From 7d7cf05575db445620a137d568f491309363bfc1 Mon Sep 17 00:00:00 2001 From: Airat Arifullin Date: Wed, 13 Dec 2023 15:46:31 +0300 Subject: [PATCH] [#851] ape: Initialize and use policy contract interface * Replace inmemory policy contract mock by initialized policy contract interface. Signed-off-by: Airat Arifullin --- cmd/frostfs-node/config.go | 8 ++++++-- cmd/frostfs-node/main.go | 5 +++-- cmd/frostfs-node/morph.go | 1 + go.mod | 2 +- go.sum | Bin 45864 -> 45864 bytes pkg/morph/client/client.go | 7 +++++++ pkg/morph/client/nns.go | 2 ++ 7 files changed, 20 insertions(+), 5 deletions(-) diff --git a/cmd/frostfs-node/config.go b/cmd/frostfs-node/config.go index e6c30376f..e36081ba6 100644 --- a/cmd/frostfs-node/config.go +++ b/cmd/frostfs-node/config.go @@ -70,7 +70,7 @@ import ( objectSDK "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object" "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user" "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/version" - "git.frostfs.info/TrueCloudLab/policy-engine/pkg/engine/inmemory" + policy_client "git.frostfs.info/TrueCloudLab/policy-engine/pkg/morph/policy" "github.com/nspcc-dev/neo-go/pkg/crypto/keys" neogoutil "github.com/nspcc-dev/neo-go/pkg/util" "github.com/panjf2000/ants/v2" @@ -623,6 +623,8 @@ type cfgLocalStorage struct { } type cfgAccessPolicyEngine struct { + policyContractHash neogoutil.Uint160 + accessPolicyEngine *accessPolicyEngine } @@ -1077,7 +1079,9 @@ func initAccessPolicyEngine(_ context.Context, c *cfg) { ) } - morphRuleStorage := inmemory.NewInmemoryMorphRuleChainStorage() + morphRuleStorage := policy_client.NewContractStorage( + c.cfgMorph.client.GetActor(), + c.cfgObject.cfgAccessPolicyEngine.policyContractHash) ape := newAccessPolicyEngine(morphRuleStorage, localOverrideDB) c.cfgObject.cfgAccessPolicyEngine.accessPolicyEngine = ape diff --git a/cmd/frostfs-node/main.go b/cmd/frostfs-node/main.go index d4dfb7e60..2fe3a0a25 100644 --- a/cmd/frostfs-node/main.go +++ b/cmd/frostfs-node/main.go @@ -98,14 +98,15 @@ func initApp(ctx context.Context, c *cfg) { fatalOnErr(c.cfgObject.cfgLocalStorage.localStorage.Init(ctx)) }) + initAndLog(c, "gRPC", initGRPC) + initAndLog(c, "netmap", func(c *cfg) { initNetmapService(ctx, c) }) + initAccessPolicyEngine(ctx, c) initAndLog(c, "access policy engine", func(c *cfg) { fatalOnErr(c.cfgObject.cfgAccessPolicyEngine.accessPolicyEngine.LocalOverrideDatabaseCore().Open(ctx)) fatalOnErr(c.cfgObject.cfgAccessPolicyEngine.accessPolicyEngine.LocalOverrideDatabaseCore().Init()) }) - initAndLog(c, "gRPC", initGRPC) - initAndLog(c, "netmap", func(c *cfg) { initNetmapService(ctx, c) }) initAndLog(c, "accounting", func(c *cfg) { initAccountingService(ctx, c) }) initAndLog(c, "container", func(c *cfg) { initContainerService(ctx, c) }) initAndLog(c, "session", initSessionService) diff --git a/cmd/frostfs-node/morph.go b/cmd/frostfs-node/morph.go index f7100d0bf..d26142370 100644 --- a/cmd/frostfs-node/morph.go +++ b/cmd/frostfs-node/morph.go @@ -289,6 +289,7 @@ func lookupScriptHashesInNNS(c *cfg) { {&c.cfgAccounting.scriptHash, client.NNSBalanceContractName}, {&c.cfgContainer.scriptHash, client.NNSContainerContractName}, {&c.cfgMorph.proxyScriptHash, client.NNSProxyContractName}, + {&c.cfgObject.cfgAccessPolicyEngine.policyContractHash, client.NNSPolicyContractName}, } ) diff --git a/go.mod b/go.mod index 3e79f7ff7..6463c3b2b 100644 --- a/go.mod +++ b/go.mod @@ -8,7 +8,7 @@ require ( git.frostfs.info/TrueCloudLab/frostfs-observability v0.0.0-20231101111734-b3ad3335ff65 git.frostfs.info/TrueCloudLab/frostfs-sdk-go v0.0.0-20231122162120-56debcfa569e git.frostfs.info/TrueCloudLab/hrw v1.2.1 - git.frostfs.info/TrueCloudLab/policy-engine v0.0.0-20231211080303-8c673ee4f4af + git.frostfs.info/TrueCloudLab/policy-engine v0.0.0-20231214122253-62ea96b82ce3 git.frostfs.info/TrueCloudLab/tzhash v1.8.0 github.com/cheggaaa/pb v1.0.29 github.com/chzyer/readline v1.5.1 diff --git a/go.sum b/go.sum index 15ae22422585062b9c83d02a3b832152a1cfb18f..c18e291f27398c2660fd12296644df53513cfa0a 100644 GIT binary patch delta 167 zcmZ4SjA_L)rVXKN&L)ONMnHUPAqKhGSy9Qw69W|{Te8V`VKYiUJzp<3KLuoBnTc^` zZgOdGu1k5aUr}m6s!3=_V1`9jqN{~lZgHl!pRrqVqH9%dP*pO}#Laf>uT}#9S+6!k delta 167 zcmZ4SjA_L)rVXKN&V~jS2F3=)x)#Z1=EkY1CTS*#X$l#JR)N9ksaeU{?#>xSMU|%I ziC%?iMrHXW#r}~7Ugp7R85Si0h55w>Ma~h969W|{Te8V`VKYiUJzp<3KLuoBrk8Jo zSz)$iqNj&vsd0E%aEeJmshg>@N3mbFX{vvwwzhAgmsgr!QiLzi#Laf>uT}#9u{Aa! diff --git a/pkg/morph/client/client.go b/pkg/morph/client/client.go index 93a4176f9..e52adfa8e 100644 --- a/pkg/morph/client/client.go +++ b/pkg/morph/client/client.go @@ -539,3 +539,10 @@ func (c *Client) setActor(act *actor.Actor) { c.gasToken = nep17.New(act, gas.Hash) c.rolemgmt = rolemgmt.New(act) } + +func (c *Client) GetActor() *actor.Actor { + c.switchLock.RLock() + defer c.switchLock.RUnlock() + + return c.rpcActor +} diff --git a/pkg/morph/client/nns.go b/pkg/morph/client/nns.go index 758b220a2..218f7ad8e 100644 --- a/pkg/morph/client/nns.go +++ b/pkg/morph/client/nns.go @@ -33,6 +33,8 @@ const ( NNSProxyContractName = "proxy.frostfs" // NNSGroupKeyName is a name for the FrostFS group key record in NNS. NNSGroupKeyName = "group.frostfs" + // NNSPolicyContractName is a name of the policy contract in NNS. + NNSPolicyContractName = "policy.frostfs" ) var (