forked from TrueCloudLab/frostfs-node
[#851] ape: Initialize and use policy contract interface
* Replace inmemory policy contract mock by initialized policy contract interface. Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
This commit is contained in:
parent
bdd43f6211
commit
6e6eb92d17
7 changed files with 20 additions and 5 deletions
|
@ -70,7 +70,7 @@ import (
|
||||||
objectSDK "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object"
|
objectSDK "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object"
|
||||||
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
|
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
|
||||||
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/version"
|
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/version"
|
||||||
"git.frostfs.info/TrueCloudLab/policy-engine/pkg/engine/inmemory"
|
policy_client "git.frostfs.info/TrueCloudLab/policy-engine/pkg/morph/policy"
|
||||||
"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
|
"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
|
||||||
neogoutil "github.com/nspcc-dev/neo-go/pkg/util"
|
neogoutil "github.com/nspcc-dev/neo-go/pkg/util"
|
||||||
"github.com/panjf2000/ants/v2"
|
"github.com/panjf2000/ants/v2"
|
||||||
|
@ -545,6 +545,8 @@ type cfgLocalStorage struct {
|
||||||
}
|
}
|
||||||
|
|
||||||
type cfgAccessPolicyEngine struct {
|
type cfgAccessPolicyEngine struct {
|
||||||
|
policyContractHash neogoutil.Uint160
|
||||||
|
|
||||||
accessPolicyEngine *accessPolicyEngine
|
accessPolicyEngine *accessPolicyEngine
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -999,7 +1001,9 @@ func initAccessPolicyEngine(_ context.Context, c *cfg) {
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
||||||
morphRuleStorage := inmemory.NewInmemoryMorphRuleChainStorage()
|
morphRuleStorage := policy_client.NewContractStorage(
|
||||||
|
c.cfgMorph.client.GetActor(),
|
||||||
|
c.cfgObject.cfgAccessPolicyEngine.policyContractHash)
|
||||||
|
|
||||||
ape := newAccessPolicyEngine(morphRuleStorage, localOverrideDB)
|
ape := newAccessPolicyEngine(morphRuleStorage, localOverrideDB)
|
||||||
c.cfgObject.cfgAccessPolicyEngine.accessPolicyEngine = ape
|
c.cfgObject.cfgAccessPolicyEngine.accessPolicyEngine = ape
|
||||||
|
|
|
@ -98,14 +98,15 @@ func initApp(ctx context.Context, c *cfg) {
|
||||||
fatalOnErr(c.cfgObject.cfgLocalStorage.localStorage.Init(ctx))
|
fatalOnErr(c.cfgObject.cfgLocalStorage.localStorage.Init(ctx))
|
||||||
})
|
})
|
||||||
|
|
||||||
|
initAndLog(c, "gRPC", initGRPC)
|
||||||
|
initAndLog(c, "netmap", func(c *cfg) { initNetmapService(ctx, c) })
|
||||||
|
|
||||||
initAccessPolicyEngine(ctx, c)
|
initAccessPolicyEngine(ctx, c)
|
||||||
initAndLog(c, "access policy engine", func(c *cfg) {
|
initAndLog(c, "access policy engine", func(c *cfg) {
|
||||||
fatalOnErr(c.cfgObject.cfgAccessPolicyEngine.accessPolicyEngine.LocalOverrideDatabaseCore().Open(ctx))
|
fatalOnErr(c.cfgObject.cfgAccessPolicyEngine.accessPolicyEngine.LocalOverrideDatabaseCore().Open(ctx))
|
||||||
fatalOnErr(c.cfgObject.cfgAccessPolicyEngine.accessPolicyEngine.LocalOverrideDatabaseCore().Init())
|
fatalOnErr(c.cfgObject.cfgAccessPolicyEngine.accessPolicyEngine.LocalOverrideDatabaseCore().Init())
|
||||||
})
|
})
|
||||||
|
|
||||||
initAndLog(c, "gRPC", initGRPC)
|
|
||||||
initAndLog(c, "netmap", func(c *cfg) { initNetmapService(ctx, c) })
|
|
||||||
initAndLog(c, "accounting", func(c *cfg) { initAccountingService(ctx, c) })
|
initAndLog(c, "accounting", func(c *cfg) { initAccountingService(ctx, c) })
|
||||||
initAndLog(c, "container", func(c *cfg) { initContainerService(ctx, c) })
|
initAndLog(c, "container", func(c *cfg) { initContainerService(ctx, c) })
|
||||||
initAndLog(c, "session", initSessionService)
|
initAndLog(c, "session", initSessionService)
|
||||||
|
|
|
@ -289,6 +289,7 @@ func lookupScriptHashesInNNS(c *cfg) {
|
||||||
{&c.cfgAccounting.scriptHash, client.NNSBalanceContractName},
|
{&c.cfgAccounting.scriptHash, client.NNSBalanceContractName},
|
||||||
{&c.cfgContainer.scriptHash, client.NNSContainerContractName},
|
{&c.cfgContainer.scriptHash, client.NNSContainerContractName},
|
||||||
{&c.cfgMorph.proxyScriptHash, client.NNSProxyContractName},
|
{&c.cfgMorph.proxyScriptHash, client.NNSProxyContractName},
|
||||||
|
{&c.cfgObject.cfgAccessPolicyEngine.policyContractHash, client.NNSPolicyContractName},
|
||||||
}
|
}
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
2
go.mod
2
go.mod
|
@ -8,7 +8,7 @@ require (
|
||||||
git.frostfs.info/TrueCloudLab/frostfs-observability v0.0.0-20231101111734-b3ad3335ff65
|
git.frostfs.info/TrueCloudLab/frostfs-observability v0.0.0-20231101111734-b3ad3335ff65
|
||||||
git.frostfs.info/TrueCloudLab/frostfs-sdk-go v0.0.0-20231122162120-56debcfa569e
|
git.frostfs.info/TrueCloudLab/frostfs-sdk-go v0.0.0-20231122162120-56debcfa569e
|
||||||
git.frostfs.info/TrueCloudLab/hrw v1.2.1
|
git.frostfs.info/TrueCloudLab/hrw v1.2.1
|
||||||
git.frostfs.info/TrueCloudLab/policy-engine v0.0.0-20231211080303-8c673ee4f4af
|
git.frostfs.info/TrueCloudLab/policy-engine v0.0.0-20231214122253-62ea96b82ce3
|
||||||
git.frostfs.info/TrueCloudLab/tzhash v1.8.0
|
git.frostfs.info/TrueCloudLab/tzhash v1.8.0
|
||||||
github.com/cheggaaa/pb v1.0.29
|
github.com/cheggaaa/pb v1.0.29
|
||||||
github.com/chzyer/readline v1.5.1
|
github.com/chzyer/readline v1.5.1
|
||||||
|
|
BIN
go.sum
BIN
go.sum
Binary file not shown.
|
@ -539,3 +539,10 @@ func (c *Client) setActor(act *actor.Actor) {
|
||||||
c.gasToken = nep17.New(act, gas.Hash)
|
c.gasToken = nep17.New(act, gas.Hash)
|
||||||
c.rolemgmt = rolemgmt.New(act)
|
c.rolemgmt = rolemgmt.New(act)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (c *Client) GetActor() *actor.Actor {
|
||||||
|
c.switchLock.RLock()
|
||||||
|
defer c.switchLock.RUnlock()
|
||||||
|
|
||||||
|
return c.rpcActor
|
||||||
|
}
|
||||||
|
|
|
@ -33,6 +33,8 @@ const (
|
||||||
NNSProxyContractName = "proxy.frostfs"
|
NNSProxyContractName = "proxy.frostfs"
|
||||||
// NNSGroupKeyName is a name for the FrostFS group key record in NNS.
|
// NNSGroupKeyName is a name for the FrostFS group key record in NNS.
|
||||||
NNSGroupKeyName = "group.frostfs"
|
NNSGroupKeyName = "group.frostfs"
|
||||||
|
// NNSPolicyContractName is a name of the policy contract in NNS.
|
||||||
|
NNSPolicyContractName = "policy.frostfs"
|
||||||
)
|
)
|
||||||
|
|
||||||
var (
|
var (
|
||||||
|
|
Loading…
Reference in a new issue