aarifullin/policy-engine

Author	SHA1	Message	Date
Denis Kirillov	67e4595a91	[#63 ] iam: Support tag keys Support: * aws:PrincipalTag * aws:ResourceTag * aws:Request Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-04-05 09:36:01 +03:00
Denis Kirillov	42497ad242	[#59 ] router: Inmemory implementation should take empty name for "root" Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-04-02 11:09:42 +03:00
Denis Kirillov	1d51f2121d	[#58 ] iam: Support more s3 actions Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-04-01 17:18:20 +03:00
Marina Biryukova	9040e48504	[#57 ] iam: Add policy validation checks Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>	2024-03-11 16:12:47 +03:00
Anton Nikiforov	2ec958cbfd	[#56 ] storage: Allow to remove all chains by target Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com>	2024-03-07 18:11:06 +03:00
Anton Nikiforov	8cb2de05ab	[#56 ] Fix pre-commit issue Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com>	2024-03-07 18:01:50 +03:00
aarifullin	c13ed8447a	[#52 ] morph: Extend MorphRuleChainStorage interface with ListTargetsIterator * Update frostfs-contract package version in go.mod. * Extend MorphRuleChainStorage interface with ListTargetsIterator and introduce its implementation. * Check targets in inmemory implementation unit-tests. Signed-off-by: Airat Arifullin <aarifullin@yadro.com>	2024-03-05 10:17:28 +03:00
aarifullin	839f22e1a3	[#55 ] router: Inmemory implementation should take empty name for "root" Signed-off-by: Airat Arifullin <aarifullin@yadro.com>	2024-03-04 18:12:11 +03:00
aarifullin	cf1f091e26	[#54 ] morph: Introduce ContractStorageReader * Implement MorphRuleChainStorageReader interface to make possible to read from Policy contract without wallets. Signed-off-by: Airat Arifullin <aarifullin@yadro.com>	2024-03-01 08:05:25 +00:00
aarifullin	9e66ce59c6	[#54 ] morph: Revise MorphRuleChainStorage interface * Split MorphRuleChainStorage interface by moving read-only methods to a separate interface MorphRuleChainStorageReader. Signed-off-by: Airat Arifullin <aarifullin@yadro.com>	2024-03-01 08:05:25 +00:00
Denis Kirillov	c960b1b088	[#53 ] iam: Extend support s3 to native actions Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-02-26 12:42:15 +03:00
aarifullin	8354a074c4	[#49 ] engine: Fix target considering order * Namespace target rules should be considered first Signed-off-by: Airat Arifullin <aarifullin@yadro.com>	2024-02-06 14:12:36 +03:00
Evgenii Stratonikov	4a989d6bb7	[#50 ] .fordejo: Update DCO action Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>	2024-02-06 12:58:42 +03:00
Denis Kirillov	0edc002441	[#46 ] iam: Handle s3 complex actions Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-02-01 17:19:00 +03:00
Denis Kirillov	1cdb3e5a4a	[#46 ] iam: Support more s3 to native actions mapping Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-02-01 17:18:55 +03:00
Denis Kirillov	af388779a3	[#46 ] iam: Shrink rules for wildcard cases Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-01-29 11:50:24 +03:00
Denis Kirillov	8cc5173d73	[#46 ] iam: Support namespaces when forming native rules Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-01-29 11:50:24 +03:00
Denis Kirillov	2af381ae81	[#46 ] iam: Error if policy doesn't have actions Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-01-29 11:50:24 +03:00
Anton Nikiforov	8d21ab2d99	[#43 ] engine: Extend with target listing method Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com>	2024-01-29 09:41:40 +03:00
Dmitrii Stepanov	0a28f0a992	[#1 ] gitattributes: Add easyjson files rules Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2024-01-24 11:04:03 +03:00
Dmitrii Stepanov	dd0f582fc3	[#1 ] chain: Fix ID type from string to bytes ID may be non UTF-8 string, so from developers POV it is just byte slice. Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2024-01-24 11:04:03 +03:00
Dmitrii Stepanov	5f13d91c0d	[#1 ] native: Fix typo in owner value Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2024-01-24 11:04:03 +03:00
Dmitrii Stepanov	88c2a476b0	[#1 ] chain: Add json marshal/unmarshal Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2024-01-24 11:04:03 +03:00
Dmitrii Stepanov	58386edf58	[#1 ] chain: Add binary marshal/unmarshal Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2024-01-24 11:04:03 +03:00
Anton Nikiforov	06cbfe8691	[#876 ] policy: Add resource\request for container Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com>	2024-01-22 13:47:24 +03:00
Denis Kirillov	c80c99b13e	[#41 ] chain: Fix ID serialization Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-01-12 10:56:04 +03:00
Dmitrii Stepanov	ed93bb5cc5	[#35 ] local_storage: Make thread safe Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2023-12-21 12:13:54 +00:00
Denis Kirillov	06e9c91014	[#33 ] pkg/chain: Support CondSliceContains condition Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2023-12-21 11:13:52 +00:00
Anton Nikiforov	b82544b0fe	[#876 ] policy: Fix `SetAdmin` Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com>	2023-12-21 07:54:42 +03:00
Anton Nikiforov	641a1429ef	[#876 ] policy: Add methods `Get/SetAdmin` for wrapper Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com>	2023-12-21 04:51:21 +00:00
Dmitrii Stepanov	02e50307df	[#34 ] native: Add container methods Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2023-12-20 14:22:01 +03:00
Denis Kirillov	3128352693	[#36 ] iam: Keep s3/iam prefixes in resources Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2023-12-20 07:08:31 +00:00
Denis Kirillov	ec39d8371a	[#36 ] iam: Support iam actions Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2023-12-20 07:08:31 +00:00
aarifullin	e57d213595	[#26 ] schema: Add resource name validation method Close #26 Signed-off-by: Airat Arifullin <aarifullin@yadro.com>	2023-12-19 16:40:59 +00:00
aarifullin	62ea96b82c	[#32 ] morph: Remove name transformer in morph policy client * It is not required to transform long names because container chains will be added by container ID but not by a resource name. Signed-off-by: Airat Arifullin <aarifullin@yadro.com>	2023-12-14 12:22:53 +00:00
Denis Kirillov	1d07331f5d	[#28 ] iam: Fix converters Handle resource without object as bucket name instead of bucket with any object Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2023-12-13 13:20:38 +00:00
Denis Kirillov	3b107e9413	[#28 ] chain: Add S3 chain name Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2023-12-13 13:20:38 +00:00
Dmitrii Stepanov	8c673ee4f4	[#21 ] chain: Allow to return first match result Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2023-12-11 11:03:03 +03:00
Dmitrii Stepanov	1375e8f7fd	[#21 ] router: Make Deny the highest priority Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2023-12-08 12:37:29 +03:00
aarifullin	156018bcba	[#3 ] policy: Introduce policy contract interface wrapper Signed-off-by: Airat Arifullin <aarifullin@yadro.com>	2023-12-07 14:01:27 +03:00
aarifullin	df15b38c63	[#3 ] engine: Refactor MorphRuleChainStorage * Make changing state methods like AddMorphRuleChain, RemoveMorphRuleChain return transaction hash and VUB. Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>	2023-12-06 12:25:55 +03:00
aarifullin	2d4a9fc6dc	[#25 ] engine: Refactor ChainRouter interface * Pass RequestTarget instead only namespace * Refactor unit-tests and dependencies Signed-off-by: Airat Arifullin <aarifullin@yadro.com>	2023-12-05 09:20:54 +00:00
aarifullin	4d8242584a	[#25 ] engine: Refactor LocalOverrideStorage * Make LocalOverrideStorage methods to receive Target type instead resource * Refactor unit-tests and dependencies * Make default chain router check local overrides not only for container but also for namespaces Signed-off-by: Airat Arifullin <aarifullin@yadro.com>	2023-12-05 09:20:54 +00:00
Denis Kirillov	a0a35bf4bf	[#22 ] iam: Fix converters Validate that actions and resources contain wildcard only at the end Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2023-11-28 17:56:36 +03:00
Denis Kirillov	5fa9d91903	[#17 ] iam: Add converter to native/s3 policy Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2023-11-21 11:45:41 +03:00
Dmitrii Stepanov	5db67021e1	[#20 ] schema: Drop `root` from namespace definition Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2023-11-15 12:47:36 +03:00
aarifullin	17453d3cda	[#7 ] engine: Revise CachedChainStorage interface * Nuke out CachedChainStorage interface * Introduce LocalOverrideStorage interface to manage local overrides * Introduce MorphRuleChainStorage interface to manage chains in the policy contract * Extend Engine interface Signed-off-by: Airat Arifullin <aarifullin@yadro.com>	2023-11-15 09:22:42 +00:00
aarifullin	a08f600d97	[#7 ] engine: Set project structure pattern for files * Create pkg package * Move chain-relates structures to pkg/chain package * Move inmemory and interface files to pkg/engine package * Move resource structures to pkg/resource package * Move GlobMatch to util package Signed-off-by: Airat Arifullin <aarifullin@yadro.com>	2023-11-15 09:22:42 +00:00
aarifullin	9472a7123e	[#7 ] engine: Move globMatch to common util package Signed-off-by: Airat Arifullin <aarifullin@yadro.com>	2023-11-15 09:22:42 +00:00
Dmitrii Stepanov	38985e4ec8	[#19 ] schema: Add native schema consts Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2023-11-14 13:09:51 +03:00

1 2

62 commits