From b9d6c9d10c793f021eea1d83ba019cec7fbfbdd2 Mon Sep 17 00:00:00 2001
From: Airat Arifullin <a.arifullin@yadro.com>
Date: Fri, 14 Jun 2024 13:06:11 +0300
Subject: [PATCH] [#1177] cli: Fix resource name parsing

* If `root` name is given explicitly, then it should be translated to
  `//` but not `/root/`.

Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
---
 cmd/frostfs-cli/modules/util/ape.go      |  2 +-
 cmd/frostfs-cli/modules/util/ape_test.go | 11 ++++++++++-
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/cmd/frostfs-cli/modules/util/ape.go b/cmd/frostfs-cli/modules/util/ape.go
index 50253b36..680e24d8 100644
--- a/cmd/frostfs-cli/modules/util/ape.go
+++ b/cmd/frostfs-cli/modules/util/ape.go
@@ -279,7 +279,7 @@ func parseResource(lexeme string, isObj bool) (string, error) {
 		if isObj {
 			if lexeme == "*" {
 				return nativeschema.ResourceFormatAllObjects, nil
-			} else if lexeme == "/*" {
+			} else if lexeme == "/*" || lexeme == "root/*" {
 				return nativeschema.ResourceFormatRootObjects, nil
 			} else if strings.HasPrefix(lexeme, "/") {
 				lexeme = lexeme[1:]
diff --git a/cmd/frostfs-cli/modules/util/ape_test.go b/cmd/frostfs-cli/modules/util/ape_test.go
index d93210f4..b275803d 100644
--- a/cmd/frostfs-cli/modules/util/ape_test.go
+++ b/cmd/frostfs-cli/modules/util/ape_test.go
@@ -26,7 +26,7 @@ func TestParseAPERule(t *testing.T) {
 			},
 		},
 		{
-			name: "Valid rule for all objects in root namespace",
+			name: "Valid rule for all objects in implicit root namespace",
 			rule: "allow Object.Put /*",
 			expectRule: policyengine.Rule{
 				Status:    policyengine.Allow,
@@ -34,6 +34,15 @@ func TestParseAPERule(t *testing.T) {
 				Resources: policyengine.Resources{Names: []string{nativeschema.ResourceFormatRootObjects}},
 			},
 		},
+		{
+			name: "Valid rule for all objects in explicit root namespace",
+			rule: "allow Object.Put root/*",
+			expectRule: policyengine.Rule{
+				Status:    policyengine.Allow,
+				Actions:   policyengine.Actions{Names: []string{nativeschema.MethodPutObject}},
+				Resources: policyengine.Resources{Names: []string{nativeschema.ResourceFormatRootObjects}},
+			},
+		},
 		{
 			name: "Valid rule for all objects in root namespace and container",
 			rule: "allow Object.Put /cid/*",