[#32] Use pkg/core interfaces to fetch container and netmap

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
This commit is contained in:
Alex Vanin 2020-09-21 19:30:43 +03:00
parent ad36a2cd8f
commit f6904db84f
3 changed files with 24 additions and 37 deletions

2
go.sum
View file

@ -270,8 +270,6 @@ github.com/nspcc-dev/neo-go v0.73.1-pre.0.20200303142215-f5a1b928ce09/go.mod h1:
github.com/nspcc-dev/neo-go v0.91.0/go.mod h1:G6HdOWvzQ6tlvFdvFSN/PgCzLPN/X/X4d5hTjFRUDcc=
github.com/nspcc-dev/neo-go v0.91.1-pre.0.20200827184617-7560aa345a78 h1:stIa+nBXK8uDY/JZaxIZzAUfkzfaotVw2FbnHxO4aZI=
github.com/nspcc-dev/neo-go v0.91.1-pre.0.20200827184617-7560aa345a78/go.mod h1:G6HdOWvzQ6tlvFdvFSN/PgCzLPN/X/X4d5hTjFRUDcc=
github.com/nspcc-dev/neofs-api-go v1.3.1-0.20200917104527-95ae0a649608 h1:rT3MBvM3u5D8p/V8lbt0TVP75nXQSC/YCwpORrv6QEA=
github.com/nspcc-dev/neofs-api-go v1.3.1-0.20200917104527-95ae0a649608/go.mod h1:FsFd1z4YzoEgPlltsUgnqna9qhcF87RHYjot0pby2L4=
github.com/nspcc-dev/neofs-api-go v1.3.1-0.20200925125840-c814cc62faf4 h1:+ko1UlGsPhKF6O1+ZDOwW7lNhXLEk+e/N/gdma5NNJo=
github.com/nspcc-dev/neofs-api-go v1.3.1-0.20200925125840-c814cc62faf4/go.mod h1:FsFd1z4YzoEgPlltsUgnqna9qhcF87RHYjot0pby2L4=
github.com/nspcc-dev/neofs-api-go v1.3.1-0.20200925143744-2cc58e36f8d7 h1:7/Dh5Mkk0uJD99EULqYvxULrUVtzN6Kn+KvmFuafE74=

View file

@ -3,27 +3,18 @@ package acl
import (
"context"
"github.com/nspcc-dev/neofs-api-go/v2/acl"
"github.com/nspcc-dev/neofs-api-go/v2/container"
acl "github.com/nspcc-dev/neofs-api-go/pkg/acl/eacl"
containerSDK "github.com/nspcc-dev/neofs-api-go/pkg/container"
"github.com/nspcc-dev/neofs-api-go/v2/object"
"github.com/nspcc-dev/neofs-api-go/v2/refs"
"github.com/nspcc-dev/neofs-node/pkg/core/container"
"github.com/pkg/errors"
)
type (
// ContainerGetter accesses NeoFS container storage.
// fixme: use core.container interface implementation
ContainerGetter interface {
Get(*refs.ContainerID) (*container.Container, error)
}
Classifier interface {
Classify(RequestV2, *refs.ContainerID) acl.Role
}
// BasicChecker checks basic ACL rules.
BasicChecker struct {
containers ContainerGetter
containers container.Source
sender SenderClassifier
next object.Service
}
@ -62,7 +53,7 @@ var (
// NewBasicChecker is a constructor for basic ACL checker of object requests.
func NewBasicChecker(
c SenderClassifier,
cnr ContainerGetter,
cnr container.Source,
next object.Service) BasicChecker {
return BasicChecker{
@ -247,8 +238,12 @@ func (b BasicChecker) findRequestInfo(
cid *refs.ContainerID,
op acl.Operation) (info requestInfo, err error) {
// container.Source interface implemented with SDK's definitions,
// so we have to convert id there.
containerID := containerSDK.NewIDFromV2(cid)
// fetch actual container
cnr, err := b.containers.Get(cid)
cnr, err := b.containers.Get(containerID)
if err != nil || cnr.GetOwnerID() == nil {
return info, ErrUnknownContainer
}

View file

@ -4,23 +4,18 @@ import (
"bytes"
"crypto/ecdsa"
acl "github.com/nspcc-dev/neofs-api-go/pkg/acl/eacl"
"github.com/nspcc-dev/neofs-api-go/pkg/container"
"github.com/nspcc-dev/neofs-api-go/pkg/netmap"
sdk "github.com/nspcc-dev/neofs-api-go/pkg/owner"
"github.com/nspcc-dev/neofs-api-go/v2/acl"
"github.com/nspcc-dev/neofs-api-go/v2/container"
"github.com/nspcc-dev/neofs-api-go/pkg/owner"
"github.com/nspcc-dev/neofs-api-go/v2/refs"
"github.com/nspcc-dev/neofs-api-go/v2/session"
crypto "github.com/nspcc-dev/neofs-crypto"
core "github.com/nspcc-dev/neofs-node/pkg/core/netmap"
"github.com/pkg/errors"
)
type (
// fixme: use core.netmap interface implementation
NetmapFetcher interface {
Current() (netmap.Netmap, error)
Previous(int) (netmap.Netmap, error)
}
InnerRingFetcher interface {
InnerRingKeys() ([][]byte, error)
}
@ -32,12 +27,11 @@ type (
SenderClassifier struct {
innerRing InnerRingFetcher
netmap NetmapFetcher
netmap core.Source
}
)
// fixme: update classifier constructor
func NewSenderClassifier(ir InnerRingFetcher, nm NetmapFetcher) SenderClassifier {
func NewSenderClassifier(ir InnerRingFetcher, nm core.Source) SenderClassifier {
return SenderClassifier{
innerRing: ir,
netmap: nm,
@ -120,16 +114,16 @@ func requestOwner(req RequestV2) (*refs.OwnerID, *ecdsa.PublicKey, error) {
}
key := crypto.UnmarshalPublicKey(bodySignature.GetKey())
neo3wallet, err := sdk.NEO3WalletFromPublicKey(key)
neo3wallet, err := owner.NEO3WalletFromPublicKey(key)
if err != nil {
return nil, nil, errors.Wrap(err, "can't create neo3 wallet")
}
// form owner from public key
owner := new(refs.OwnerID)
owner.SetValue(neo3wallet.Bytes())
// form user from public key
user := new(refs.OwnerID)
user.SetValue(neo3wallet.Bytes())
return owner, key, nil
return user, key, nil
}
func originalBodySignature(v *session.RequestVerificationHeader) *refs.Signature {
@ -165,7 +159,7 @@ func (c SenderClassifier) isContainerKey(
cnr *container.Container) (bool, error) {
// first check current netmap
nm, err := c.netmap.Current()
nm, err := core.GetLatestNetworkMap(c.netmap)
if err != nil {
return false, err
}
@ -179,7 +173,7 @@ func (c SenderClassifier) isContainerKey(
// then check previous netmap, this can happen in-between epoch change
// when node migrates data from last epoch container
nm, err = c.netmap.Previous(1)
nm, err = core.GetPreviousNetworkMap(c.netmap)
if err != nil {
return false, err
}
@ -188,7 +182,7 @@ func (c SenderClassifier) isContainerKey(
}
func lookupKeyInContainer(
nm netmap.Netmap,
nm *netmap.Netmap,
owner, cid []byte,
cnr *container.Container) (bool, error) {