aarifullin/frostfs-node
1
0
Fork 0
forked from TrueCloudLab/frostfs-node
Code Issues Pull requests Projects Releases Packages Wiki Activity

Compare commits

merge into: aarifullin:master
Branches Tags
aarifullin:master
aarifullin:feat/ape_rule_help
aarifullin:fix/cli_apemngr
aarifullin:feat/refactor_ape_cli
aarifullin:fix/cnt_svc_ape_target
aarifullin:feat/dual_service_support
aarifullin:fix/adm_local_actor
aarifullin:fix/bump_sdk_go
aarifullin:poc/dual_service_support
aarifullin:fix/patch/sign
aarifullin:fix/tree_remove_ape
aarifullin:fix/check_ape_cnr_owner
aarifullin:fix/check_ape_ns
aarifullin:fix/patch_refactor
aarifullin:fix/patch/5
aarifullin:feat/ape/object_tree_refactor
aarifullin:fix/target_put
aarifullin:feat/patch/refactor/1
aarifullin:fix/apemanager/audit
aarifullin:fix/patch/3
aarifullin:feat/patch/1
aarifullin:fix/adm_ape
aarifullin:fix/wsreader_hang
aarifullin:fix/wsconn_invalid
aarifullin:fix/audit_logreq
aarifullin:fix/ape_attr
aarifullin:fix/cli_parse
aarifullin:fix/1229-sessiontok_exp
aarifullin:feat/bt_router
aarifullin:fix/bt_get
aarifullin:feat/groupids_target
aarifullin:feat/cli_eaclconv
aarifullin:feat/treesvc_verbs
aarifullin:feat/cli_bearer
aarifullin:fix/aperule_parser
aarifullin:feat/ec_search
aarifullin:feat/apemanager_refactor
aarifullin:feat/beartoken_ape
aarifullin:feat/ape_sourceip
aarifullin:feat/ape_manager
aarifullin:feat/ec_userobj
aarifullin:feat/improve_ape_parsing
aarifullin:feat/ape_fill_group_id
aarifullin:feat/ape_fill_groupid
aarifullin:fix/policy_engine_list_iterator
aarifullin:feat/ape_user_claim_tag
aarifullin:fix/tree_svc_ape
aarifullin:fix/1061_morph-cache-ttl
aarifullin:feat/validate_create_cnr_ec
aarifullin:fix/object_ape_ignore_tombstone
aarifullin:fix/object_ape_cnr_owner
aarifullin:fix/revert_async_notary_deposit
aarifullin:fix/status_ape_errors
aarifullin:fix/check_ape_role
aarifullin:fix/963-control_svc_iface_down
aarifullin:fix/ape_read_withot_wallet
aarifullin:fix/1012-ape_msg
aarifullin:fix/898_removed-true
aarifullin:fix/strict_ape_checks
aarifullin:feat/cli_parse_json
aarifullin:feat/cli_parse_json_any
aarifullin:feat/cli-ape
aarifullin:fix/chainbase_chain_decoding
aarifullin:fix/object_svc_req_ctx
aarifullin:fix/934-invalid_ape_request
aarifullin:fix/rpc-actor-guard
aarifullin:feature/ape_errors
aarifullin:fix/915-ape_get_object_bug
aarifullin:fix/control-svc-root-ns
aarifullin:feature/872-object_svc_ape
aarifullin:feature/851-use_policy_contract
aarifullin:fix/dont_convert_cid_to_native_fmt
aarifullin:feature/851-policy_contract
aarifullin:fix/dont_convert_cid_to_native_format
aarifullin:feature/804_override_storage
aarifullin:feature/chain_control_api
aarifullin:development/frostfs-adm-policy
aarifullin:feature/chain_id_add_rule
aarifullin:feature/rebase_updated_ape
aarifullin:feature/prm_init_prm_dial
aarifullin:fix/bforest_tree_drop
aarifullin:fix/object_head_eacl
aarifullin:feature/ape_rules_impl
aarifullin:feature/prm_balance_get
aarifullin:feature/121-client/object_put_single
aarifullin:fix/subscriber_ch_sizes
aarifullin:fix/unsubcribe-all
aarifullin:fix/OBJECT-4461_unsubcribe
aarifullin:aarifullin/debug/2
aarifullin:aarifullin/example/subscriber
aarifullin:feature/667-cache_unittest_logs
aarifullin:feature/121-client/prm_announce
aarifullin:feature/121-client/delete
aarifullin:feature/561-init_count
aarifullin:feature/121-client/object_read
aarifullin:fix/574-cnt_ever_existed
aarifullin:feature/121-client/set_eacl
aarifullin:fix/574-tree_del_info
aarifullin:feature/121-client/eacl
aarifullin:feature/121-client/container_delete
aarifullin:fix/sdk_types_usage
aarifullin:feature/5177-get_op_log_meta
aarifullin:fix/eacl_errors
aarifullin:feature/121-client/container_put
aarifullin:fix/119-update_modules
aarifullin:feature/refactor_sdk_api_types
aarifullin:feature/390-tree_cli
aarifullin:feature/390-tree_cli-backup
aarifullin:aarifullin/refactor/1
aarifullin:fix/113-list_name_flag
aarifullin:fix/197-correct_delete_status
aarifullin:feature/371-morph_cache_metr
aarifullin:feature/325-policer_off
aarifullin:feature/19-list_mul_cursor
aarifullin:feature/166-batch_tree_apply
aarifullin:fix/118-unit_test
aarifullin:feature/blobstor_concurrent_tests
aarifullin:feature/113-get_cnr_by_name
aarifullin:fix/use_uber_atomic
aarifullin:fix/116-generated_extra_files
aarifullin:feature/116-engine_constructor
aarifullin:feature/166-sync_tree
aarifullin:bug/use_uber_sync
aarifullin:feature/180-factor_out_panics
aarifullin:fix/86-fix_unittests
aarifullin:refactor/86-move_test_utils
aarifullin:fyrchik/simplify-services
aarifullin:carpawell/upd/neo-go-subs
aarifullin:KirillovDenis/poc/impersonate
aarifullin:carpawell/optional-profiles
aarifullin:carpawell/fix/multiple-cache-update-requests-FROST
aarifullin:support/v0.34
aarifullin:neofs-adm-fix-update
aarifullin:support/v0.30
aarifullin:experimental
aarifullin:neofs-adm-notary-disabled
aarifullin:support/v0.27
TrueCloudLab:master
TrueCloudLab:support/v0.42
TrueCloudLab:support/v0.38
TrueCloudLab:support/v0.37
TrueCloudLab:support/v0.36
TrueCloudLab:support/v0.34
TrueCloudLab:support/v0.30
TrueCloudLab:support/v0.27
aarifullin:v0.22.1
aarifullin:v0.22.0
aarifullin:v0.21.1
aarifullin:v0.21.0
aarifullin:v0.20.0
aarifullin:v0.19.0
aarifullin:v0.18.0
aarifullin:v0.17.0
aarifullin:v0.16.0
aarifullin:v0.15.0
aarifullin:v0.14.3
aarifullin:v0.14.2
aarifullin:v0.14.1
aarifullin:v0.14.0
aarifullin:v0.14.0-rc.1
aarifullin:v0.13.2
aarifullin:v0.13.1
aarifullin:v0.13.0
aarifullin:v0.13.0-rc.1
aarifullin:v0.12.1
aarifullin:v0.12.0
aarifullin:v0.12.0-rc3
aarifullin:v0.12.0-rc2
aarifullin:v0.12.0-rc1
aarifullin:v0.11.0
aarifullin:v0.10.0
TrueCloudLab:v0.38.0-rc.2
TrueCloudLab:v0.38.0-rc.1
TrueCloudLab:v0.37.0
TrueCloudLab:v0.37.0-rc.1
TrueCloudLab:v0.34.0
TrueCloudLab:v0.22.1
TrueCloudLab:v0.22.0
TrueCloudLab:v0.21.1
TrueCloudLab:v0.15.0
TrueCloudLab:v0.14.0
TrueCloudLab:v0.13.2
TrueCloudLab:v0.13.1
TrueCloudLab:v0.13.0
TrueCloudLab:v0.13.0-rc.1
TrueCloudLab:v0.12.1
TrueCloudLab:v0.12.0
TrueCloudLab:v0.12.0-rc3
TrueCloudLab:v0.12.0-rc2
TrueCloudLab:v0.12.0-rc1
TrueCloudLab:v0.10.0
TrueCloudLab:v0.11.0
TrueCloudLab:v0.14.0-rc.1
TrueCloudLab:v0.14.1
TrueCloudLab:v0.14.2
TrueCloudLab:v0.14.3
TrueCloudLab:v0.16.0
TrueCloudLab:v0.17.0
TrueCloudLab:v0.18.0
TrueCloudLab:v0.19.0
TrueCloudLab:v0.20.0
TrueCloudLab:v0.21.0
TrueCloudLab:v0.36.0
TrueCloudLab:v0.38.0
TrueCloudLab:v0.38.1
TrueCloudLab:v0.38.2
TrueCloudLab:v0.38.3
TrueCloudLab:v0.38.4
TrueCloudLab:v0.38.5
TrueCloudLab:v0.38.6
TrueCloudLab:v0.38.7
TrueCloudLab:v0.38.8
TrueCloudLab:v0.38.9
TrueCloudLab:v0.39.0
TrueCloudLab:v0.40.0
TrueCloudLab:v0.41.0
TrueCloudLab:v0.42.0
TrueCloudLab:v0.42.0-rc.1
TrueCloudLab:v0.42.0-rc.2
TrueCloudLab:v0.42.0-rc.3
TrueCloudLab:v0.42.0-rc.4
TrueCloudLab:v0.42.0-rc.5
TrueCloudLab:v0.42.0-rc.6
TrueCloudLab:v0.42.0-rc.7
TrueCloudLab:v0.42.0-rc.8
TrueCloudLab:v0.42.0-rc.9
TrueCloudLab:v0.42.1
TrueCloudLab:v0.42.10
TrueCloudLab:v0.42.11
TrueCloudLab:v0.42.12
TrueCloudLab:v0.42.13
TrueCloudLab:v0.42.14
TrueCloudLab:v0.42.15
TrueCloudLab:v0.42.16
TrueCloudLab:v0.42.2
TrueCloudLab:v0.42.3
TrueCloudLab:v0.42.4
TrueCloudLab:v0.42.5
TrueCloudLab:v0.42.6
TrueCloudLab:v0.42.7
TrueCloudLab:v0.42.8
TrueCloudLab:v0.42.9
TrueCloudLab:v0.43.0
TrueCloudLab:v0.43.1
TrueCloudLab:v0.43.2
TrueCloudLab:v0.44.0-rc.1
TrueCloudLab:v0.44.0-rc.10
TrueCloudLab:v0.44.0-rc.11
TrueCloudLab:v0.44.0-rc.12
TrueCloudLab:v0.44.0-rc.13
TrueCloudLab:v0.44.0-rc.2
TrueCloudLab:v0.44.0-rc.3
TrueCloudLab:v0.44.0-rc.4
TrueCloudLab:v0.44.0-rc.5
TrueCloudLab:v0.44.0-rc.6
TrueCloudLab:v0.44.0-rc.7
TrueCloudLab:v0.44.0-rc.8
TrueCloudLab:v0.44.0-rc.9
...
pull from: aarifullin:feature/851-policy_contract
Branches Tags
aarifullin:feat/ape_rule_help
aarifullin:fix/cli_apemngr
aarifullin:feat/refactor_ape_cli
aarifullin:fix/cnt_svc_ape_target
aarifullin:feat/dual_service_support
aarifullin:fix/adm_local_actor
aarifullin:fix/bump_sdk_go
aarifullin:poc/dual_service_support
aarifullin:fix/patch/sign
aarifullin:fix/tree_remove_ape
aarifullin:fix/check_ape_cnr_owner
aarifullin:fix/check_ape_ns
aarifullin:fix/patch_refactor
aarifullin:fix/patch/5
aarifullin:feat/ape/object_tree_refactor
aarifullin:fix/target_put
aarifullin:feat/patch/refactor/1
aarifullin:fix/apemanager/audit
aarifullin:fix/patch/3
aarifullin:feat/patch/1
aarifullin:fix/adm_ape
aarifullin:fix/wsreader_hang
aarifullin:fix/wsconn_invalid
aarifullin:fix/audit_logreq
aarifullin:fix/ape_attr
aarifullin:fix/cli_parse
aarifullin:fix/1229-sessiontok_exp
aarifullin:feat/bt_router
aarifullin:fix/bt_get
aarifullin:feat/groupids_target
aarifullin:feat/cli_eaclconv
aarifullin:feat/treesvc_verbs
aarifullin:feat/cli_bearer
aarifullin:fix/aperule_parser
aarifullin:feat/ec_search
aarifullin:feat/apemanager_refactor
aarifullin:feat/beartoken_ape
aarifullin:feat/ape_sourceip
aarifullin:feat/ape_manager
aarifullin:feat/ec_userobj
aarifullin:feat/improve_ape_parsing
aarifullin:master
aarifullin:feat/ape_fill_group_id
aarifullin:feat/ape_fill_groupid
aarifullin:fix/policy_engine_list_iterator
aarifullin:feat/ape_user_claim_tag
aarifullin:fix/tree_svc_ape
aarifullin:fix/1061_morph-cache-ttl
aarifullin:feat/validate_create_cnr_ec
aarifullin:fix/object_ape_ignore_tombstone
aarifullin:fix/object_ape_cnr_owner
aarifullin:fix/revert_async_notary_deposit
aarifullin:fix/status_ape_errors
aarifullin:fix/check_ape_role
aarifullin:fix/963-control_svc_iface_down
aarifullin:fix/ape_read_withot_wallet
aarifullin:fix/1012-ape_msg
aarifullin:fix/898_removed-true
aarifullin:fix/strict_ape_checks
aarifullin:feat/cli_parse_json
aarifullin:feat/cli_parse_json_any
aarifullin:feat/cli-ape
aarifullin:fix/chainbase_chain_decoding
aarifullin:fix/object_svc_req_ctx
aarifullin:fix/934-invalid_ape_request
aarifullin:fix/rpc-actor-guard
aarifullin:feature/ape_errors
aarifullin:fix/915-ape_get_object_bug
aarifullin:fix/control-svc-root-ns
aarifullin:feature/872-object_svc_ape
aarifullin:feature/851-use_policy_contract
aarifullin:fix/dont_convert_cid_to_native_fmt
aarifullin:feature/851-policy_contract
aarifullin:fix/dont_convert_cid_to_native_format
aarifullin:feature/804_override_storage
aarifullin:feature/chain_control_api
aarifullin:development/frostfs-adm-policy
aarifullin:feature/chain_id_add_rule
aarifullin:feature/rebase_updated_ape
aarifullin:feature/prm_init_prm_dial
aarifullin:fix/bforest_tree_drop
aarifullin:fix/object_head_eacl
aarifullin:feature/ape_rules_impl
aarifullin:feature/prm_balance_get
aarifullin:feature/121-client/object_put_single
aarifullin:fix/subscriber_ch_sizes
aarifullin:fix/unsubcribe-all
aarifullin:fix/OBJECT-4461_unsubcribe
aarifullin:aarifullin/debug/2
aarifullin:aarifullin/example/subscriber
aarifullin:feature/667-cache_unittest_logs
aarifullin:feature/121-client/prm_announce
aarifullin:feature/121-client/delete
aarifullin:feature/561-init_count
aarifullin:feature/121-client/object_read
aarifullin:fix/574-cnt_ever_existed
aarifullin:feature/121-client/set_eacl
aarifullin:fix/574-tree_del_info
aarifullin:feature/121-client/eacl
aarifullin:feature/121-client/container_delete
aarifullin:fix/sdk_types_usage
aarifullin:feature/5177-get_op_log_meta
aarifullin:fix/eacl_errors
aarifullin:feature/121-client/container_put
aarifullin:fix/119-update_modules
aarifullin:feature/refactor_sdk_api_types
aarifullin:feature/390-tree_cli
aarifullin:feature/390-tree_cli-backup
aarifullin:aarifullin/refactor/1
aarifullin:fix/113-list_name_flag
aarifullin:fix/197-correct_delete_status
aarifullin:feature/371-morph_cache_metr
aarifullin:feature/325-policer_off
aarifullin:feature/19-list_mul_cursor
aarifullin:feature/166-batch_tree_apply
aarifullin:fix/118-unit_test
aarifullin:feature/blobstor_concurrent_tests
aarifullin:feature/113-get_cnr_by_name
aarifullin:fix/use_uber_atomic
aarifullin:fix/116-generated_extra_files
aarifullin:feature/116-engine_constructor
aarifullin:feature/166-sync_tree
aarifullin:bug/use_uber_sync
aarifullin:feature/180-factor_out_panics
aarifullin:fix/86-fix_unittests
aarifullin:refactor/86-move_test_utils
aarifullin:fyrchik/simplify-services
aarifullin:carpawell/upd/neo-go-subs
aarifullin:KirillovDenis/poc/impersonate
aarifullin:carpawell/optional-profiles
aarifullin:carpawell/fix/multiple-cache-update-requests-FROST
aarifullin:support/v0.34
aarifullin:neofs-adm-fix-update
aarifullin:support/v0.30
aarifullin:experimental
aarifullin:neofs-adm-notary-disabled
aarifullin:support/v0.27
TrueCloudLab:master
TrueCloudLab:support/v0.42
TrueCloudLab:support/v0.38
TrueCloudLab:support/v0.37
TrueCloudLab:support/v0.36
TrueCloudLab:support/v0.34
TrueCloudLab:support/v0.30
TrueCloudLab:support/v0.27
aarifullin:v0.22.1
aarifullin:v0.22.0
aarifullin:v0.21.1
aarifullin:v0.21.0
aarifullin:v0.20.0
aarifullin:v0.19.0
aarifullin:v0.18.0
aarifullin:v0.17.0
aarifullin:v0.16.0
aarifullin:v0.15.0
aarifullin:v0.14.3
aarifullin:v0.14.2
aarifullin:v0.14.1
aarifullin:v0.14.0
aarifullin:v0.14.0-rc.1
aarifullin:v0.13.2
aarifullin:v0.13.1
aarifullin:v0.13.0
aarifullin:v0.13.0-rc.1
aarifullin:v0.12.1
aarifullin:v0.12.0
aarifullin:v0.12.0-rc3
aarifullin:v0.12.0-rc2
aarifullin:v0.12.0-rc1
aarifullin:v0.11.0
aarifullin:v0.10.0
TrueCloudLab:v0.38.0-rc.2
TrueCloudLab:v0.38.0-rc.1
TrueCloudLab:v0.37.0
TrueCloudLab:v0.37.0-rc.1
TrueCloudLab:v0.34.0
TrueCloudLab:v0.22.1
TrueCloudLab:v0.22.0
TrueCloudLab:v0.21.1
TrueCloudLab:v0.15.0
TrueCloudLab:v0.14.0
TrueCloudLab:v0.13.2
TrueCloudLab:v0.13.1
TrueCloudLab:v0.13.0
TrueCloudLab:v0.13.0-rc.1
TrueCloudLab:v0.12.1
TrueCloudLab:v0.12.0
TrueCloudLab:v0.12.0-rc3
TrueCloudLab:v0.12.0-rc2
TrueCloudLab:v0.12.0-rc1
TrueCloudLab:v0.10.0
TrueCloudLab:v0.11.0
TrueCloudLab:v0.14.0-rc.1
TrueCloudLab:v0.14.1
TrueCloudLab:v0.14.2
TrueCloudLab:v0.14.3
TrueCloudLab:v0.16.0
TrueCloudLab:v0.17.0
TrueCloudLab:v0.18.0
TrueCloudLab:v0.19.0
TrueCloudLab:v0.20.0
TrueCloudLab:v0.21.0
TrueCloudLab:v0.36.0
TrueCloudLab:v0.38.0
TrueCloudLab:v0.38.1
TrueCloudLab:v0.38.2
TrueCloudLab:v0.38.3
TrueCloudLab:v0.38.4
TrueCloudLab:v0.38.5
TrueCloudLab:v0.38.6
TrueCloudLab:v0.38.7
TrueCloudLab:v0.38.8
TrueCloudLab:v0.38.9
TrueCloudLab:v0.39.0
TrueCloudLab:v0.40.0
TrueCloudLab:v0.41.0
TrueCloudLab:v0.42.0
TrueCloudLab:v0.42.0-rc.1
TrueCloudLab:v0.42.0-rc.2
TrueCloudLab:v0.42.0-rc.3
TrueCloudLab:v0.42.0-rc.4
TrueCloudLab:v0.42.0-rc.5
TrueCloudLab:v0.42.0-rc.6
TrueCloudLab:v0.42.0-rc.7
TrueCloudLab:v0.42.0-rc.8
TrueCloudLab:v0.42.0-rc.9
TrueCloudLab:v0.42.1
TrueCloudLab:v0.42.10
TrueCloudLab:v0.42.11
TrueCloudLab:v0.42.12
TrueCloudLab:v0.42.13
TrueCloudLab:v0.42.14
TrueCloudLab:v0.42.15
TrueCloudLab:v0.42.16
TrueCloudLab:v0.42.2
TrueCloudLab:v0.42.3
TrueCloudLab:v0.42.4
TrueCloudLab:v0.42.5
TrueCloudLab:v0.42.6
TrueCloudLab:v0.42.7
TrueCloudLab:v0.42.8
TrueCloudLab:v0.42.9
TrueCloudLab:v0.43.0
TrueCloudLab:v0.43.1
TrueCloudLab:v0.43.2
TrueCloudLab:v0.44.0-rc.1
TrueCloudLab:v0.44.0-rc.10
TrueCloudLab:v0.44.0-rc.11
TrueCloudLab:v0.44.0-rc.12
TrueCloudLab:v0.44.0-rc.13
TrueCloudLab:v0.44.0-rc.2
TrueCloudLab:v0.44.0-rc.3
TrueCloudLab:v0.44.0-rc.4
TrueCloudLab:v0.44.0-rc.5
TrueCloudLab:v0.44.0-rc.6
TrueCloudLab:v0.44.0-rc.7
TrueCloudLab:v0.44.0-rc.8
TrueCloudLab:v0.44.0-rc.9

3 commits
master ... feature/85

Author SHA1 Message Date
Airat Arifullin
9646d77ae1 [#851] ape: Initialize and use policy contract interface 
* Replace inmemory policy contract mock by initialized
  policy contract interface.

Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
 2023-12-13 15:50:00 +03:00
Airat Arifullin
da9c75f9aa [#XX] object: Pass just CID to chain router 
* Do not convert CID from request to native-schema resource
  format - this step is unneccessary for APE.

Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
 2023-12-13 15:29:17 +03:00
Airat Arifullin
9275c6b3e1 [#XX] cli: Pass only CID in requests for control API 
* Fix add-rule, list-rules, remove-rule, get-rule commands:
  do not convert container ID to native-schema resource format
  and pass it to control API.

Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
 2023-12-13 15:25:47 +03:00
12 changed files with 23 additions and 25 deletions
Show stats Expand all files Collapse all files

6
cmd/frostfs-cli/modules/control/add_rule.go
View file

@ -4,7 +4,6 @@ import (
"bytes"
"crypto/sha256"
"encoding/json"
"fmt"
"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/rpc/client"
"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/commonflags"
@ -14,7 +13,6 @@ import (
"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/control"
cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
apechain "git.frostfs.info/TrueCloudLab/policy-engine/pkg/chain"
nativeschema "git.frostfs.info/TrueCloudLab/policy-engine/schema/native"
"github.com/spf13/cobra"
)
@ -62,13 +60,11 @@ func addRule(cmd *cobra.Command, _ []string) {
cmd.Println("Container ID: " + cidStr)
cmd.Println("Parsed chain:\n" + prettyJSONFormat(cmd, serializedChain))
name := fmt.Sprintf(nativeschema.ResourceFormatRootContainerObjects, cidStr)
req := &control.AddChainLocalOverrideRequest{
Body: &control.AddChainLocalOverrideRequest_Body{
Target: &control.ChainTarget{
Type: control.ChainTarget_CONTAINER,
Name: name,
Name: cidStr,
},
Chain: serializedChain,
},

6
cmd/frostfs-cli/modules/control/get_rule.go
View file

@ -2,7 +2,6 @@ package control
import (
"crypto/sha256"
"fmt"
"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/rpc/client"
"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/commonflags"
@ -11,7 +10,6 @@ import (
"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/control"
cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
apechain "git.frostfs.info/TrueCloudLab/policy-engine/pkg/chain"
nativeschema "git.frostfs.info/TrueCloudLab/policy-engine/schema/native"
"github.com/spf13/cobra"
)
@ -34,12 +32,10 @@ func getRule(cmd *cobra.Command, _ []string) {
chainID, _ := cmd.Flags().GetString(chainIDFlag)
name := fmt.Sprintf(nativeschema.ResourceFormatRootContainerObjects, cidStr)
req := &control.GetChainLocalOverrideRequest{
Body: &control.GetChainLocalOverrideRequest_Body{
Target: &control.ChainTarget{
Name: name,
Name: cidStr,
Type: control.ChainTarget_CONTAINER,
},
ChainId: chainID,

6
cmd/frostfs-cli/modules/control/list_rules.go
View file

@ -2,7 +2,6 @@ package control
import (
"crypto/sha256"
"fmt"
"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/rpc/client"
"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/commonflags"
@ -11,7 +10,6 @@ import (
"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/control"
cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
apechain "git.frostfs.info/TrueCloudLab/policy-engine/pkg/chain"
nativeschema "git.frostfs.info/TrueCloudLab/policy-engine/schema/native"
"github.com/spf13/cobra"
)
@ -32,12 +30,10 @@ func listRules(cmd *cobra.Command, _ []string) {
rawCID := make([]byte, sha256.Size)
cnr.Encode(rawCID)
name := fmt.Sprintf(nativeschema.ResourceFormatRootContainerObjects, cidStr)
req := &control.ListChainLocalOverridesRequest{
Body: &control.ListChainLocalOverridesRequest_Body{
Target: &control.ChainTarget{
Name: name,
Name: cidStr,
Type: control.ChainTarget_CONTAINER,
},
},

6
cmd/frostfs-cli/modules/control/remove_rule.go
View file

@ -2,7 +2,6 @@ package control
import (
"crypto/sha256"
"fmt"
"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/rpc/client"
"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/commonflags"
@ -10,7 +9,6 @@ import (
commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/control"
cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
nativeschema "git.frostfs.info/TrueCloudLab/policy-engine/schema/native"
"github.com/spf13/cobra"
)
@ -37,12 +35,10 @@ func removeRule(cmd *cobra.Command, _ []string) {
chainID, _ := cmd.Flags().GetString(chainIDFlag)
name := fmt.Sprintf(nativeschema.ResourceFormatRootContainerObjects, cidStr)
req := &control.RemoveChainLocalOverrideRequest{
Body: &control.RemoveChainLocalOverrideRequest_Body{
Target: &control.ChainTarget{
Name: name,
Name: cidStr,
Type: control.ChainTarget_CONTAINER,
},
ChainId: chainID,

8
cmd/frostfs-node/config.go
View file

@ -69,7 +69,7 @@ import (
objectSDK "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object"
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/version"
"git.frostfs.info/TrueCloudLab/policy-engine/pkg/engine/inmemory"
policy_client "git.frostfs.info/TrueCloudLab/policy-engine/pkg/morph/policy"
"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
neogoutil "github.com/nspcc-dev/neo-go/pkg/util"
"github.com/panjf2000/ants/v2"
@ -542,6 +542,8 @@ type cfgLocalStorage struct {
}
type cfgAccessPolicyEngine struct {
policyContractHash neogoutil.Uint160
accessPolicyEngine *accessPolicyEngine
}
@ -987,7 +989,9 @@ func initAccessPolicyEngine(_ context.Context, c *cfg) {
)
}
morphRuleStorage := inmemory.NewInmemoryMorphRuleChainStorage()
morphRuleStorage := policy_client.NewContractStorage(
c.cfgMorph.client.GetActor(),
c.cfgObject.cfgAccessPolicyEngine.policyContractHash)
ape := newAccessPolicyEngine(morphRuleStorage, localOverrideDB)
c.cfgObject.cfgAccessPolicyEngine.accessPolicyEngine = ape

5
cmd/frostfs-node/main.go
View file

@ -98,14 +98,15 @@ func initApp(ctx context.Context, c *cfg) {
fatalOnErr(c.cfgObject.cfgLocalStorage.localStorage.Init(ctx))
})
initAndLog(c, "gRPC", initGRPC)
initAndLog(c, "netmap", func(c *cfg) { initNetmapService(ctx, c) })
initAccessPolicyEngine(ctx, c)
initAndLog(c, "access policy engine", func(c *cfg) {
fatalOnErr(c.cfgObject.cfgAccessPolicyEngine.accessPolicyEngine.LocalOverrideDatabaseCore().Open(ctx))
fatalOnErr(c.cfgObject.cfgAccessPolicyEngine.accessPolicyEngine.LocalOverrideDatabaseCore().Init())
})
initAndLog(c, "gRPC", initGRPC)
initAndLog(c, "netmap", func(c *cfg) { initNetmapService(ctx, c) })
initAndLog(c, "accounting", func(c *cfg) { initAccountingService(ctx, c) })
initAndLog(c, "container", func(c *cfg) { initContainerService(ctx, c) })
initAndLog(c, "session", initSessionService)

1
cmd/frostfs-node/morph.go
View file

@ -289,6 +289,7 @@ func lookupScriptHashesInNNS(c *cfg) {
{&c.cfgAccounting.scriptHash, client.NNSBalanceContractName},
{&c.cfgContainer.scriptHash, client.NNSContainerContractName},
{&c.cfgMorph.proxyScriptHash, client.NNSProxyContractName},
{&c.cfgObject.cfgAccessPolicyEngine.policyContractHash, client.NNSPolicyContractName},
}
)

2
go.mod
View file

@ -2,6 +2,8 @@ module git.frostfs.info/TrueCloudLab/frostfs-node
go 1.20
replace git.frostfs.info/TrueCloudLab/policy-engine v0.0.0-20231211080303-8c673ee4f4af => git.frostfs.info/aarifullin/policy-engine v0.0.0-20231212185618-def903261503
require (
git.frostfs.info/TrueCloudLab/frostfs-api-go/v2 v2.16.1-0.20231031104748-498877e378fd
git.frostfs.info/TrueCloudLab/frostfs-contract v0.18.1-0.20231129062201-a1b61d394958

BIN
go.sum
View file

Binary file not shown.

4
pkg/morph/client/client.go
View file

@ -539,3 +539,7 @@ func (c *Client) setActor(act *actor.Actor) {
c.gasToken = nep17.New(act, gas.Hash)
c.rolemgmt = rolemgmt.New(act)
}
func (c *Client) GetActor() *actor.Actor {
return c.rpcActor
}

2
pkg/morph/client/nns.go
View file

@ -33,6 +33,8 @@ const (
NNSProxyContractName = "proxy.frostfs"
// NNSGroupKeyName is a name for the FrostFS group key record in NNS.
NNSGroupKeyName = "group.frostfs"
// NNSPolicyContractName is a name of the policy contract in NNS.
NNSPolicyContractName = "policy.frostfs"
)
var (

2
pkg/services/object/acl/ape.go
View file

@ -26,7 +26,7 @@ func (c *apeCheckerImpl) CheckIfRequestPermitted(reqInfo v2.RequestInfo) error {
request := new(Request)
request.FromRequestInfo(reqInfo)
cnrTarget := getResource(reqInfo).Name()
cnrTarget := reqInfo.ContainerID().EncodeToString()
status, ruleFound, err := c.chainRouter.IsAllowed(apechain.Ingress, policyengine.NewRequestTargetWithContainer(cnrTarget), request)
if err != nil {