From 482c5129ac37f1b816afbadfed4c231c3a53a24f Mon Sep 17 00:00:00 2001 From: Airat Arifullin Date: Mon, 20 May 2024 16:19:00 +0300 Subject: [PATCH] [#1142] object: Fill APE-request with source IP property Signed-off-by: Airat Arifullin --- pkg/services/object/ape/request.go | 9 +++++++++ pkg/services/object/ape/request_test.go | 16 +++++++++++++++- 2 files changed, 24 insertions(+), 1 deletion(-) diff --git a/pkg/services/object/ape/request.go b/pkg/services/object/ape/request.go index 71a9aec2..02ead8c6 100644 --- a/pkg/services/object/ape/request.go +++ b/pkg/services/object/ape/request.go @@ -4,6 +4,7 @@ import ( "context" "crypto/sha256" "fmt" + "net" "strconv" objectV2 "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/object" @@ -15,8 +16,10 @@ import ( objectSDK "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object" oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id" "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user" + commonschema "git.frostfs.info/TrueCloudLab/policy-engine/schema/common" nativeschema "git.frostfs.info/TrueCloudLab/policy-engine/schema/native" "github.com/nspcc-dev/neo-go/pkg/crypto/keys" + "google.golang.org/grpc/peer" ) var defaultRequest = aperequest.Request{} @@ -129,6 +132,12 @@ func (c *checkerImpl) newAPERequest(ctx context.Context, prm Prm) (aperequest.Re return defaultRequest, err } + if p, ok := peer.FromContext(ctx); ok { + if tcpAddr, ok := p.Addr.(*net.TCPAddr); ok { + reqProps[commonschema.PropertyKeyFrostFSSourceIP] = tcpAddr.IP.String() + } + } + return aperequest.NewRequest( prm.Method, aperequest.NewResource( diff --git a/pkg/services/object/ape/request_test.go b/pkg/services/object/ape/request_test.go index 5c74e7d1..9dad69d1 100644 --- a/pkg/services/object/ape/request_test.go +++ b/pkg/services/object/ape/request_test.go @@ -3,6 +3,7 @@ package ape import ( "context" "fmt" + "net" "testing" objectV2 "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/object" @@ -14,12 +15,24 @@ import ( commonschema "git.frostfs.info/TrueCloudLab/policy-engine/schema/common" nativeschema "git.frostfs.info/TrueCloudLab/policy-engine/schema/native" "github.com/stretchr/testify/require" + "google.golang.org/grpc/peer" ) const ( testOwnerID = "FPPtmAi9TCX329" + + incomingIP = "192.92.33.1" ) +func ctxWithPeerInfo() context.Context { + return peer.NewContext(context.Background(), &peer.Peer{ + Addr: &net.TCPAddr{ + IP: net.ParseIP(incomingIP), + Port: 41111, + }, + }) +} + func TestObjectProperties(t *testing.T) { for _, test := range []struct { name string @@ -253,7 +266,7 @@ func TestNewAPERequest(t *testing.T) { frostFSIDClient: ffidProvider, } - r, err := c.newAPERequest(context.TODO(), prm) + r, err := c.newAPERequest(ctxWithPeerInfo(), prm) if test.expectErr != nil { require.Error(t, err) require.ErrorIs(t, err, test.expectErr) @@ -276,6 +289,7 @@ func TestNewAPERequest(t *testing.T) { fmt.Sprintf(commonschema.PropertyKeyFormatFrostFSIDUserClaim, "tag-attr1"): "value1", fmt.Sprintf(commonschema.PropertyKeyFormatFrostFSIDUserClaim, "tag-attr2"): "value2", commonschema.PropertyKeyFrostFSIDGroupID: "1", + commonschema.PropertyKeyFrostFSSourceIP: incomingIP, }, )