DCO (pull_request) Successful in 2m57s
Tests and linters / Tests (1.21) (pull_request) Successful in 2m43s
Tests and linters / Tests (1.20) (pull_request) Successful in 2m48s
Tests and linters / Staticcheck (pull_request) Successful in 2m58s
Tests and linters / Tests with -race (pull_request) Successful in 3m16s
Tests and linters / Lint (pull_request) Successful in 4m16s
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-04-01 17:18:20 +03:00
9040e48504 [#57] iam: Add policy validation checks
All checks were successful
Tests and linters / Tests (1.20) (pull_request) Successful in 2m56s
DCO action / DCO (pull_request) Successful in 3m34s
Tests and linters / Tests (1.21) (pull_request) Successful in 3m18s
Tests and linters / Tests with -race (pull_request) Successful in 3m20s
Tests and linters / Staticcheck (pull_request) Successful in 3m21s
Tests and linters / Lint (pull_request) Successful in 4m37s
Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>
2024-03-11 16:12:47 +03:00
2ec958cbfd [#56] storage: Allow to remove all chains by target
All checks were successful
DCO action / DCO (pull_request) Successful in 1m16s
Tests and linters / Tests (1.20) (pull_request) Successful in 1m20s
Tests and linters / Tests (1.21) (pull_request) Successful in 1m24s
Tests and linters / Tests with -race (pull_request) Successful in 1m36s
Tests and linters / Staticcheck (pull_request) Successful in 1m38s
Tests and linters / Lint (pull_request) Successful in 2m38s
Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com>
2024-03-07 18:11:06 +03:00
8cb2de05ab [#56] Fix pre-commit issue
Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com>
2024-03-07 18:01:50 +03:00
aarifullin
c13ed8447a [#52] morph: Extend MorphRuleChainStorage interface with ListTargetsIterator
All checks were successful
DCO action / DCO (pull_request) Successful in 1m3s
Tests and linters / Tests (1.21) (pull_request) Successful in 55s
Tests and linters / Tests with -race (pull_request) Successful in 1m25s
Tests and linters / Staticcheck (pull_request) Successful in 1m26s
Tests and linters / Lint (pull_request) Successful in 2m42s
Tests and linters / Tests (1.20) (pull_request) Successful in 1m29s
* Update frostfs-contract package version in go.mod.
* Extend MorphRuleChainStorage interface with ListTargetsIterator and
  introduce its implementation.
* Check targets in inmemory implementation unit-tests.

Signed-off-by: Airat Arifullin <aarifullin@yadro.com>
2024-03-05 10:17:28 +03:00
aarifullin
839f22e1a3 [#55] router: Inmemory implementation should take empty name for "root"
All checks were successful
DCO action / DCO (pull_request) Successful in 1m6s
Tests and linters / Tests (1.20) (pull_request) Successful in 1m29s
Tests and linters / Tests (1.21) (pull_request) Successful in 1m33s
Tests and linters / Staticcheck (pull_request) Successful in 1m53s
Tests and linters / Tests with -race (pull_request) Successful in 2m10s
Tests and linters / Lint (pull_request) Successful in 4m31s
Signed-off-by: Airat Arifullin <aarifullin@yadro.com>
2024-03-04 18:12:11 +03:00
aarifullin
cf1f091e26 [#54] morph: Introduce ContractStorageReader
* Implement MorphRuleChainStorageReader interface to make
  possible to read from Policy contract without wallets.

Signed-off-by: Airat Arifullin <aarifullin@yadro.com>
2024-03-01 08:05:25 +00:00
aarifullin
9e66ce59c6 [#54] morph: Revise MorphRuleChainStorage interface
* Split MorphRuleChainStorage interface by moving read-only
  methods to a separate interface MorphRuleChainStorageReader.

Signed-off-by: Airat Arifullin <aarifullin@yadro.com>
2024-03-01 08:05:25 +00:00
c960b1b088 [#53] iam: Extend support s3 to native actions
All checks were successful
DCO action / DCO (pull_request) Successful in 49s
Tests and linters / Tests (1.20) (pull_request) Successful in 1m18s
Tests and linters / Tests (1.21) (pull_request) Successful in 1m13s
Tests and linters / Staticcheck (pull_request) Successful in 1m11s
Tests and linters / Tests with -race (pull_request) Successful in 1m43s
Tests and linters / Lint (pull_request) Successful in 2m4s
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-02-26 12:42:15 +03:00
aarifullin
8354a074c4 [#49] engine: Fix target considering order
All checks were successful
DCO action / DCO (pull_request) Successful in 1m3s
Tests and linters / Tests (1.21) (pull_request) Successful in 1m12s
Tests and linters / Tests (1.20) (pull_request) Successful in 1m18s
Tests and linters / Staticcheck (pull_request) Successful in 1m23s
Tests and linters / Tests with -race (pull_request) Successful in 1m32s
Tests and linters / Lint (pull_request) Successful in 2m16s
* Namespace target rules should be considered first

Signed-off-by: Airat Arifullin <aarifullin@yadro.com>
2024-02-06 14:12:36 +03:00
4a989d6bb7 [#50] .fordejo: Update DCO action
All checks were successful
DCO action / DCO (pull_request) Successful in 1m38s
Tests and linters / Tests (1.21) (pull_request) Successful in 1m31s
Tests and linters / Tests (1.20) (pull_request) Successful in 1m49s
Tests and linters / Tests with -race (pull_request) Successful in 1m59s
Tests and linters / Staticcheck (pull_request) Successful in 2m0s
Tests and linters / Lint (pull_request) Successful in 3m21s
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2024-02-06 12:58:42 +03:00
0edc002441 [#46] iam: Handle s3 complex actions
All checks were successful
DCO action / DCO (pull_request) Successful in 59s
Tests and linters / Tests (1.21) (pull_request) Successful in 1m11s
Tests and linters / Tests (1.20) (pull_request) Successful in 1m17s
Tests and linters / Staticcheck (pull_request) Successful in 1m24s
Tests and linters / Tests with -race (pull_request) Successful in 1m33s
Tests and linters / Lint (pull_request) Successful in 2m17s
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-02-01 17:19:00 +03:00
1cdb3e5a4a [#46] iam: Support more s3 to native actions mapping
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-02-01 17:18:55 +03:00
af388779a3 [#46] iam: Shrink rules for wildcard cases
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-01-29 11:50:24 +03:00
8cc5173d73 [#46] iam: Support namespaces when forming native rules
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-01-29 11:50:24 +03:00
2af381ae81 [#46] iam: Error if policy doesn't have actions
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-01-29 11:50:24 +03:00
8d21ab2d99 [#43] engine: Extend with target listing method
All checks were successful
DCO action / DCO (pull_request) Successful in 1m0s
Tests and linters / Tests (1.21) (pull_request) Successful in 1m1s
Tests and linters / Tests (1.20) (pull_request) Successful in 1m16s
Tests and linters / Staticcheck (pull_request) Successful in 1m24s
Tests and linters / Tests with -race (pull_request) Successful in 1m33s
Tests and linters / Lint (pull_request) Successful in 2m15s
Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com>
2024-01-29 09:41:40 +03:00
0a28f0a992 [#1] gitattributes: Add easyjson files rules
All checks were successful
DCO action / DCO (pull_request) Successful in 1m11s
Tests and linters / Tests (1.21) (pull_request) Successful in 1m3s
Tests and linters / Tests (1.20) (pull_request) Successful in 1m18s
Tests and linters / Tests with -race (pull_request) Successful in 1m35s
Tests and linters / Staticcheck (pull_request) Successful in 1m31s
Tests and linters / Lint (pull_request) Successful in 2m16s
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2024-01-24 11:04:03 +03:00
dd0f582fc3 [#1] chain: Fix ID type from string to bytes
ID may be non UTF-8 string, so from developers POV
it is just byte slice.

Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2024-01-24 11:04:03 +03:00
5f13d91c0d [#1] native: Fix typo in owner value
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2024-01-24 11:04:03 +03:00
88c2a476b0 [#1] chain: Add json marshal/unmarshal
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2024-01-24 11:04:03 +03:00