frostfs-node/pkg/innerring/processors
Leonard Lyubich ead4513feb [#525] ir/container: Verify operations with session token
Session token can be presented `Put`, `Delete` and `SetEACL` notification
events. IR should consider this case as issuing a power of attorney to a
third party. Thus, checking the eligibility for an operation should be
complicated:

 - token owner should be the owner of the related container;
 - the intent must be signed with a session key;
 - the power of attorney must be signed by the owner of the container.

Omitted checks (TBD):

 - session token should have container session context;
 - the verb of the context should correspond to the operation.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-05-27 17:07:20 +03:00
..
alphabet [#496] innerring/invoke: remove function wrappers 2021-05-25 13:41:39 +03:00
audit [#549] network/cache: Change Get signature 2021-05-27 17:07:04 +03:00
balance [#496] innerring/invoke: remove function wrappers 2021-05-25 13:41:39 +03:00
container [#525] ir/container: Verify operations with session token 2021-05-27 17:07:20 +03:00
governance [#496] innerring/invoke: remove function wrappers 2021-05-25 13:41:39 +03:00
neofs [#496] innerring/invoke: remove function wrappers 2021-05-25 13:41:39 +03:00
netmap [#496] innerring/invoke: remove function wrappers 2021-05-25 13:41:39 +03:00
reputation [#521] *: use stdlib errors package 2021-05-19 16:42:54 +03:00
settlement [#521] *: use stdlib errors package 2021-05-19 16:42:54 +03:00