From b68778ea90f95be8498b2a525377055212b5a1aa Mon Sep 17 00:00:00 2001 From: Evgenii Stratonikov Date: Thu, 2 Jun 2022 15:24:31 +0300 Subject: [PATCH] [#1380] neofs-cli: move `container` command to a separate package Signed-off-by: Evgenii Stratonikov --- cmd/neofs-cli/modules/container.go | 777 ------------------ cmd/neofs-cli/modules/container/create.go | 254 ++++++ cmd/neofs-cli/modules/container/delete.go | 75 ++ cmd/neofs-cli/modules/container/get.go | 153 ++++ cmd/neofs-cli/modules/container/get_eacl.go | 79 ++ cmd/neofs-cli/modules/container/list.go | 57 ++ .../modules/container/list_objects.go | 49 ++ cmd/neofs-cli/modules/container/root.go | 53 ++ cmd/neofs-cli/modules/container/set_eacl.go | 87 ++ cmd/neofs-cli/modules/container/util.go | 32 + cmd/neofs-cli/modules/root.go | 19 +- 11 files changed, 841 insertions(+), 794 deletions(-) delete mode 100644 cmd/neofs-cli/modules/container.go create mode 100644 cmd/neofs-cli/modules/container/create.go create mode 100644 cmd/neofs-cli/modules/container/delete.go create mode 100644 cmd/neofs-cli/modules/container/get.go create mode 100644 cmd/neofs-cli/modules/container/get_eacl.go create mode 100644 cmd/neofs-cli/modules/container/list.go create mode 100644 cmd/neofs-cli/modules/container/list_objects.go create mode 100644 cmd/neofs-cli/modules/container/root.go create mode 100644 cmd/neofs-cli/modules/container/set_eacl.go create mode 100644 cmd/neofs-cli/modules/container/util.go diff --git a/cmd/neofs-cli/modules/container.go b/cmd/neofs-cli/modules/container.go deleted file mode 100644 index 260d05ea..00000000 --- a/cmd/neofs-cli/modules/container.go +++ /dev/null @@ -1,777 +0,0 @@ -package cmd - -import ( - "bytes" - "encoding/json" - "errors" - "fmt" - "os" - "strconv" - "strings" - "time" - - "github.com/google/uuid" - "github.com/nspcc-dev/neofs-api-go/v2/refs" - internalclient "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/client" - "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/common" - "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/commonflags" - "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/key" - objectCli "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/modules/object" - sessionCli "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/modules/session" - "github.com/nspcc-dev/neofs-sdk-go/acl" - "github.com/nspcc-dev/neofs-sdk-go/container" - cid "github.com/nspcc-dev/neofs-sdk-go/container/id" - "github.com/nspcc-dev/neofs-sdk-go/eacl" - "github.com/nspcc-dev/neofs-sdk-go/netmap" - "github.com/nspcc-dev/neofs-sdk-go/object" - "github.com/nspcc-dev/neofs-sdk-go/policy" - "github.com/nspcc-dev/neofs-sdk-go/session" - subnetid "github.com/nspcc-dev/neofs-sdk-go/subnet/id" - "github.com/nspcc-dev/neofs-sdk-go/user" - versionSDK "github.com/nspcc-dev/neofs-sdk-go/version" - "github.com/spf13/cobra" -) - -const ( - attributeDelimiter = "=" - - awaitTimeout = 120 // in seconds -) - -// keywords of predefined basic ACL values -const ( - basicACLPrivate = "private" - basicACLReadOnly = "public-read" - basicACLPublic = "public-read-write" - basicACLAppend = "public-append" - - basicACLNoFinalPrivate = "eacl-private" - basicACLNoFinalReadOnly = "eacl-public-read" - basicACLNoFinalPublic = "eacl-public-read-write" - basicACLNoFinalAppend = "eacl-public-append" -) - -var wellKnownBasicACL = map[string]acl.BasicACL{ - basicACLPublic: acl.PublicBasicRule, - basicACLPrivate: acl.PrivateBasicRule, - basicACLReadOnly: acl.ReadOnlyBasicRule, - basicACLAppend: acl.PublicAppendRule, - - basicACLNoFinalPublic: acl.EACLPublicBasicRule, - basicACLNoFinalPrivate: acl.EACLPrivateBasicRule, - basicACLNoFinalReadOnly: acl.EACLReadOnlyBasicRule, - basicACLNoFinalAppend: acl.EACLPublicAppendRule, -} - -var ( - containerOwner string - - containerACL string - containerNonce string - containerPolicy string - containerAttributes []string - containerAwait bool - containerName string - containerNoTimestamp bool - containerSubnet string - - containerID string - - containerPathFrom string - containerPathTo string - - containerJSON bool - - eaclPathFrom string -) - -var ( - errDeleteTimeout = errors.New("timeout: container has not been removed from sidechain") - errCreateTimeout = errors.New("timeout: container has not been persisted on sidechain") - errSetEACLTimeout = errors.New("timeout: EACL has not been persisted on sidechain") -) - -// containerCmd represents the container command -var containerCmd = &cobra.Command{ - Use: "container", - Short: "Operations with containers", - Long: "Operations with containers", - PersistentPreRun: func(cmd *cobra.Command, args []string) { - // bind exactly that cmd's flags to - // the viper before execution - commonflags.Bind(cmd) - commonflags.BindAPI(cmd) - }, -} - -var listContainersCmd = &cobra.Command{ - Use: "list", - Short: "List all created containers", - Long: "List all created containers", - Run: func(cmd *cobra.Command, args []string) { - var idUser user.ID - - key := key.GetOrGenerate(cmd) - - if containerOwner == "" { - user.IDFromKey(&idUser, key.PublicKey) - } else { - err := idUser.DecodeString(containerOwner) - common.ExitOnErr(cmd, "invalid user ID: %w", err) - } - - cli := internalclient.GetSDKClientByFlag(cmd, key, commonflags.RPC) - - var prm internalclient.ListContainersPrm - prm.SetClient(cli) - prm.SetAccount(idUser) - - res, err := internalclient.ListContainers(prm) - common.ExitOnErr(cmd, "rpc error: %w", err) - - // print to stdout - prettyPrintContainerList(cmd, res.IDList()) - }, -} - -var createContainerCmd = &cobra.Command{ - Use: "create", - Short: "Create new container", - Long: `Create new container and register it in the NeoFS. -It will be stored in sidechain when inner ring will accepts it.`, - Run: func(cmd *cobra.Command, args []string) { - placementPolicy, err := parseContainerPolicy(containerPolicy) - common.ExitOnErr(cmd, "", err) - - var subnetID subnetid.ID - - err = subnetID.DecodeString(containerSubnet) - common.ExitOnErr(cmd, "could not parse subnetID: %w", err) - - placementPolicy.SetSubnetID(&subnetID) - - attributes, err := parseAttributes(containerAttributes) - common.ExitOnErr(cmd, "", err) - - basicACL, err := parseBasicACL(containerACL) - common.ExitOnErr(cmd, "", err) - - nonce, err := parseNonce(containerNonce) - common.ExitOnErr(cmd, "", err) - - key := key.GetOrGenerate(cmd) - - cnr := container.New() - var tok *session.Container - - sessionTokenPath, _ := cmd.Flags().GetString(commonflags.SessionToken) - if sessionTokenPath != "" { - tok = new(session.Container) - common.ReadSessionToken(cmd, tok, sessionTokenPath) - - issuer := tok.Issuer() - cnr.SetOwnerID(&issuer) - cnr.SetSessionToken(tok) - } else { - var idOwner user.ID - user.IDFromKey(&idOwner, key.PublicKey) - - cnr.SetOwnerID(&idOwner) - } - - ver := versionSDK.Current() - - cnr.SetVersion(&ver) - cnr.SetPlacementPolicy(placementPolicy) - cnr.SetBasicACL(basicACL) - cnr.SetAttributes(attributes) - cnr.SetNonceUUID(nonce) - cnr.SetSessionToken(tok) - - cli := internalclient.GetSDKClientByFlag(cmd, key, commonflags.RPC) - - var putPrm internalclient.PutContainerPrm - putPrm.SetClient(cli) - putPrm.SetContainer(*cnr) - - res, err := internalclient.PutContainer(putPrm) - common.ExitOnErr(cmd, "rpc error: %w", err) - - id := res.ID() - - cmd.Println("container ID:", id) - - if containerAwait { - cmd.Println("awaiting...") - - var getPrm internalclient.GetContainerPrm - getPrm.SetClient(cli) - getPrm.SetContainer(id) - - for i := 0; i < awaitTimeout; i++ { - time.Sleep(1 * time.Second) - - _, err := internalclient.GetContainer(getPrm) - if err == nil { - cmd.Println("container has been persisted on sidechain") - return - } - } - - common.ExitOnErr(cmd, "", errCreateTimeout) - } - }, -} - -var deleteContainerCmd = &cobra.Command{ - Use: "delete", - Short: "Delete existing container", - Long: `Delete existing container. -Only owner of the container has a permission to remove container.`, - Run: func(cmd *cobra.Command, args []string) { - id, err := parseContainerID(containerID) - common.ExitOnErr(cmd, "", err) - - var tok *session.Container - - sessionTokenPath, _ := cmd.Flags().GetString(commonflags.SessionToken) - if sessionTokenPath != "" { - tok = new(session.Container) - common.ReadSessionToken(cmd, tok, sessionTokenPath) - } - - var ( - delPrm internalclient.DeleteContainerPrm - getPrm internalclient.GetContainerPrm - ) - - prepareAPIClient(cmd, &delPrm, &getPrm) - delPrm.SetContainer(*id) - - if tok != nil { - delPrm.WithinSession(*tok) - } - - _, err = internalclient.DeleteContainer(delPrm) - common.ExitOnErr(cmd, "rpc error: %w", err) - - cmd.Println("container delete method invoked") - - if containerAwait { - cmd.Println("awaiting...") - - getPrm.SetContainer(*id) - - for i := 0; i < awaitTimeout; i++ { - time.Sleep(1 * time.Second) - - _, err := internalclient.GetContainer(getPrm) - if err != nil { - cmd.Println("container has been removed:", containerID) - return - } - } - - common.ExitOnErr(cmd, "", errDeleteTimeout) - } - }, -} - -var listContainerObjectsCmd = &cobra.Command{ - Use: "list-objects", - Short: "List existing objects in container", - Long: `List existing objects in container`, - Run: func(cmd *cobra.Command, args []string) { - id, err := parseContainerID(containerID) - common.ExitOnErr(cmd, "", err) - - filters := new(object.SearchFilters) - filters.AddRootFilter() // search only user created objects - - pk := key.GetOrGenerate(cmd) - - var prm internalclient.SearchObjectsPrm - sessionCli.Prepare(cmd, *id, nil, pk, &prm) - objectCli.Prepare(cmd, &prm) - prm.SetContainerID(*id) - prm.SetFilters(*filters) - - res, err := internalclient.SearchObjects(prm) - common.ExitOnErr(cmd, "rpc error: %w", err) - - objectIDs := res.IDList() - - for i := range objectIDs { - cmd.Println(objectIDs[i]) - } - }, -} - -var getContainerInfoCmd = &cobra.Command{ - Use: "get", - Short: "Get container field info", - Long: `Get container field info`, - Run: func(cmd *cobra.Command, args []string) { - var cnr *container.Container - - if containerPathFrom != "" { - data, err := os.ReadFile(containerPathFrom) - common.ExitOnErr(cmd, "can't read file: %w", err) - - cnr = container.New() - err = cnr.Unmarshal(data) - common.ExitOnErr(cmd, "can't unmarshal container: %w", err) - } else { - id, err := parseContainerID(containerID) - common.ExitOnErr(cmd, "", err) - - var prm internalclient.GetContainerPrm - - prepareAPIClient(cmd, &prm) - prm.SetContainer(*id) - - res, err := internalclient.GetContainer(prm) - common.ExitOnErr(cmd, "rpc error: %w", err) - - cnr = res.Container() - } - - prettyPrintContainer(cmd, cnr, containerJSON) - - if containerPathTo != "" { - var ( - data []byte - err error - ) - - if containerJSON { - data, err = cnr.MarshalJSON() - common.ExitOnErr(cmd, "can't JSON encode container: %w", err) - } else { - data, err = cnr.Marshal() - common.ExitOnErr(cmd, "can't binary encode container: %w", err) - } - - err = os.WriteFile(containerPathTo, data, 0644) - common.ExitOnErr(cmd, "can't write container to file: %w", err) - } - }, -} - -var getExtendedACLCmd = &cobra.Command{ - Use: "get-eacl", - Short: "Get extended ACL table of container", - Long: `Get extended ACL talbe of container`, - Run: func(cmd *cobra.Command, args []string) { - id, err := parseContainerID(containerID) - common.ExitOnErr(cmd, "", err) - - var eaclPrm internalclient.EACLPrm - - prepareAPIClient(cmd, &eaclPrm) - eaclPrm.SetContainer(*id) - - res, err := internalclient.EACL(eaclPrm) - common.ExitOnErr(cmd, "rpc error: %w", err) - - eaclTable := res.EACL() - - sig := eaclTable.Signature() - - // TODO(@cthulhu-rider): #1387 avoid type conversion - var sigV2 refs.Signature - sig.WriteToV2(&sigV2) - - if containerPathTo == "" { - cmd.Println("eACL: ") - prettyPrintEACL(cmd, eaclTable) - - var sigV2 refs.Signature - sig.WriteToV2(&sigV2) - - cmd.Println("Signature:") - common.PrettyPrintJSON(cmd, &sigV2, "signature") - - return - } - - var data []byte - - if containerJSON { - data, err = eaclTable.MarshalJSON() - common.ExitOnErr(cmd, "can't encode to JSON: %w", err) - } else { - data, err = eaclTable.Marshal() - common.ExitOnErr(cmd, "can't encode to binary: %w", err) - } - - cmd.Println("dumping data to file:", containerPathTo) - - cmd.Println("Signature:") - common.PrettyPrintJSON(cmd, &sigV2, "signature") - - err = os.WriteFile(containerPathTo, data, 0644) - common.ExitOnErr(cmd, "could not write eACL to file: %w", err) - }, -} - -var setExtendedACLCmd = &cobra.Command{ - Use: "set-eacl", - Short: "Set new extended ACL table for container", - Long: `Set new extended ACL table for container. -Container ID in EACL table will be substituted with ID from the CLI.`, - Run: func(cmd *cobra.Command, args []string) { - id, err := parseContainerID(containerID) - common.ExitOnErr(cmd, "", err) - - eaclTable := common.ReadEACL(cmd, eaclPathFrom) - - var tok *session.Container - - sessionTokenPath, _ := cmd.Flags().GetString(commonflags.SessionToken) - if sessionTokenPath != "" { - tok = new(session.Container) - common.ReadSessionToken(cmd, tok, sessionTokenPath) - } - - eaclTable.SetCID(*id) - eaclTable.SetSessionToken(tok) - - var ( - setEACLPrm internalclient.SetEACLPrm - getEACLPrm internalclient.EACLPrm - ) - - prepareAPIClient(cmd, &setEACLPrm, &getEACLPrm) - setEACLPrm.SetTable(*eaclTable) - - _, err = internalclient.SetEACL(setEACLPrm) - common.ExitOnErr(cmd, "rpc error: %w", err) - - if containerAwait { - exp, err := eaclTable.Marshal() - common.ExitOnErr(cmd, "broken EACL table: %w", err) - - cmd.Println("awaiting...") - - getEACLPrm.SetContainer(*id) - - for i := 0; i < awaitTimeout; i++ { - time.Sleep(1 * time.Second) - - res, err := internalclient.EACL(getEACLPrm) - if err == nil { - // compare binary values because EACL could have been set already - got, err := res.EACL().Marshal() - if err != nil { - continue - } - - if bytes.Equal(exp, got) { - cmd.Println("EACL has been persisted on sidechain") - return - } - } - } - - common.ExitOnErr(cmd, "", errSetEACLTimeout) - } - }, -} - -func initContainerListContainersCmd() { - commonflags.Init(listContainersCmd) - - flags := listContainersCmd.Flags() - - flags.StringVar(&containerOwner, "owner", "", "owner of containers (omit to use owner from private key)") -} - -func initContainerCreateCmd() { - commonflags.Init(createContainerCmd) - - flags := createContainerCmd.Flags() - - flags.StringVar(&containerACL, "basic-acl", basicACLPrivate, fmt.Sprintf("hex encoded basic ACL value or keywords like '%s', '%s', '%s'", basicACLPublic, basicACLPrivate, basicACLNoFinalReadOnly)) - flags.StringVarP(&containerPolicy, "policy", "p", "", "QL-encoded or JSON-encoded placement policy or path to file with it") - flags.StringSliceVarP(&containerAttributes, "attributes", "a", nil, "comma separated pairs of container attributes in form of Key1=Value1,Key2=Value2") - flags.StringVarP(&containerNonce, "nonce", "n", "", "UUIDv4 nonce value for container") - flags.BoolVar(&containerAwait, "await", false, "block execution until container is persisted") - flags.StringVar(&containerName, "name", "", "container name attribute") - flags.BoolVar(&containerNoTimestamp, "disable-timestamp", false, "disable timestamp container attribute") - flags.StringVar(&containerSubnet, "subnet", "", "string representation of container subnetwork") -} - -func initContainerDeleteCmd() { - commonflags.Init(deleteContainerCmd) - - flags := deleteContainerCmd.Flags() - - flags.StringVar(&containerID, "cid", "", "container ID") - flags.BoolVar(&containerAwait, "await", false, "block execution until container is removed") -} - -func initContainerListObjectsCmd() { - commonflags.Init(listContainerObjectsCmd) - - flags := listContainerObjectsCmd.Flags() - - flags.StringVar(&containerID, "cid", "", "container ID") -} - -func initContainerInfoCmd() { - commonflags.Init(getContainerInfoCmd) - - flags := getContainerInfoCmd.Flags() - - flags.StringVar(&containerID, "cid", "", "container ID") - flags.StringVar(&containerPathTo, "to", "", "path to dump encoded container") - flags.StringVar(&containerPathFrom, "from", "", "path to file with encoded container") - flags.BoolVar(&containerJSON, "json", false, "print or dump container in JSON format") -} - -func initContainerGetEACLCmd() { - commonflags.Init(getExtendedACLCmd) - - flags := getExtendedACLCmd.Flags() - - flags.StringVar(&containerID, "cid", "", "container ID") - flags.StringVar(&containerPathTo, "to", "", "path to dump encoded container (default: binary encoded)") - flags.BoolVar(&containerJSON, "json", false, "encode EACL table in json format") -} - -func initContainerSetEACLCmd() { - commonflags.Init(setExtendedACLCmd) - - flags := setExtendedACLCmd.Flags() - flags.StringVar(&containerID, "cid", "", "container ID") - flags.StringVar(&eaclPathFrom, "table", "", "path to file with JSON or binary encoded EACL table") - flags.BoolVar(&containerAwait, "await", false, "block execution until EACL is persisted") -} - -func init() { - containerChildCommand := []*cobra.Command{ - listContainersCmd, - createContainerCmd, - deleteContainerCmd, - listContainerObjectsCmd, - getContainerInfoCmd, - getExtendedACLCmd, - setExtendedACLCmd, - } - - rootCmd.AddCommand(containerCmd) - - containerCmd.AddCommand(containerChildCommand...) - - // Here you will define your flags and configuration settings. - - // Cobra supports Persistent Flags which will work for this command - // and all subcommands, e.g.: - // containerCmd.PersistentFlags().String("foo", "", "A help for foo") - - // Cobra supports local flags which will only run when this command - // is called directly, e.g.: - // containerCmd.Flags().BoolP("toggle", "t", false, "Help message for toggle") - - initContainerListContainersCmd() - initContainerCreateCmd() - initContainerDeleteCmd() - initContainerListObjectsCmd() - initContainerInfoCmd() - initContainerGetEACLCmd() - initContainerSetEACLCmd() - - for _, containerCommand := range containerChildCommand { - commonflags.InitAPI(containerCommand) - } - - for _, cmd := range []*cobra.Command{ - createContainerCmd, - deleteContainerCmd, - setExtendedACLCmd, - } { - commonflags.InitSession(cmd) - } -} - -func prettyPrintContainerList(cmd *cobra.Command, list []cid.ID) { - for i := range list { - cmd.Println(list[i]) - } -} - -func parseContainerPolicy(policyString string) (*netmap.PlacementPolicy, error) { - _, err := os.Stat(policyString) // check if `policyString` is a path to file with placement policy - if err == nil { - common.PrintVerbose("Reading placement policy from file: %s", policyString) - - data, err := os.ReadFile(policyString) - if err != nil { - return nil, fmt.Errorf("can't read file with placement policy: %w", err) - } - - policyString = string(data) - } - - result, err := policy.Parse(policyString) - if err == nil { - common.PrintVerbose("Parsed QL encoded policy") - return result, nil - } - - result = netmap.NewPlacementPolicy() - if err = result.UnmarshalJSON([]byte(policyString)); err == nil { - common.PrintVerbose("Parsed JSON encoded policy") - return result, nil - } - - return nil, errors.New("can't parse placement policy") -} - -func parseAttributes(attributes []string) ([]container.Attribute, error) { - result := make([]container.Attribute, len(attributes), len(attributes)+2) // name + timestamp attributes - - for i := range attributes { - kvPair := strings.Split(attributes[i], attributeDelimiter) - if len(kvPair) != 2 { - return nil, errors.New("invalid container attribute") - } - - result[i].SetKey(kvPair[0]) - result[i].SetValue(kvPair[1]) - } - - if !containerNoTimestamp { - index := len(result) - result = append(result, container.Attribute{}) - result[index].SetKey(container.AttributeTimestamp) - result[index].SetValue(strconv.FormatInt(time.Now().Unix(), 10)) - } - - if containerName != "" { - index := len(result) - result = append(result, container.Attribute{}) - result[index].SetKey(container.AttributeName) - result[index].SetValue(containerName) - } - - return result, nil -} - -func parseBasicACL(basicACL string) (acl.BasicACL, error) { - if value, ok := wellKnownBasicACL[basicACL]; ok { - return value, nil - } - - basicACL = strings.Trim(strings.ToLower(basicACL), "0x") - - value, err := strconv.ParseUint(basicACL, 16, 32) - if err != nil { - return 0, fmt.Errorf("can't parse basic ACL: %s", basicACL) - } - - return acl.BasicACL(value), nil -} - -func parseNonce(nonce string) (uuid.UUID, error) { - if nonce == "" { - result := uuid.New() - common.PrintVerbose("Generating container nonce: %s", result) - - return result, nil - } - - uid, err := uuid.Parse(nonce) - if err != nil { - return uuid.UUID{}, fmt.Errorf("could not parse nonce: %w", err) - } - - return uid, nil -} - -func parseContainerID(idStr string) (*cid.ID, error) { - if idStr == "" { - return nil, errors.New("container ID is not set") - } - - var id cid.ID - - err := id.DecodeString(idStr) - if err != nil { - return nil, errors.New("can't decode container ID value") - } - - return &id, nil -} - -func prettyPrintContainer(cmd *cobra.Command, cnr *container.Container, jsonEncoding bool) { - if cnr == nil { - return - } - - if jsonEncoding { - data, err := cnr.MarshalJSON() - if err != nil { - common.PrintVerbose("Can't convert container to json: %w", err) - return - } - buf := new(bytes.Buffer) - if err := json.Indent(buf, data, "", " "); err != nil { - common.PrintVerbose("Can't pretty print json: %w", err) - } - - cmd.Println(buf) - - return - } - - id := container.CalculateID(cnr) - cmd.Println("container ID:", id) - - v := cnr.Version() - cmd.Printf("version: %d.%d\n", v.Major(), v.Minor()) - - cmd.Println("owner ID:", cnr.OwnerID()) - - basicACL := cnr.BasicACL() - prettyPrintBasicACL(cmd, acl.BasicACL(basicACL)) - - for _, attribute := range cnr.Attributes() { - if attribute.Key() == container.AttributeTimestamp { - cmd.Printf("attribute: %s=%s (%s)\n", - attribute.Key(), - attribute.Value(), - common.PrettyPrintUnixTime(attribute.Value())) - - continue - } - - cmd.Printf("attribute: %s=%s\n", attribute.Key(), attribute.Value()) - } - - nonce, err := cnr.NonceUUID() - if err == nil { - cmd.Println("nonce:", nonce) - } else { - cmd.Println("invalid nonce:", err) - } - - cmd.Println("placement policy:") - cmd.Println(strings.Join(policy.Encode(cnr.PlacementPolicy()), "\n")) -} - -func prettyPrintEACL(cmd *cobra.Command, table *eacl.Table) { - common.PrettyPrintJSON(cmd, table, "eACL") -} - -func prettyPrintBasicACL(cmd *cobra.Command, basicACL acl.BasicACL) { - cmd.Printf("basic ACL: %s", basicACL) - for k, v := range wellKnownBasicACL { - if v == basicACL { - cmd.Printf(" (%s)\n", k) - return - } - } - cmd.Println() -} diff --git a/cmd/neofs-cli/modules/container/create.go b/cmd/neofs-cli/modules/container/create.go new file mode 100644 index 00000000..4084381c --- /dev/null +++ b/cmd/neofs-cli/modules/container/create.go @@ -0,0 +1,254 @@ +package container + +import ( + "errors" + "fmt" + "os" + "strconv" + "strings" + "time" + + "github.com/google/uuid" + internalclient "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/client" + "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/common" + "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/commonflags" + "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/key" + "github.com/nspcc-dev/neofs-sdk-go/acl" + "github.com/nspcc-dev/neofs-sdk-go/container" + "github.com/nspcc-dev/neofs-sdk-go/netmap" + "github.com/nspcc-dev/neofs-sdk-go/policy" + "github.com/nspcc-dev/neofs-sdk-go/session" + subnetid "github.com/nspcc-dev/neofs-sdk-go/subnet/id" + "github.com/nspcc-dev/neofs-sdk-go/user" + versionSDK "github.com/nspcc-dev/neofs-sdk-go/version" + "github.com/spf13/cobra" +) + +// keywords of predefined basic ACL values +const ( + basicACLPrivate = "private" + basicACLReadOnly = "public-read" + basicACLPublic = "public-read-write" + basicACLAppend = "public-append" + + basicACLNoFinalPrivate = "eacl-private" + basicACLNoFinalReadOnly = "eacl-public-read" + basicACLNoFinalPublic = "eacl-public-read-write" + basicACLNoFinalAppend = "eacl-public-append" +) + +var wellKnownBasicACL = map[string]acl.BasicACL{ + basicACLPublic: acl.PublicBasicRule, + basicACLPrivate: acl.PrivateBasicRule, + basicACLReadOnly: acl.ReadOnlyBasicRule, + basicACLAppend: acl.PublicAppendRule, + + basicACLNoFinalPublic: acl.EACLPublicBasicRule, + basicACLNoFinalPrivate: acl.EACLPrivateBasicRule, + basicACLNoFinalReadOnly: acl.EACLReadOnlyBasicRule, + basicACLNoFinalAppend: acl.EACLPublicAppendRule, +} + +var ( + containerACL string + containerNonce string + containerPolicy string + containerAttributes []string + containerAwait bool + containerName string + containerNoTimestamp bool + containerSubnet string +) + +var createContainerCmd = &cobra.Command{ + Use: "create", + Short: "Create new container", + Long: `Create new container and register it in the NeoFS. +It will be stored in sidechain when inner ring will accepts it.`, + Run: func(cmd *cobra.Command, args []string) { + placementPolicy, err := parseContainerPolicy(containerPolicy) + common.ExitOnErr(cmd, "", err) + + var subnetID subnetid.ID + + err = subnetID.DecodeString(containerSubnet) + common.ExitOnErr(cmd, "could not parse subnetID: %w", err) + + placementPolicy.SetSubnetID(&subnetID) + + attributes, err := parseAttributes(containerAttributes) + common.ExitOnErr(cmd, "", err) + + basicACL, err := parseBasicACL(containerACL) + common.ExitOnErr(cmd, "", err) + + nonce, err := parseNonce(containerNonce) + common.ExitOnErr(cmd, "", err) + + key := key.GetOrGenerate(cmd) + + cnr := container.New() + var tok *session.Container + + sessionTokenPath, _ := cmd.Flags().GetString(commonflags.SessionToken) + if sessionTokenPath != "" { + tok = new(session.Container) + common.ReadSessionToken(cmd, tok, sessionTokenPath) + + issuer := tok.Issuer() + cnr.SetOwnerID(&issuer) + cnr.SetSessionToken(tok) + } else { + var idOwner user.ID + user.IDFromKey(&idOwner, key.PublicKey) + + cnr.SetOwnerID(&idOwner) + } + + ver := versionSDK.Current() + + cnr.SetVersion(&ver) + cnr.SetPlacementPolicy(placementPolicy) + cnr.SetBasicACL(basicACL) + cnr.SetAttributes(attributes) + cnr.SetNonceUUID(nonce) + cnr.SetSessionToken(tok) + + cli := internalclient.GetSDKClientByFlag(cmd, key, commonflags.RPC) + + var putPrm internalclient.PutContainerPrm + putPrm.SetClient(cli) + putPrm.SetContainer(*cnr) + + res, err := internalclient.PutContainer(putPrm) + common.ExitOnErr(cmd, "rpc error: %w", err) + + id := res.ID() + + cmd.Println("container ID:", id) + + if containerAwait { + cmd.Println("awaiting...") + + var getPrm internalclient.GetContainerPrm + getPrm.SetClient(cli) + getPrm.SetContainer(id) + + for i := 0; i < awaitTimeout; i++ { + time.Sleep(1 * time.Second) + + _, err := internalclient.GetContainer(getPrm) + if err == nil { + cmd.Println("container has been persisted on sidechain") + return + } + } + + common.ExitOnErr(cmd, "", errCreateTimeout) + } + }, +} + +func initContainerCreateCmd() { + commonflags.Init(createContainerCmd) + + flags := createContainerCmd.Flags() + + flags.StringVar(&containerACL, "basic-acl", basicACLPrivate, fmt.Sprintf("hex encoded basic ACL value or keywords like '%s', '%s', '%s'", basicACLPublic, basicACLPrivate, basicACLNoFinalReadOnly)) + flags.StringVarP(&containerPolicy, "policy", "p", "", "QL-encoded or JSON-encoded placement policy or path to file with it") + flags.StringSliceVarP(&containerAttributes, "attributes", "a", nil, "comma separated pairs of container attributes in form of Key1=Value1,Key2=Value2") + flags.StringVarP(&containerNonce, "nonce", "n", "", "UUIDv4 nonce value for container") + flags.BoolVar(&containerAwait, "await", false, "block execution until container is persisted") + flags.StringVar(&containerName, "name", "", "container name attribute") + flags.BoolVar(&containerNoTimestamp, "disable-timestamp", false, "disable timestamp container attribute") + flags.StringVar(&containerSubnet, "subnet", "", "string representation of container subnetwork") +} + +func parseContainerPolicy(policyString string) (*netmap.PlacementPolicy, error) { + _, err := os.Stat(policyString) // check if `policyString` is a path to file with placement policy + if err == nil { + common.PrintVerbose("Reading placement policy from file: %s", policyString) + + data, err := os.ReadFile(policyString) + if err != nil { + return nil, fmt.Errorf("can't read file with placement policy: %w", err) + } + + policyString = string(data) + } + + result, err := policy.Parse(policyString) + if err == nil { + common.PrintVerbose("Parsed QL encoded policy") + return result, nil + } + + result = netmap.NewPlacementPolicy() + if err = result.UnmarshalJSON([]byte(policyString)); err == nil { + common.PrintVerbose("Parsed JSON encoded policy") + return result, nil + } + + return nil, errors.New("can't parse placement policy") +} + +func parseAttributes(attributes []string) ([]container.Attribute, error) { + result := make([]container.Attribute, len(attributes), len(attributes)+2) // name + timestamp attributes + + for i := range attributes { + kvPair := strings.Split(attributes[i], attributeDelimiter) + if len(kvPair) != 2 { + return nil, errors.New("invalid container attribute") + } + + result[i].SetKey(kvPair[0]) + result[i].SetValue(kvPair[1]) + } + + if !containerNoTimestamp { + index := len(result) + result = append(result, container.Attribute{}) + result[index].SetKey(container.AttributeTimestamp) + result[index].SetValue(strconv.FormatInt(time.Now().Unix(), 10)) + } + + if containerName != "" { + index := len(result) + result = append(result, container.Attribute{}) + result[index].SetKey(container.AttributeName) + result[index].SetValue(containerName) + } + + return result, nil +} + +func parseBasicACL(basicACL string) (acl.BasicACL, error) { + if value, ok := wellKnownBasicACL[basicACL]; ok { + return value, nil + } + + basicACL = strings.Trim(strings.ToLower(basicACL), "0x") + + value, err := strconv.ParseUint(basicACL, 16, 32) + if err != nil { + return 0, fmt.Errorf("can't parse basic ACL: %s", basicACL) + } + + return acl.BasicACL(value), nil +} + +func parseNonce(nonce string) (uuid.UUID, error) { + if nonce == "" { + result := uuid.New() + common.PrintVerbose("Generating container nonce: %s", result) + + return result, nil + } + + uid, err := uuid.Parse(nonce) + if err != nil { + return uuid.UUID{}, fmt.Errorf("could not parse nonce: %w", err) + } + + return uid, nil +} diff --git a/cmd/neofs-cli/modules/container/delete.go b/cmd/neofs-cli/modules/container/delete.go new file mode 100644 index 00000000..6bb8e294 --- /dev/null +++ b/cmd/neofs-cli/modules/container/delete.go @@ -0,0 +1,75 @@ +package container + +import ( + "time" + + internalclient "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/client" + "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/common" + "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/commonflags" + "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/key" + "github.com/nspcc-dev/neofs-sdk-go/session" + "github.com/spf13/cobra" +) + +var deleteContainerCmd = &cobra.Command{ + Use: "delete", + Short: "Delete existing container", + Long: `Delete existing container. +Only owner of the container has a permission to remove container.`, + Run: func(cmd *cobra.Command, args []string) { + id := parseContainerID(cmd) + + var tok *session.Container + + sessionTokenPath, _ := cmd.Flags().GetString(commonflags.SessionToken) + if sessionTokenPath != "" { + tok = new(session.Container) + common.ReadSessionToken(cmd, tok, sessionTokenPath) + } + + pk := key.GetOrGenerate(cmd) + cli := internalclient.GetSDKClientByFlag(cmd, pk, commonflags.RPC) + + var delPrm internalclient.DeleteContainerPrm + delPrm.SetClient(cli) + delPrm.SetContainer(id) + + if tok != nil { + delPrm.WithinSession(*tok) + } + + _, err := internalclient.DeleteContainer(delPrm) + common.ExitOnErr(cmd, "rpc error: %w", err) + + cmd.Println("container delete method invoked") + + if containerAwait { + cmd.Println("awaiting...") + + var getPrm internalclient.GetContainerPrm + getPrm.SetClient(cli) + getPrm.SetContainer(id) + + for i := 0; i < awaitTimeout; i++ { + time.Sleep(1 * time.Second) + + _, err := internalclient.GetContainer(getPrm) + if err != nil { + cmd.Println("container has been removed:", containerID) + return + } + } + + common.ExitOnErr(cmd, "", errDeleteTimeout) + } + }, +} + +func initContainerDeleteCmd() { + commonflags.Init(deleteContainerCmd) + + flags := deleteContainerCmd.Flags() + + flags.StringVar(&containerID, "cid", "", "container ID") + flags.BoolVar(&containerAwait, "await", false, "block execution until container is removed") +} diff --git a/cmd/neofs-cli/modules/container/get.go b/cmd/neofs-cli/modules/container/get.go new file mode 100644 index 00000000..2ec6dcb1 --- /dev/null +++ b/cmd/neofs-cli/modules/container/get.go @@ -0,0 +1,153 @@ +package container + +import ( + "bytes" + "encoding/json" + "os" + "strings" + + internalclient "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/client" + "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/common" + "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/commonflags" + "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/key" + "github.com/nspcc-dev/neofs-sdk-go/acl" + "github.com/nspcc-dev/neofs-sdk-go/container" + "github.com/nspcc-dev/neofs-sdk-go/policy" + "github.com/spf13/cobra" +) + +var ( + containerID string + containerPathFrom string + containerPathTo string + containerJSON bool +) + +var getContainerInfoCmd = &cobra.Command{ + Use: "get", + Short: "Get container field info", + Long: `Get container field info`, + Run: func(cmd *cobra.Command, args []string) { + var cnr *container.Container + + if containerPathFrom != "" { + data, err := os.ReadFile(containerPathFrom) + common.ExitOnErr(cmd, "can't read file: %w", err) + + cnr = container.New() + err = cnr.Unmarshal(data) + common.ExitOnErr(cmd, "can't unmarshal container: %w", err) + } else { + id := parseContainerID(cmd) + pk := key.GetOrGenerate(cmd) + cli := internalclient.GetSDKClientByFlag(cmd, pk, commonflags.RPC) + + var prm internalclient.GetContainerPrm + prm.SetClient(cli) + prm.SetContainer(id) + + res, err := internalclient.GetContainer(prm) + common.ExitOnErr(cmd, "rpc error: %w", err) + + cnr = res.Container() + } + + prettyPrintContainer(cmd, cnr, containerJSON) + + if containerPathTo != "" { + var ( + data []byte + err error + ) + + if containerJSON { + data, err = cnr.MarshalJSON() + common.ExitOnErr(cmd, "can't JSON encode container: %w", err) + } else { + data, err = cnr.Marshal() + common.ExitOnErr(cmd, "can't binary encode container: %w", err) + } + + err = os.WriteFile(containerPathTo, data, 0644) + common.ExitOnErr(cmd, "can't write container to file: %w", err) + } + }, +} + +func initContainerInfoCmd() { + commonflags.Init(getContainerInfoCmd) + + flags := getContainerInfoCmd.Flags() + + flags.StringVar(&containerID, "cid", "", "container ID") + flags.StringVar(&containerPathTo, "to", "", "path to dump encoded container") + flags.StringVar(&containerPathFrom, "from", "", "path to file with encoded container") + flags.BoolVar(&containerJSON, "json", false, "print or dump container in JSON format") +} + +func prettyPrintContainer(cmd *cobra.Command, cnr *container.Container, jsonEncoding bool) { + if cnr == nil { + return + } + + if jsonEncoding { + data, err := cnr.MarshalJSON() + if err != nil { + common.PrintVerbose("Can't convert container to json: %w", err) + return + } + buf := new(bytes.Buffer) + if err := json.Indent(buf, data, "", " "); err != nil { + common.PrintVerbose("Can't pretty print json: %w", err) + } + + cmd.Println(buf) + + return + } + + id := container.CalculateID(cnr) + cmd.Println("container ID:", id) + + v := cnr.Version() + cmd.Printf("version: %d.%d\n", v.Major(), v.Minor()) + + cmd.Println("owner ID:", cnr.OwnerID()) + + basicACL := cnr.BasicACL() + prettyPrintBasicACL(cmd, acl.BasicACL(basicACL)) + + for _, attribute := range cnr.Attributes() { + if attribute.Key() == container.AttributeTimestamp { + cmd.Printf("attribute: %s=%s (%s)\n", + attribute.Key(), + attribute.Value(), + common.PrettyPrintUnixTime(attribute.Value())) + + continue + } + + cmd.Printf("attribute: %s=%s\n", attribute.Key(), attribute.Value()) + } + + nonce, err := cnr.NonceUUID() + if err == nil { + cmd.Println("nonce:", nonce) + } else { + cmd.Println("invalid nonce:", err) + } + + cmd.Println("placement policy:") + cmd.Println(strings.Join(policy.Encode(cnr.PlacementPolicy()), "\n")) +} + +func prettyPrintBasicACL(cmd *cobra.Command, basicACL acl.BasicACL) { + cmd.Printf("basic ACL: %s", basicACL) + for k, v := range wellKnownBasicACL { + if v == basicACL { + cmd.Printf(" (%s)\n", k) + return + } + } + cmd.Println() +} diff --git a/cmd/neofs-cli/modules/container/get_eacl.go b/cmd/neofs-cli/modules/container/get_eacl.go new file mode 100644 index 00000000..fdf1cedf --- /dev/null +++ b/cmd/neofs-cli/modules/container/get_eacl.go @@ -0,0 +1,79 @@ +package container + +import ( + "os" + + "github.com/nspcc-dev/neofs-api-go/v2/refs" + internalclient "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/client" + "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/common" + "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/commonflags" + "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/key" + "github.com/spf13/cobra" +) + +var getExtendedACLCmd = &cobra.Command{ + Use: "get-eacl", + Short: "Get extended ACL table of container", + Long: `Get extended ACL talbe of container`, + Run: func(cmd *cobra.Command, args []string) { + id := parseContainerID(cmd) + pk := key.GetOrGenerate(cmd) + cli := internalclient.GetSDKClientByFlag(cmd, pk, commonflags.RPC) + + var eaclPrm internalclient.EACLPrm + eaclPrm.SetClient(cli) + eaclPrm.SetContainer(id) + + res, err := internalclient.EACL(eaclPrm) + common.ExitOnErr(cmd, "rpc error: %w", err) + + eaclTable := res.EACL() + + sig := eaclTable.Signature() + + // TODO(@cthulhu-rider): #1387 avoid type conversion + var sigV2 refs.Signature + sig.WriteToV2(&sigV2) + + if containerPathTo == "" { + cmd.Println("eACL: ") + common.PrettyPrintJSON(cmd, eaclTable, "eACL") + + var sigV2 refs.Signature + sig.WriteToV2(&sigV2) + + cmd.Println("Signature:") + common.PrettyPrintJSON(cmd, &sigV2, "signature") + + return + } + + var data []byte + + if containerJSON { + data, err = eaclTable.MarshalJSON() + common.ExitOnErr(cmd, "can't encode to JSON: %w", err) + } else { + data, err = eaclTable.Marshal() + common.ExitOnErr(cmd, "can't encode to binary: %w", err) + } + + cmd.Println("dumping data to file:", containerPathTo) + + cmd.Println("Signature:") + common.PrettyPrintJSON(cmd, &sigV2, "signature") + + err = os.WriteFile(containerPathTo, data, 0644) + common.ExitOnErr(cmd, "could not write eACL to file: %w", err) + }, +} + +func initContainerGetEACLCmd() { + commonflags.Init(getExtendedACLCmd) + + flags := getExtendedACLCmd.Flags() + + flags.StringVar(&containerID, "cid", "", "container ID") + flags.StringVar(&containerPathTo, "to", "", "path to dump encoded container (default: binary encoded)") + flags.BoolVar(&containerJSON, "json", false, "encode EACL table in json format") +} diff --git a/cmd/neofs-cli/modules/container/list.go b/cmd/neofs-cli/modules/container/list.go new file mode 100644 index 00000000..f73abd44 --- /dev/null +++ b/cmd/neofs-cli/modules/container/list.go @@ -0,0 +1,57 @@ +package container + +import ( + internalclient "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/client" + "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/common" + "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/commonflags" + "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/key" + cid "github.com/nspcc-dev/neofs-sdk-go/container/id" + "github.com/nspcc-dev/neofs-sdk-go/user" + "github.com/spf13/cobra" +) + +var containerOwner string + +var listContainersCmd = &cobra.Command{ + Use: "list", + Short: "List all created containers", + Long: "List all created containers", + Run: func(cmd *cobra.Command, args []string) { + var idUser user.ID + + key := key.GetOrGenerate(cmd) + + if containerOwner == "" { + user.IDFromKey(&idUser, key.PublicKey) + } else { + err := idUser.DecodeString(containerOwner) + common.ExitOnErr(cmd, "invalid user ID: %w", err) + } + + cli := internalclient.GetSDKClientByFlag(cmd, key, commonflags.RPC) + + var prm internalclient.ListContainersPrm + prm.SetClient(cli) + prm.SetAccount(idUser) + + res, err := internalclient.ListContainers(prm) + common.ExitOnErr(cmd, "rpc error: %w", err) + + // print to stdout + prettyPrintContainerList(cmd, res.IDList()) + }, +} + +func initContainerListContainersCmd() { + commonflags.Init(listContainersCmd) + + flags := listContainersCmd.Flags() + + flags.StringVar(&containerOwner, "owner", "", "owner of containers (omit to use owner from private key)") +} + +func prettyPrintContainerList(cmd *cobra.Command, list []cid.ID) { + for i := range list { + cmd.Println(list[i].String()) + } +} diff --git a/cmd/neofs-cli/modules/container/list_objects.go b/cmd/neofs-cli/modules/container/list_objects.go new file mode 100644 index 00000000..a17616db --- /dev/null +++ b/cmd/neofs-cli/modules/container/list_objects.go @@ -0,0 +1,49 @@ +package container + +import ( + internalclient "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/client" + "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/common" + "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/commonflags" + "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/key" + objectCli "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/modules/object" + sessionCli "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/modules/session" + "github.com/nspcc-dev/neofs-sdk-go/object" + "github.com/spf13/cobra" +) + +var listContainerObjectsCmd = &cobra.Command{ + Use: "list-objects", + Short: "List existing objects in container", + Long: `List existing objects in container`, + Run: func(cmd *cobra.Command, args []string) { + id := parseContainerID(cmd) + + filters := new(object.SearchFilters) + filters.AddRootFilter() // search only user created objects + + pk := key.GetOrGenerate(cmd) + + var prm internalclient.SearchObjectsPrm + sessionCli.Prepare(cmd, id, nil, pk, &prm) + objectCli.Prepare(cmd, &prm) + prm.SetContainerID(id) + prm.SetFilters(*filters) + + res, err := internalclient.SearchObjects(prm) + common.ExitOnErr(cmd, "rpc error: %w", err) + + objectIDs := res.IDList() + + for i := range objectIDs { + cmd.Println(objectIDs[i].String()) + } + }, +} + +func initContainerListObjectsCmd() { + commonflags.Init(listContainerObjectsCmd) + + flags := listContainerObjectsCmd.Flags() + + flags.StringVar(&containerID, "cid", "", "container ID") +} diff --git a/cmd/neofs-cli/modules/container/root.go b/cmd/neofs-cli/modules/container/root.go new file mode 100644 index 00000000..b04b679a --- /dev/null +++ b/cmd/neofs-cli/modules/container/root.go @@ -0,0 +1,53 @@ +package container + +import ( + "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/commonflags" + "github.com/spf13/cobra" +) + +// Cmd represents the container command +var Cmd = &cobra.Command{ + Use: "container", + Short: "Operations with containers", + Long: "Operations with containers", + PersistentPreRun: func(cmd *cobra.Command, args []string) { + // bind exactly that cmd's flags to + // the viper before execution + commonflags.Bind(cmd) + commonflags.BindAPI(cmd) + }, +} + +func init() { + containerChildCommand := []*cobra.Command{ + listContainersCmd, + createContainerCmd, + deleteContainerCmd, + listContainerObjectsCmd, + getContainerInfoCmd, + getExtendedACLCmd, + setExtendedACLCmd, + } + + Cmd.AddCommand(containerChildCommand...) + + initContainerListContainersCmd() + initContainerCreateCmd() + initContainerDeleteCmd() + initContainerListObjectsCmd() + initContainerInfoCmd() + initContainerGetEACLCmd() + initContainerSetEACLCmd() + + for _, containerCommand := range containerChildCommand { + commonflags.InitAPI(containerCommand) + } + + for _, cmd := range []*cobra.Command{ + createContainerCmd, + deleteContainerCmd, + setExtendedACLCmd, + } { + commonflags.InitSession(cmd) + } +} diff --git a/cmd/neofs-cli/modules/container/set_eacl.go b/cmd/neofs-cli/modules/container/set_eacl.go new file mode 100644 index 00000000..e5b69f12 --- /dev/null +++ b/cmd/neofs-cli/modules/container/set_eacl.go @@ -0,0 +1,87 @@ +package container + +import ( + "bytes" + "time" + + internalclient "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/client" + "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/common" + "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/commonflags" + "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/key" + "github.com/nspcc-dev/neofs-sdk-go/session" + "github.com/spf13/cobra" +) + +var eaclPathFrom string + +var setExtendedACLCmd = &cobra.Command{ + Use: "set-eacl", + Short: "Set new extended ACL table for container", + Long: `Set new extended ACL table for container. +Container ID in EACL table will be substituted with ID from the CLI.`, + Run: func(cmd *cobra.Command, args []string) { + id := parseContainerID(cmd) + eaclTable := common.ReadEACL(cmd, eaclPathFrom) + + var tok *session.Container + + sessionTokenPath, _ := cmd.Flags().GetString(commonflags.SessionToken) + if sessionTokenPath != "" { + tok = new(session.Container) + common.ReadSessionToken(cmd, tok, sessionTokenPath) + } + + eaclTable.SetCID(id) + eaclTable.SetSessionToken(tok) + + pk := key.GetOrGenerate(cmd) + cli := internalclient.GetSDKClientByFlag(cmd, pk, commonflags.RPC) + + var setEACLPrm internalclient.SetEACLPrm + setEACLPrm.SetClient(cli) + setEACLPrm.SetTable(*eaclTable) + + _, err := internalclient.SetEACL(setEACLPrm) + common.ExitOnErr(cmd, "rpc error: %w", err) + + if containerAwait { + exp, err := eaclTable.Marshal() + common.ExitOnErr(cmd, "broken EACL table: %w", err) + + cmd.Println("awaiting...") + + var getEACLPrm internalclient.EACLPrm + getEACLPrm.SetClient(cli) + getEACLPrm.SetContainer(id) + + for i := 0; i < awaitTimeout; i++ { + time.Sleep(1 * time.Second) + + res, err := internalclient.EACL(getEACLPrm) + if err == nil { + // compare binary values because EACL could have been set already + got, err := res.EACL().Marshal() + if err != nil { + continue + } + + if bytes.Equal(exp, got) { + cmd.Println("EACL has been persisted on sidechain") + return + } + } + } + + common.ExitOnErr(cmd, "", errSetEACLTimeout) + } + }, +} + +func initContainerSetEACLCmd() { + commonflags.Init(setExtendedACLCmd) + + flags := setExtendedACLCmd.Flags() + flags.StringVar(&containerID, "cid", "", "container ID") + flags.StringVar(&eaclPathFrom, "table", "", "path to file with JSON or binary encoded EACL table") + flags.BoolVar(&containerAwait, "await", false, "block execution until EACL is persisted") +} diff --git a/cmd/neofs-cli/modules/container/util.go b/cmd/neofs-cli/modules/container/util.go new file mode 100644 index 00000000..517d1c4c --- /dev/null +++ b/cmd/neofs-cli/modules/container/util.go @@ -0,0 +1,32 @@ +package container + +import ( + "errors" + + "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/common" + cid "github.com/nspcc-dev/neofs-sdk-go/container/id" + "github.com/spf13/cobra" +) + +const ( + attributeDelimiter = "=" + + awaitTimeout = 120 // in seconds +) + +var ( + errCreateTimeout = errors.New("timeout: container has not been persisted on sidechain") + errDeleteTimeout = errors.New("timeout: container has not been removed from sidechain") + errSetEACLTimeout = errors.New("timeout: EACL has not been persisted on sidechain") +) + +func parseContainerID(cmd *cobra.Command) cid.ID { + if containerID == "" { + common.ExitOnErr(cmd, "", errors.New("container ID is not set")) + } + + var id cid.ID + err := id.DecodeString(containerID) + common.ExitOnErr(cmd, "can't decode container ID value: %w", err) + return id +} diff --git a/cmd/neofs-cli/modules/root.go b/cmd/neofs-cli/modules/root.go index 4a17b700..1f1f2b44 100644 --- a/cmd/neofs-cli/modules/root.go +++ b/cmd/neofs-cli/modules/root.go @@ -5,13 +5,12 @@ import ( "path/filepath" "github.com/mitchellh/go-homedir" - internalclient "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/client" "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/common" "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/commonflags" - "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/key" accountingCli "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/modules/accounting" "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/modules/acl" bearerCli "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/modules/bearer" + containerCli "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/modules/container" controlCli "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/modules/control" netmapCli "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/modules/netmap" objectCli "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/modules/object" @@ -20,7 +19,6 @@ import ( utilCli "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/modules/util" "github.com/nspcc-dev/neofs-node/misc" "github.com/nspcc-dev/neofs-node/pkg/util/gendoc" - "github.com/nspcc-dev/neofs-sdk-go/client" "github.com/spf13/cobra" "github.com/spf13/viper" ) @@ -82,6 +80,7 @@ func init() { rootCmd.AddCommand(netmapCli.Cmd) rootCmd.AddCommand(objectCli.Cmd) rootCmd.AddCommand(sgCli.Cmd) + rootCmd.AddCommand(containerCli.Cmd) rootCmd.AddCommand(gendoc.Command(rootCmd)) } @@ -125,17 +124,3 @@ func initConfig() { common.PrintVerbose("Using config file: %s", viper.ConfigFileUsed()) } } - -type clientWithKey interface { - SetClient(*client.Client) -} - -// reads private key from command args and call prepareAPIClientWithKey with it. -func prepareAPIClient(cmd *cobra.Command, dst ...clientWithKey) { - p := key.GetOrGenerate(cmd) - cli := internalclient.GetSDKClientByFlag(cmd, p, commonflags.RPC) - - for _, d := range dst { - d.SetClient(cli) - } -}