diff --git a/container/service.pb.go b/container/service.pb.go index d9febc0e..cac8764c 100644 Binary files a/container/service.pb.go and b/container/service.pb.go differ diff --git a/container/service.proto b/container/service.proto index 8a3f56c0..9bd02c94 100644 --- a/container/service.proto +++ b/container/service.proto @@ -41,6 +41,9 @@ message PutRequest { // Rules define storage policy for the object inside the container. netmap.PlacementRule rules = 4 [(gogoproto.nullable) = false]; + // Container ACL. + AccessGroup Group = 5 [(gogoproto.nullable) = false]; + // RequestMetaHeader contains information about request meta headers (should be embedded into message) service.RequestMetaHeader Meta = 98 [(gogoproto.embed) = true, (gogoproto.nullable) = false]; // RequestVerificationHeader is a set of signatures of every NeoFS Node that processed request (should be embedded into message) diff --git a/container/types.go b/container/types.go index 9269f300..d5d5a77d 100644 --- a/container/types.go +++ b/container/types.go @@ -11,6 +11,19 @@ import ( "github.com/pkg/errors" ) +// AccessMode is a container access mode type. +type AccessMode uint32 + +const ( + // AccessModeRead is a read access mode. + AccessModeRead AccessMode = 1 << iota + // AccessModeWrite is a write access mode. + AccessModeWrite +) + +// AccessModeReadWrite is a read/write container access mode. +const AccessModeReadWrite = AccessModeRead | AccessModeWrite + var ( _ internal.Custom = (*Container)(nil) diff --git a/container/types.pb.go b/container/types.pb.go index 7bf9a036..6671670f 100644 Binary files a/container/types.pb.go and b/container/types.pb.go differ diff --git a/container/types.proto b/container/types.proto index a601edd0..a1429ce0 100644 --- a/container/types.proto +++ b/container/types.proto @@ -17,4 +17,18 @@ message Container { uint64 Capacity = 3; // Rules define storage policy for the object inside the container. netmap.PlacementRule Rules = 4 [(gogoproto.nullable) = false]; + // Container ACL. + AccessControlList List = 5 [(gogoproto.nullable) = false]; +} + +message AccessGroup { + // Group access mode. + uint32 M = 1; + // Group members. + repeated bytes G = 2 [(gogoproto.customtype) = "OwnerID", (gogoproto.nullable) = false]; +} + +message AccessControlList { + // List of access groups. + repeated AccessGroup List = 1 [(gogoproto.nullable) = false]; }