diff --git a/pkg/morph/client/container/eacl.go b/pkg/morph/client/container/eacl.go index b90dc7220..d718bcd58 100644 --- a/pkg/morph/client/container/eacl.go +++ b/pkg/morph/client/container/eacl.go @@ -15,6 +15,8 @@ type EACLArgs struct { // returned by get eACL test invoke. type EACLValues struct { eacl []byte // extended ACL table + + signature []byte // signature of extended ACL table } // SetCID sets the container identifier @@ -29,6 +31,10 @@ func (g *EACLValues) EACL() []byte { return g.eacl } +func (g *EACLValues) Signature() []byte { + return g.signature +} + // EACL performs the test invoke of get eACL // method of NeoFS Container contract. func (c *Client) EACL(args EACLArgs) (*EACLValues, error) { @@ -42,12 +48,27 @@ func (c *Client) EACL(args EACLArgs) (*EACLValues, error) { return nil, errors.Errorf("unexpected stack item count (%s): %d", c.eaclMethod, ln) } - eacl, err := client.BytesFromStackItem(prms[0]) + arr, err := client.ArrayFromStackItem(prms[0]) if err != nil { - return nil, errors.Wrapf(err, "could not get byte array from stack item (%s)", c.eaclMethod) + return nil, errors.Wrapf(err, "could not get item array of eACL (%s)", c.eaclMethod) + } + + if len(arr) != 2 { + return nil, errors.Errorf("unexpected eacl stack item count (%s): %d", c.eaclMethod, len(arr)) + } + + eacl, err := client.BytesFromStackItem(arr[0]) + if err != nil { + return nil, errors.Wrapf(err, "could not get byte array of eACL (%s)", c.eaclMethod) + } + + sig, err := client.BytesFromStackItem(arr[1]) + if err != nil { + return nil, errors.Wrapf(err, "could not get byte array of eACL signature (%s)", c.eaclMethod) } return &EACLValues{ - eacl: eacl, + eacl: eacl, + signature: sig, }, nil } diff --git a/pkg/morph/client/container/eacl_set.go b/pkg/morph/client/container/eacl_set.go index fe75f9cea..e46aba245 100644 --- a/pkg/morph/client/container/eacl_set.go +++ b/pkg/morph/client/container/eacl_set.go @@ -5,19 +5,11 @@ import "github.com/pkg/errors" // SetEACLArgs groups the arguments // of set eACL invocation call. type SetEACLArgs struct { - cid []byte // container identifier in a binary format - eacl []byte // extended ACL table sig []byte // eACL table signature } -// SetCID sets the container identifier -// in a binary format. -func (p *SetEACLArgs) SetCID(v []byte) { - p.cid = v -} - // SetEACL sets the extended ACL table // in a binary format. func (p *SetEACLArgs) SetEACL(v []byte) { @@ -35,7 +27,6 @@ func (p *SetEACLArgs) SetSignature(v []byte) { func (c *Client) SetEACL(args SetEACLArgs) error { return errors.Wrapf(c.client.Invoke( c.setEACLMethod, - args.cid, args.eacl, args.sig, ), "could not invoke method (%s)", c.setEACLMethod) diff --git a/pkg/services/container/morph/executor.go b/pkg/services/container/morph/executor.go index 707a226ae..0d66c4076 100644 --- a/pkg/services/container/morph/executor.go +++ b/pkg/services/container/morph/executor.go @@ -115,18 +115,12 @@ func (s *morphExecutor) List(ctx context.Context, body *container.ListRequestBod func (s *morphExecutor) SetExtendedACL(ctx context.Context, body *container.SetExtendedACLRequestBody) (*container.SetExtendedACLResponseBody, error) { eacl := body.GetEACL() - cidBytes, err := eacl.GetContainerID().StableMarshal(nil) - if err != nil { - return nil, errors.Wrap(err, "could not marshal container ID") - } - eaclBytes, err := eacl.StableMarshal(nil) if err != nil { return nil, errors.Wrap(err, "could not marshal eACL table") } args := containerMorph.SetEACLArgs{} - args.SetCID(cidBytes) args.SetEACL(eaclBytes) args.SetSignature(body.GetSignature().GetSign()) @@ -154,8 +148,16 @@ func (s *morphExecutor) GetExtendedACL(ctx context.Context, req *container.GetEx eacl := acl.TableFromGRPCMessage(eaclGRPC) + eaclSignature := new(refs.Signature) + eaclSignature.SetSign(val.Signature()) + res := new(container.GetExtendedACLResponseBody) res.SetEACL(eacl) + // Public key should be obtained by request sender, so we set up only + // the signature. Technically, node can make invocation to find container + // owner public key, but request sender cannot trust this info. + res.SetSignature(eaclSignature) + return res, nil }