Use key storage in object services in order to sign requests with private
session key within user session.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Add session token argument to object formatter constructor which is written
to the object. Pass session token from trusted object Put.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Basic ACL checker gets request field via getters that are
NPE-free, therefore we don't need to worry about function
invocations on nil structures.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
ACL has to classify request senders by roles:
- owner of the container,
- request from container or inner ring node,
- any other request.
According to this roles ACL checker use different
bits of basic ACL to grant or deny access.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
In previous implementation payload size limiter panicked in case of payload
emptiness. It was caused by the component waiting for at least one write of
a part of the payload.
Fix NPE occurrence with internal initialization after the WriteHeader call.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Add SetSeekRange method to RangeTraverser that switches traverser to work
with provided object payload range.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
In previous implementation one excess element could be added to the chain.
Add previous sibling presence check to prevent this.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Add FullRange option to get range operation parameters that allows to get
payload range [0:object_size] w/o the actual knowledge of the object size.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Head service receives right child of the processing object in some cases.
Add right child to Head result in order to use it as needed.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
In previous implementations object size limiter left checksums of parent
object payload unset. This was caused by the closure that written calculated
checksums to the child object instead of parent one.
Construct payload checksum writers in separate function in order to prevent
closure bug.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
In previous implementation session Storage.Get method took a v2 owner
identifier as an argument.
Change method signature to as an argument owner identifier from NeoFS SDK.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
In previous implementation traverser worked like all counts of all selectors
are equal to counts of corresponding replicas. Make traverser to take into
account select count of all replicas.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Define object writer interface. Implement payload size limiter that
restricts payload size of the object. Implement object format moulder that
fill verification fields and finalizes object structure.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>