acid-ant/frostfs-node
1
0
Fork 0
forked from TrueCloudLab/frostfs-node
Code Issues Pull requests Projects Releases Packages Wiki Activity

[#201] morph/eacl: Return error if container eACL is not set

Browse source 
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
This commit is contained in:
Leonard Lyubich 2020-11-24 12:45:27 +03:00 committed by Alex Vanin
parent d286824d1d
commit 1f6ad5ccd8
1 changed files with 11 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
pkg/morph/client/container/wrapper/eacl.go
View file

@ -7,6 +7,8 @@ import (
"github.com/pkg/errors" "github.com/pkg/errors"
) )
var errEACLNotFound = errors.New("extended ACL table is not set for this container")
// GetEACL reads the extended ACL table from NeoFS system // GetEACL reads the extended ACL table from NeoFS system
// through Container contract call. // through Container contract call.
func (w *Wrapper) GetEACL(cid *container.ID) (*eacl.Table, []byte, error) { func (w *Wrapper) GetEACL(cid *container.ID) (*eacl.Table, []byte, error) {
@ -27,13 +29,21 @@ func (w *Wrapper) GetEACL(cid *container.ID) (*eacl.Table, []byte, error) {
return nil, nil, err return nil, nil, err
} }
// Client may not return errors if the table is missing, so check this case additionally.
// The absence of a signature in the response can be taken as an eACL absence criterion,
// since unsigned table cannot be approved in the storage by design.
sig := rpcAnswer.Signature()
if len(sig) == 0 {
return nil, nil, errEACLNotFound
}
table := eacl.NewTable() table := eacl.NewTable()
if err = table.Unmarshal(rpcAnswer.EACL()); err != nil { if err = table.Unmarshal(rpcAnswer.EACL()); err != nil {
// use other major version if there any // use other major version if there any
return nil, nil, err return nil, nil, err
} }
return table, rpcAnswer.Signature(), nil return table, sig, nil
} }
// PutEACL saves the extended ACL table in NeoFS system // PutEACL saves the extended ACL table in NeoFS system