frostfs-node

Author	SHA1	Message	Date
Ekaterina Lebedeva	a685fcdc96	[#1317 ] go.mod: Use range over int Since Go 1.22 a "for" statement with a "range" clause is able to iterate through integer values from zero to an upper limit. gopatch script: @@ var i, e expression @@ -for i := 0; i <= e - 1; i++ { +for i := range e { ... } @@ var i, e expression @@ -for i := 0; i <= e; i++ { +for i := range e + 1 { ... } @@ var i, e expression @@ -for i := 0; i < e; i++ { +for i := range e { ... } Signed-off-by: Ekaterina Lebedeva <ekaterina.lebedeva@yadro.com>	2024-09-03 13:00:54 +03:00
Airat Arifullin	eeab417dcf	[#1307 ] object: Add APE check for `Patch` handler Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>	2024-08-16 14:13:09 +00:00
Airat Arifullin	e890f1b4b1	[#1307 ] object: Implement `Patch` method Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>	2024-08-16 14:13:09 +00:00
Airat Arifullin	a4a1c3f18b	[#1307 ] go.mod: Bump frostfs-sdk-go/frostfs-api-go/v2 versions * Also, resolve dependencies and conflicts for object service by creating stub for `Patch` method. Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>	2024-08-16 14:13:09 +00:00
Airat Arifullin	04a3f891fd	[#1157 ] object: Make APE checker use Bearer-token's APE overrides Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>	2024-06-07 12:11:11 +00:00
Ekaterina Lebedeva	e07869a8cf	[#1100 ] Remove unused fields Signed-off-by: Ekaterina Lebedeva <ekaterina.lebedeva@yadro.com>	2024-05-06 10:14:36 +03:00
Evgenii Stratonikov	71789676d5	[#1114 ] aclsvc: Add tests for request ownership Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>	2024-05-02 11:57:39 +03:00
aarifullin	6959e617c4	[#1047 ] object: Set container owner ID property to ape request * Introduce ContainerOwner field in RequestContext. * Set ContainerOwner in aclv2 middleware. * Set PropertyKeyContainerOwnerID for object ape request. Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>	2024-03-18 15:39:50 +00:00
Airat Arifullin	7cc368e188	[#986 ] object: Introduce soft ape checks * Soft APE check means that APE should allow request even it gets status NoRuleFound for a request. Otherwise, it is interpreted as Deny. * Soft APE check is performed if basic ACL mask is not set. Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>	2024-02-28 19:05:57 +00:00
Airat Arifullin	a5446bc17d	[#952 ] object: Pass namespace within context in ACL service Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>	2024-02-02 14:48:11 +03:00
Airat Arifullin	5be2af881a	[#934 ] container: Make container APE middleware read namespaces * Those methods that can access already existing containers and thus can get container properties should read namespace from Zone property. If Zone is not set, take a namespace for root. * Otherwise, define namespaces by owner ID via frostfs-id contract. * Improve unit-tests, consider more cases. Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>	2024-02-01 17:38:24 +00:00
Airat Arifullin	c8baf76fae	[#872 ] object: Introduce APE middlewar for object service Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>	2024-01-12 18:41:35 +03:00
Airat Arifullin	bdd43f6211	[#869 ] object: Pass just CID to chain router * Do not convert CID from request to native-schema resource format - this step is unneccessary for APE. Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>	2023-12-14 11:01:20 +00:00
aarifullin	0f45e3d344	[#804 ] ape: Implement boltdb storage for local overrides Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>	2023-12-07 19:08:41 +03:00
aarifullin	e361e017f3	[#842 ] control: Pass target instead resource name * Update policy-engine package version in go.mod, go.sum. * Refactor CheckIfRequestPermitted: pass container target instead container ID. Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>	2023-12-07 14:21:55 +00:00
Dmitrii Stepanov	c516c7c5f4	[#821 ] node: Pass user.ID by value Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2023-11-23 10:21:07 +03:00
aarifullin	4d5be5ccb5	[#811 ] ape: Update policy-engine module version and rebase Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>	2023-11-16 11:31:37 +03:00
Dmitrii Stepanov	9133b4389e	[#788 ] objectsvc: Fix formatting (gofumpt) Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2023-11-09 10:27:32 +03:00
aarifullin	3534d6d05b	[#794 ] objectsvc: Return accidentally removed acl checks for Head Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>	2023-11-08 17:13:58 +03:00
Airat Arifullin	66848d3288	[#770 ] cli: Add methods to work with APE rules via control svc * Add methods to frostfs-cli * Implement rpc in control service Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>	2023-11-08 13:34:03 +00:00
Airat Arifullin	8e11ef46b8	[#770 ] object: Introduce ape chain checker for object svc * Introduce Request type converted from RequestInfo type to implement policy-engine's Request interface * Implement basic ape checker to check if a request is permitted to be performed * Make put handlers use APE checker instead EACL Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>	2023-11-08 13:34:03 +00:00
Dmitrii Stepanov	79088baa06	[#772 ] node: Apply gofumpt Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2023-10-31 17:03:03 +03:00
Anton Nikiforov	aeeb8193d2	[#676 ] node: Fix header source creation when checking eacl Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com>	2023-09-06 17:06:54 +03:00
Dmitrii Stepanov	55b82e744b	[#529 ] objectcore: Use common sender classifier Use common sender classifier for ACL service and format validator. Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2023-08-29 10:33:06 +03:00
Alejandro Lopez	5b7e4a51b7	[#481 ] Update frostfs-sdk-go and error pointer receivers Signed-off-by: Alejandro Lopez <a.lopez@yadro.com>	2023-08-09 10:26:53 +00:00
Airat Arifullin	b3695411d9	[#553 ] eacl: Fix bug with casting to ObjectAccessDenied error Signed-off-by: Airat Arifullin a.arifullin@yadro.com	2023-08-02 07:22:48 +00:00
Dmitrii Stepanov	70a1081988	[#294 ] aclsvcv2: Refactor service constructor Pass required deps as args. Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2023-07-12 07:42:10 +00:00
Dmitrii Stepanov	18d8898b00	[#294 ] aclsvc: Refactor service constructor Pass required deps as args. Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2023-07-12 07:42:10 +00:00
Dmitrii Stepanov	61541eaec2	[#294 ] aclsvc: Refactor checker constructor Pass required deps as args. Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2023-07-12 07:42:10 +00:00
Dmitrii Stepanov	7b76527759	[#486 ] node: Add PutSingle wrappers Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2023-07-10 15:49:21 +03:00
Alexander Chuprov	033eaf77e1	[#496 ] node: Fix linter importas Standardize the alias of the import frostfs-sdk-go/object as objectSDK. Signed-off-by: Alexander Chuprov <a.chuprov@yadro.com>	2023-07-06 15:36:41 +03:00
Evgenii Stratonikov	8a4e250dae	[#468 ] *: replace outdated TODO crypto-related links Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>	2023-06-28 12:13:20 +00:00
Alex Vanin	c04f6c5e59	[#229 ] acl: Allow Impersonate Signed-off-by: Alex Vanin <a.vanin@yadro.com>	2023-04-26 10:23:33 +03:00
Evgenii Stratonikov	0e31c12e63	[#240 ] logs: Move log messages to constants Drop duplicate entities. Format entities. Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com> Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>	2023-04-14 05:06:09 +00:00
Evgenii Stratonikov	08769f413f	Revert "[#135 ] acl: Add tracing spans" This reverts commit `b2ca730547`.	2023-04-12 16:54:13 +03:00
Dmitrii Stepanov	b2ca730547	[#135 ] acl: Add tracing spans Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2023-04-12 06:52:00 +00:00
Dmitrii Stepanov	0920d848d0	[#135 ] get-object: Add tracing spans Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2023-04-12 06:52:00 +00:00
Dmitrii Stepanov	4941926c9d	[#207 ] aclsvc: Drop outdated tag Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2023-04-04 13:22:14 +00:00
Dmitrii Stepanov	585415fa92	[#207 ] aclsvc: Refactor send checker Resolve funlen linter for putStreamBasicChecker.Send method. Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2023-04-04 13:22:14 +00:00
Dmitrii Stepanov	9ef790f782	[#207 ] aclsvc: Refactor object headers read Resolve funlen linter for readObjectHeaders method. Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2023-04-04 13:22:13 +00:00
Dmitrii Stepanov	cd33a57f44	[#207 ] aclsvc: Refactor EACL check Resolve funlen linter for CheckEACL method. Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2023-04-04 13:22:13 +00:00
Dmitrii Stepanov	27bdddc48f	[#199 ] putsvc: Refactor put object Resolve containedctx linter for streamer and remote target Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2023-04-03 15:58:11 +00:00
Dmitrii Stepanov	97c36ed3ec	[#148 ] linter: Add funlen linter Long functions are hard to understand and source of errors Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2023-03-21 09:54:41 +03:00
Alex Vanin	20de74a505	Rename package name Due to source code relocation from GitHub. Signed-off-by: Alex Vanin <a.vanin@yadro.com>	2023-03-07 16:38:26 +03:00
Alejandro Lopez	cb5468abb8	[#66 ] node: Replace interface{} with any Signed-off-by: Alejandro Lopez <a.lopez@yadro.com>	2023-02-21 16:47:07 +03:00
Stanislav Bogatyrev	cb016d53a6	[#1 ] Fix comments and error messages Signed-off-by: Stanislav Bogatyrev <s.bogatyrev@yadro.com>	2023-02-06 17:41:14 +03:00
Evgenii Stratonikov	0d8366f475	[#2207 ] object/acl: Return status error for expired session token Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>	2023-01-25 15:31:47 +03:00
Pavel Karpy	923f84722a	Move to frostfs-node Signed-off-by: Pavel Karpy <p.karpy@yadro.com>	2022-12-28 15:04:29 +03:00
Pavel Karpy	481b48b942	[#2028 ] node: Check session token's NBF and IAT ACL service did not check "Not Valid Before" and "Issued At" claims. Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>	2022-11-19 11:01:04 +03:00
Pavel Karpy	aadd2ad050	[#2028 ] node: Do not wrap malformed request errors After presenting request statuses on the API level, all the errors are unwrapped before sending to the caller side. It led to a losing invalid request's context. Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>	2022-11-19 11:01:04 +03:00

1 2 3 4

181 commits