aarifullin/frostfs-node
1
0
Fork 0
forked from TrueCloudLab/frostfs-node
Code Issues Pull requests Projects Releases Packages Wiki Activity
5534 commits 153 branches 26 tags 62 MiB
Commit graph

10 commits

Author SHA1 Message Date
Airat Arifullin
a5f76a609d [#1689] ape: Fix bearer token validation 
* Request's sender is set to the token's issuer's public key if
  it's impersonated. Thus, token's user assertion must be fixed;
* Add unit-test: check impersonated token but set user with `ForUser`.

Change-Id: I5e299947761e237b1b4b339cf2d1278ef518239d
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
 2025-05-05 17:46:28 +03:00
Airat Arifullin
64b46746e4 [#1689] ape: Fix validation for overrides in bearer 
* APE-overrides are optional for bearer. So, it should validate only set override;
* Bearer can set overrides for containers, not only the one container - validation
  expects for any target type for set override. Basically, APE-overrides for all
  container must be set for namespace target;
* Add unit-test cases to check bearer token validation.

Change-Id: I6b8e19eb73d24f8cd8799bf99b6c551287da67d9
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
 2025-04-29 16:34:17 +03:00
Airat Arifullin
8e2f919df0 [#1689] go.mod: Bump SDK version 
* Fix `APEOverride` method usage in ape checker.
* Fix linter errors: factor out deprecated methods and packages.

Change-Id: I8c939f4c58c2a4e3c4e795c7224d935d40ce6f24
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
 2025-04-29 16:00:23 +03:00
Airat Arifullin
b0f39dca16 [#1721] object: Make CheckAPE always validate bearer token 
* The bearer token must always be validated, regardless of whether it has been impersonated;
* Fix unit-tests for tree service which check verification with bearer token.

Close #1721

Change-Id: I5f715c498ae10b2e758244e60b8f21849328a04f
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
 2025-04-22 19:36:42 +03:00
Alexander Chuprov
9b113c3156
[#1613] morph: Add tracing for morph queries to neo-go 
Signed-off-by: Alexander Chuprov <a.chuprov@yadro.com>
 2025-02-05 16:38:20 +03:00
Airat Arifullin
7ac3542714 [#1563] ape: Introduce ChainRouterError error type 
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
 2024-12-16 15:12:30 +03:00
Airat Arifullin
bba1892fa1 [#1524] ape: Make APE checker return error without status 
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
 2024-11-29 10:48:16 +00:00
Evgenii Stratonikov
b1a31281e4 [#1480] ape: Remove SoftAPECheck flag 
Previous release was EACL-compatible.
Starting from now all EACL should've been migrated to APE chains.

Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
 2024-11-08 12:01:14 +00:00
Aleksey Savchuk
99be4c83a7
[#1368] *: Run gofumpt 
Signed-off-by: Aleksey Savchuk <a.savchuk@yadro.com>
 2024-09-12 10:00:28 +03:00
Airat Arifullin
a812932984 [#1362] ape: Move common APE check logic to separate package 
* Tree and object service have the same log for checking APE. So,
  this check should be moved to common package.

Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
 2024-09-10 12:40:34 +00:00