Merge branch 'release/0.6.0'

This commit is contained in:
alexvanin 2020-04-03 10:32:36 +03:00
commit f63591a088
16 changed files with 197 additions and 84 deletions

View file

@ -1,5 +1,16 @@
# Changelog # Changelog
This is the changelog for NeoFS API This is the changelog for NeoFS-API-Go
## [0.6.0] - 2020-04-03
### Added
- `RequestType` for object service requests
- `Type()` function in `Request` interface
### Changed
- Synced proto files with `neofs-api v0.6.0`
## [0.5.0] - 2020-03-31 ## [0.5.0] - 2020-03-31
@ -217,3 +228,4 @@ Initial public release
[0.4.1]: https://github.com/nspcc-dev/neofs-api-go/compare/v0.4.0...v0.4.1 [0.4.1]: https://github.com/nspcc-dev/neofs-api-go/compare/v0.4.0...v0.4.1
[0.4.2]: https://github.com/nspcc-dev/neofs-api-go/compare/v0.4.1...v0.4.2 [0.4.2]: https://github.com/nspcc-dev/neofs-api-go/compare/v0.4.1...v0.4.2
[0.5.0]: https://github.com/nspcc-dev/neofs-api-go/compare/v0.4.2...v0.5.0 [0.5.0]: https://github.com/nspcc-dev/neofs-api-go/compare/v0.4.2...v0.5.0
[0.6.0]: https://github.com/nspcc-dev/neofs-api-go/compare/v0.5.0...v0.6.0

View file

@ -1,4 +1,4 @@
PROTO_VERSION=v0.5.0 PROTO_VERSION=v0.6.0
PROTO_URL=https://github.com/nspcc-dev/neofs-api/archive/$(PROTO_VERSION).tar.gz PROTO_URL=https://github.com/nspcc-dev/neofs-api/archive/$(PROTO_VERSION).tar.gz
B=\033[0;1m B=\033[0;1m

BIN
acl/types.pb.go Normal file

Binary file not shown.

27
acl/types.proto Normal file
View file

@ -0,0 +1,27 @@
syntax = "proto3";
package acl;
option go_package = "github.com/nspcc-dev/neofs-api-go/acl";
option csharp_namespace = "NeoFS.API.Acl";
import "github.com/gogo/protobuf/gogoproto/gogo.proto";
option (gogoproto.stable_marshaler_all) = true;
// Target of the access control rule in access control list.
enum Target {
// Unknown target, default value.
Unknown = 0;
// User target rule is applied if sender is the owner of the container.
User = 1;
// System target rule is applied if sender is the storage node within the
// container or inner ring node.
System = 2;
// Others target rule is applied if sender is not user or system target.
Others = 3;
// PubKey target rule is applied if sender has public key provided in
// extended ACL.
PubKey = 4;
}

View file

@ -31,9 +31,11 @@ func (m *PutRequest) PrepareData() ([]byte, error) {
err error err error
buf = new(bytes.Buffer) buf = new(bytes.Buffer)
capBytes = make([]byte, 8) capBytes = make([]byte, 8)
aclBytes = make([]byte, 4)
) )
binary.BigEndian.PutUint64(capBytes, m.Capacity) binary.BigEndian.PutUint64(capBytes, m.Capacity)
binary.BigEndian.PutUint32(capBytes, m.BasicACL)
if _, err = buf.Write(m.MessageID.Bytes()); err != nil { if _, err = buf.Write(m.MessageID.Bytes()); err != nil {
return nil, errors.Wrap(err, "could not write message id") return nil, errors.Wrap(err, "could not write message id")
@ -45,6 +47,8 @@ func (m *PutRequest) PrepareData() ([]byte, error) {
return nil, errors.Wrap(err, "could not marshal placement") return nil, errors.Wrap(err, "could not marshal placement")
} else if _, err = buf.Write(data); err != nil { } else if _, err = buf.Write(data); err != nil {
return nil, errors.Wrap(err, "could not write placement") return nil, errors.Wrap(err, "could not write placement")
} else if _, err = buf.Write(aclBytes); err != nil {
return nil, errors.Wrap(err, "could not write basic acl")
} }
return buf.Bytes(), nil return buf.Bytes(), nil

Binary file not shown.

View file

@ -42,8 +42,8 @@ message PutRequest {
// Rules define storage policy for the object inside the container. // Rules define storage policy for the object inside the container.
netmap.PlacementRule rules = 4 [(gogoproto.nullable) = false]; netmap.PlacementRule rules = 4 [(gogoproto.nullable) = false];
// Container ACL. // BasicACL of the container.
AccessGroup Group = 5 [(gogoproto.nullable) = false]; uint32 BasicACL = 5;
// RequestMetaHeader contains information about request meta headers (should be embedded into message) // RequestMetaHeader contains information about request meta headers (should be embedded into message)
service.RequestMetaHeader Meta = 98 [(gogoproto.embed) = true, (gogoproto.nullable) = false]; service.RequestMetaHeader Meta = 98 [(gogoproto.embed) = true, (gogoproto.nullable) = false];

View file

@ -11,19 +11,6 @@ import (
"github.com/pkg/errors" "github.com/pkg/errors"
) )
// AccessMode is a container access mode type.
type AccessMode uint32
const (
// AccessModeRead is a read access mode.
AccessModeRead AccessMode = 1 << iota
// AccessModeWrite is a write access mode.
AccessModeWrite
)
// AccessModeReadWrite is a read/write container access mode.
const AccessModeReadWrite = AccessModeRead | AccessModeWrite
var ( var (
_ internal.Custom = (*Container)(nil) _ internal.Custom = (*Container)(nil)
@ -31,8 +18,8 @@ var (
emptyOwner = (OwnerID{}).Bytes() emptyOwner = (OwnerID{}).Bytes()
) )
// New creates new user container based on capacity, OwnerID and PlacementRules. // New creates new user container based on capacity, OwnerID, ACL and PlacementRules.
func New(cap uint64, owner OwnerID, rules netmap.PlacementRule) (*Container, error) { func New(cap uint64, owner OwnerID, acl uint32, rules netmap.PlacementRule) (*Container, error) {
if bytes.Equal(owner[:], emptyOwner) { if bytes.Equal(owner[:], emptyOwner) {
return nil, refs.ErrEmptyOwner return nil, refs.ErrEmptyOwner
} else if cap == 0 { } else if cap == 0 {
@ -49,6 +36,7 @@ func New(cap uint64, owner OwnerID, rules netmap.PlacementRule) (*Container, err
Salt: UUID(salt), Salt: UUID(salt),
Capacity: cap, Capacity: cap,
Rules: rules, Rules: rules,
BasicACL: acl,
}, nil }, nil
} }
@ -90,7 +78,7 @@ func NewTestContainer() (*Container, error) {
if err != nil { if err != nil {
return nil, err return nil, err
} }
return New(100, owner, netmap.PlacementRule{ return New(100, owner, 0xFFFFFFFF, netmap.PlacementRule{
ReplFactor: 2, ReplFactor: 2,
SFGroups: []netmap.SFGroup{ SFGroups: []netmap.SFGroup{
{ {

Binary file not shown.

View file

@ -18,18 +18,7 @@ message Container {
uint64 Capacity = 3; uint64 Capacity = 3;
// Rules define storage policy for the object inside the container. // Rules define storage policy for the object inside the container.
netmap.PlacementRule Rules = 4 [(gogoproto.nullable) = false]; netmap.PlacementRule Rules = 4 [(gogoproto.nullable) = false];
// Container ACL. // BasicACL with access control rules for owner, system, others and
AccessControlList List = 5 [(gogoproto.nullable) = false]; // permission bits for bearer token and extended ACL.
} uint32 BasicACL = 5;
message AccessGroup {
// Group access mode.
uint32 AccessMode = 1;
// Group members.
repeated bytes UserGroup = 2 [(gogoproto.customtype) = "OwnerID", (gogoproto.nullable) = false];
}
message AccessControlList {
// List of access groups.
repeated AccessGroup List = 1 [(gogoproto.nullable) = false];
} }

View file

@ -36,7 +36,7 @@ func TestCID(t *testing.T) {
owner, err := refs.NewOwnerID(&key.PublicKey) owner, err := refs.NewOwnerID(&key.PublicKey)
require.NoError(t, err) require.NoError(t, err)
c1, err := New(10, owner, rules) c1, err := New(10, owner, 0xDEADBEEF, rules)
require.NoError(t, err) require.NoError(t, err)
data, err := proto.Marshal(c1) data, err := proto.Marshal(c1)
@ -55,23 +55,3 @@ func TestCID(t *testing.T) {
require.Equal(t, cid1, cid2) require.Equal(t, cid1, cid2)
}) })
} }
func TestAccessMode(t *testing.T) {
t.Run("read access to read/write mode", func(t *testing.T) {
require.Equal(t, AccessModeRead, AccessModeReadWrite&AccessModeRead)
})
t.Run("write access to read/write mode", func(t *testing.T) {
require.Equal(t, AccessModeWrite, AccessModeReadWrite&AccessModeWrite)
})
t.Run("read(write) access to write(read) mode", func(t *testing.T) {
require.Zero(t, AccessModeRead&AccessModeWrite)
})
t.Run("access to same mode", func(t *testing.T) {
require.Equal(t, AccessModeWrite, AccessModeWrite&AccessModeWrite)
require.Equal(t, AccessModeRead, AccessModeRead&AccessModeRead)
require.Equal(t, AccessModeReadWrite, AccessModeReadWrite&AccessModeReadWrite)
})
}

62
docs/acl.md Normal file
View file

@ -0,0 +1,62 @@
# Protocol Documentation
<a name="top"></a>
## Table of Contents
- [acl/types.proto](#acl/types.proto)
- [Scalar Value Types](#scalar-value-types)
<a name="acl/types.proto"></a>
<p align="right"><a href="#top">Top</a></p>
## acl/types.proto
<!-- end services -->
<!-- end messages -->
<a name="acl.Target"></a>
### Target
Target of the access control rule in access control list.
| Name | Number | Description |
| ---- | ------ | ----------- |
| Unknown | 0 | Unknown target, default value. |
| User | 1 | User target rule is applied if sender is the owner of the container. |
| System | 2 | System target rule is applied if sender is the storage node within the container or inner ring node. |
| Others | 3 | Others target rule is applied if sender is not user or system target. |
| PubKey | 4 | PubKey target rule is applied if sender has public key provided in extended ACL. |
<!-- end enums -->
## Scalar Value Types
| .proto Type | Notes | C++ Type | Java Type | Python Type |
| ----------- | ----- | -------- | --------- | ----------- |
| <a name="double" /> double | | double | double | float |
| <a name="float" /> float | | float | float | float |
| <a name="int32" /> int32 | Uses variable-length encoding. Inefficient for encoding negative numbers if your field is likely to have negative values, use sint32 instead. | int32 | int | int |
| <a name="int64" /> int64 | Uses variable-length encoding. Inefficient for encoding negative numbers if your field is likely to have negative values, use sint64 instead. | int64 | long | int/long |
| <a name="uint32" /> uint32 | Uses variable-length encoding. | uint32 | int | int/long |
| <a name="uint64" /> uint64 | Uses variable-length encoding. | uint64 | long | int/long |
| <a name="sint32" /> sint32 | Uses variable-length encoding. Signed int value. These more efficiently encode negative numbers than regular int32s. | int32 | int | int |
| <a name="sint64" /> sint64 | Uses variable-length encoding. Signed int value. These more efficiently encode negative numbers than regular int64s. | int64 | long | int/long |
| <a name="fixed32" /> fixed32 | Always four bytes. More efficient than uint32 if values are often greater than 2^28. | uint32 | int | int |
| <a name="fixed64" /> fixed64 | Always eight bytes. More efficient than uint64 if values are often greater than 2^56. | uint64 | long | int/long |
| <a name="sfixed32" /> sfixed32 | Always four bytes. | int32 | int | int |
| <a name="sfixed64" /> sfixed64 | Always eight bytes. | int64 | long | int/long |
| <a name="bool" /> bool | | bool | boolean | boolean |
| <a name="string" /> string | A string must always contain UTF-8 encoded or 7-bit ASCII text. | string | String | str/unicode |
| <a name="bytes" /> bytes | May contain any arbitrary sequence of bytes. | string | ByteString | str |

View file

@ -21,8 +21,6 @@
- [container/types.proto](#container/types.proto) - [container/types.proto](#container/types.proto)
- Messages - Messages
- [AccessControlList](#container.AccessControlList)
- [AccessGroup](#container.AccessGroup)
- [Container](#container.Container) - [Container](#container.Container)
@ -166,7 +164,7 @@ via consensus in inner ring nodes
| Capacity | [uint64](#uint64) | | Capacity defines amount of data that can be stored in the container (doesn't used for now). | | Capacity | [uint64](#uint64) | | Capacity defines amount of data that can be stored in the container (doesn't used for now). |
| OwnerID | [bytes](#bytes) | | OwnerID is a wallet address | | OwnerID | [bytes](#bytes) | | OwnerID is a wallet address |
| rules | [netmap.PlacementRule](#netmap.PlacementRule) | | Rules define storage policy for the object inside the container. | | rules | [netmap.PlacementRule](#netmap.PlacementRule) | | Rules define storage policy for the object inside the container. |
| Group | [AccessGroup](#container.AccessGroup) | | Container ACL. | | BasicACL | [uint32](#uint32) | | BasicACL of the container. |
| Meta | [service.RequestMetaHeader](#service.RequestMetaHeader) | | RequestMetaHeader contains information about request meta headers (should be embedded into message) | | Meta | [service.RequestMetaHeader](#service.RequestMetaHeader) | | RequestMetaHeader contains information about request meta headers (should be embedded into message) |
| Verify | [service.RequestVerificationHeader](#service.RequestVerificationHeader) | | RequestVerificationHeader is a set of signatures of every NeoFS Node that processed request (should be embedded into message) | | Verify | [service.RequestVerificationHeader](#service.RequestVerificationHeader) | | RequestVerificationHeader is a set of signatures of every NeoFS Node that processed request (should be embedded into message) |
@ -196,29 +194,6 @@ via consensus in inner ring nodes
<!-- end services --> <!-- end services -->
<a name="container.AccessControlList"></a>
### Message AccessControlList
| Field | Type | Label | Description |
| ----- | ---- | ----- | ----------- |
| List | [AccessGroup](#container.AccessGroup) | repeated | List of access groups. |
<a name="container.AccessGroup"></a>
### Message AccessGroup
| Field | Type | Label | Description |
| ----- | ---- | ----- | ----------- |
| AccessMode | [uint32](#uint32) | | Group access mode. |
| UserGroup | [bytes](#bytes) | repeated | Group members. |
<a name="container.Container"></a> <a name="container.Container"></a>
### Message Container ### Message Container
@ -231,7 +206,7 @@ The Container service definition.
| Salt | [bytes](#bytes) | | Salt is a nonce for unique container id calculation. | | Salt | [bytes](#bytes) | | Salt is a nonce for unique container id calculation. |
| Capacity | [uint64](#uint64) | | Capacity defines amount of data that can be stored in the container (doesn't used for now). | | Capacity | [uint64](#uint64) | | Capacity defines amount of data that can be stored in the container (doesn't used for now). |
| Rules | [netmap.PlacementRule](#netmap.PlacementRule) | | Rules define storage policy for the object inside the container. | | Rules | [netmap.PlacementRule](#netmap.PlacementRule) | | Rules define storage policy for the object inside the container. |
| List | [AccessControlList](#container.AccessControlList) | | Container ACL. | | BasicACL | [uint32](#uint32) | | BasicACL with access control rules for owner, system, others and permission bits for bearer token and extended ACL. |
<!-- end messages --> <!-- end messages -->

View file

@ -28,12 +28,13 @@ type (
Token = session.Token Token = session.Token
// Request defines object rpc requests. // Request defines object rpc requests.
// All object operations must have TTL, Epoch, Container ID and // All object operations must have TTL, Epoch, Type, Container ID and
// permission of usage previous network map. // permission of usage previous network map.
Request interface { Request interface {
service.MetaHeader service.MetaHeader
CID() CID CID() CID
Type() RequestType
AllowPreviousNetMap() bool AllowPreviousNetMap() bool
} }
) )
@ -169,3 +170,24 @@ func (m *GetRangeRequest) AllowPreviousNetMap() bool { return false }
// AllowPreviousNetMap returns permission to use previous network map in object get range hash request. // AllowPreviousNetMap returns permission to use previous network map in object get range hash request.
func (m *GetRangeHashRequest) AllowPreviousNetMap() bool { return false } func (m *GetRangeHashRequest) AllowPreviousNetMap() bool { return false }
// Type returns type of the object put request.
func (m *PutRequest) Type() RequestType { return RequestPut }
// Type returns type of the object get request.
func (m *GetRequest) Type() RequestType { return RequestGet }
// Type returns type of the object head request.
func (m *HeadRequest) Type() RequestType { return RequestHead }
// Type returns type of the object search request.
func (m *SearchRequest) Type() RequestType { return RequestSearch }
// Type returns type of the object delete request.
func (m *DeleteRequest) Type() RequestType { return RequestDelete }
// Type returns type of the object get range request.
func (m *GetRangeRequest) Type() RequestType { return RequestRange }
// Type returns type of the object get range hash request.
func (m *GetRangeHashRequest) Type() RequestType { return RequestRangeHash }

View file

@ -18,11 +18,22 @@ func TestRequest(t *testing.T) {
&GetRangeHashRequest{}, &GetRangeHashRequest{},
} }
types := []RequestType{
RequestPut,
RequestGet,
RequestHead,
RequestSearch,
RequestDelete,
RequestRange,
RequestRangeHash,
}
for i := range cases { for i := range cases {
v := cases[i] v := cases[i]
t.Run(fmt.Sprintf("%T", v), func(t *testing.T) { t.Run(fmt.Sprintf("%T", v), func(t *testing.T) {
require.NotPanics(t, func() { v.CID() }) require.NotPanics(t, func() { v.CID() })
require.Equal(t, types[i], v.Type())
}) })
} }
} }

View file

@ -28,6 +28,9 @@ type (
PRead(ctx context.Context, addr refs.Address, rng Range) ([]byte, error) PRead(ctx context.Context, addr refs.Address, rng Range) ([]byte, error)
} }
// RequestType of the object service requests.
RequestType int
headerType int headerType int
) )
@ -71,12 +74,52 @@ const (
PublicKeyHdr PublicKeyHdr
) )
const (
_ RequestType = iota
// RequestPut is a type for object put request.
RequestPut
// RequestGet is a type for object get request.
RequestGet
// RequestHead is a type for object head request.
RequestHead
// RequestSearch is a type for object search request.
RequestSearch
// RequestRange is a type for object range request.
RequestRange
// RequestRangeHash is a type for object hash range request.
RequestRangeHash
// RequestDelete is a type for object delete request.
RequestDelete
)
var ( var (
_ internal.Custom = (*Object)(nil) _ internal.Custom = (*Object)(nil)
emptyObject = new(Object).Bytes() emptyObject = new(Object).Bytes()
) )
// String returns printable name of the request type.
func (s RequestType) String() string {
switch s {
case RequestPut:
return "PUT"
case RequestGet:
return "GET"
case RequestHead:
return "HEAD"
case RequestSearch:
return "SEARCH"
case RequestRange:
return "RANGE"
case RequestRangeHash:
return "RANGE_HASH"
case RequestDelete:
return "DELETE"
default:
return "UNKNOWN"
}
}
// Bytes returns marshaled object in a binary format. // Bytes returns marshaled object in a binary format.
func (m Object) Bytes() []byte { data, _ := m.Marshal(); return data } func (m Object) Bytes() []byte { data, _ := m.Marshal(); return data }