a-savchuk/frostfs-node
1
0
Fork 0
forked from TrueCloudLab/frostfs-node
Code Pull requests Activity

[#1428] node/acl: Make container ID as required param

Browse source 
Change pointer to value in request information since requests could not
exist without container ID.

Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
This commit is contained in:
Pavel Karpy 2022-05-24 18:28:48 +03:00 committed by LeL
parent 6cb9c13c5e
commit d69eb2aaf3
5 changed files with 14 additions and 21 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
pkg/services/object/acl/acl.go
View file

@ -144,10 +144,11 @@ func (c *Checker) CheckEACL(msg interface{}, reqInfo v2.RequestInfo) error {
}
var table eaclSDK.Table
cid := reqInfo.ContainerID()
bearerTok := reqInfo.Bearer()
if bearerTok == nil {
pTable, err := c.eaclSrc.GetEACL(reqInfo.ContainerID())
pTable, err := c.eaclSrc.GetEACL(&cid)
if err != nil {
if errors.Is(err, container.ErrEACLNotFound) {
return nil
@ -168,7 +169,7 @@ func (c *Checker) CheckEACL(msg interface{}, reqInfo v2.RequestInfo) error {
hdrSrcOpts := make([]eaclV2.Option, 0, 3)
addr := addressSDK.NewAddress()
addr.SetContainerID(*reqInfo.ContainerID())
addr.SetContainerID(cid)
addr.SetObjectID(*reqInfo.ObjectID())
hdrSrcOpts = append(hdrSrcOpts,
@ -195,7 +196,7 @@ func (c *Checker) CheckEACL(msg interface{}, reqInfo v2.RequestInfo) error {
action := c.validator.CalculateAction(new(eaclSDK.ValidationUnit).
WithRole(reqInfo.RequestRole()).
WithOperation(reqInfo.Operation()).
WithContainerID(reqInfo.ContainerID()).
WithContainerID(&cid).
WithSenderKey(reqInfo.SenderKey()).
WithHeaderSource(hdrSrc).
WithEACLTable(&table),

8
pkg/services/object/acl/v2/classifier.go
View file

@ -19,8 +19,6 @@ type senderClassifier struct {
netmap core.Source
}
var errContainerIDNotSet = errors.New("container id is not set")
type classifyResult struct {
role eaclSDK.Role
isIR bool
@ -29,12 +27,8 @@ type classifyResult struct {
func (c senderClassifier) classify(
req MetaWithToken,
idCnr *cidSDK.ID,
idCnr cidSDK.ID,
cnr *container.Container) (res *classifyResult, err error) {
if idCnr == nil {
return nil, errContainerIDNotSet
}
ownerCnr := cnr.OwnerID()
if ownerCnr == nil {
return nil, errors.New("missing container owner")

4
pkg/services/object/acl/v2/request.go
View file

@ -23,7 +23,7 @@ type RequestInfo struct {
operation eaclSDK.Operation // put, get, head, etc.
cnrOwner *user.ID // container owner
idCnr *containerIDSDK.ID
idCnr containerIDSDK.ID
oid *oidSDK.ID
@ -62,7 +62,7 @@ func (r RequestInfo) ObjectID() *oidSDK.ID {
}
// ContainerID return container ID.
func (r RequestInfo) ContainerID() *containerIDSDK.ID {
func (r RequestInfo) ContainerID() containerIDSDK.ID {
return r.idCnr
}

6
pkg/services/object/acl/v2/service.go
View file

@ -202,8 +202,6 @@ func (b Service) Head(
}
func (b Service) Search(request *objectV2.SearchRequest, stream object.SearchStream) error {
var id *cidSDK.ID
id, err := getContainerIDFromRequest(request)
if err != nil {
return err
@ -442,9 +440,9 @@ func (g *searchStreamBasicChecker) Send(resp *objectV2.SearchResponse) error {
func (b Service) findRequestInfo(
req MetaWithToken,
cid *cidSDK.ID,
cid cidSDK.ID,
op eaclSDK.Operation) (info RequestInfo, err error) {
cnr, err := b.containers.Get(cid) // fetch actual container
cnr, err := b.containers.Get(&cid) // fetch actual container
if err != nil {
return info, err
} else if cnr.OwnerID() == nil {

10
pkg/services/object/acl/v2/util.go
View file

@ -20,9 +20,9 @@ import (
var errMissingContainerID = errors.New("missing container ID")
func getContainerIDFromRequest(req interface{}) (*containerIDSDK.ID, error) {
func getContainerIDFromRequest(req interface{}) (containerIDSDK.ID, error) {
var idV2 *refsV2.ContainerID
id := new(containerIDSDK.ID)
var id containerIDSDK.ID
switch v := req.(type) {
case *objectV2.GetRequest:
@ -30,7 +30,7 @@ func getContainerIDFromRequest(req interface{}) (*containerIDSDK.ID, error) {
case *objectV2.PutRequest:
part, ok := v.GetBody().GetObjectPart().(*objectV2.PutObjectPartInit)
if !ok {
return nil, errors.New("can't get container ID in chunk")
return containerIDSDK.ID{}, errors.New("can't get container ID in chunk")
}
idV2 = part.GetHeader().GetContainerID()
@ -45,11 +45,11 @@ func getContainerIDFromRequest(req interface{}) (*containerIDSDK.ID, error) {
case *objectV2.GetRangeHashRequest:
idV2 = v.GetBody().GetAddress().GetContainerID()
default:
return nil, errors.New("unknown request type")
return containerIDSDK.ID{}, errors.New("unknown request type")
}
if idV2 == nil {
return nil, errMissingContainerID
return containerIDSDK.ID{}, errMissingContainerID
}
return id, id.ReadFromV2(*idV2)