2020-07-24 13:54:03 +00:00
|
|
|
package wrapper
|
|
|
|
|
2020-09-22 14:10:01 +00:00
|
|
|
import (
|
2021-05-18 08:12:51 +00:00
|
|
|
"fmt"
|
|
|
|
|
2021-01-14 16:00:10 +00:00
|
|
|
"github.com/nspcc-dev/neofs-api-go/pkg"
|
2020-09-22 14:10:01 +00:00
|
|
|
"github.com/nspcc-dev/neofs-api-go/pkg/acl/eacl"
|
2021-05-25 15:27:12 +00:00
|
|
|
cid "github.com/nspcc-dev/neofs-api-go/pkg/container/id"
|
2020-11-24 12:49:02 +00:00
|
|
|
"github.com/nspcc-dev/neofs-node/pkg/core/container"
|
2020-09-22 14:10:01 +00:00
|
|
|
client "github.com/nspcc-dev/neofs-node/pkg/morph/client/container"
|
|
|
|
)
|
2020-07-24 13:54:03 +00:00
|
|
|
|
|
|
|
// GetEACL reads the extended ACL table from NeoFS system
|
|
|
|
// through Container contract call.
|
2021-05-25 15:27:12 +00:00
|
|
|
func (w *Wrapper) GetEACL(cid *cid.ID) (*eacl.Table, error) {
|
2020-09-22 14:10:01 +00:00
|
|
|
if cid == nil {
|
2021-05-25 15:18:32 +00:00
|
|
|
return nil, errNilArgument
|
2020-09-22 14:10:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
args := client.EACLArgs{}
|
|
|
|
|
2021-01-11 15:21:06 +00:00
|
|
|
v2 := cid.ToV2()
|
|
|
|
if v2 == nil {
|
2021-05-25 15:18:32 +00:00
|
|
|
return nil, errUnsupported // use other major version if there any
|
2020-09-22 14:10:01 +00:00
|
|
|
}
|
|
|
|
|
2021-01-11 15:21:06 +00:00
|
|
|
args.SetCID(v2.GetValue())
|
|
|
|
|
2020-09-22 14:10:01 +00:00
|
|
|
rpcAnswer, err := w.client.EACL(args)
|
|
|
|
if err != nil {
|
2021-05-25 15:18:32 +00:00
|
|
|
return nil, err
|
2020-09-22 14:10:01 +00:00
|
|
|
}
|
|
|
|
|
2020-11-24 09:45:27 +00:00
|
|
|
// Client may not return errors if the table is missing, so check this case additionally.
|
|
|
|
// The absence of a signature in the response can be taken as an eACL absence criterion,
|
|
|
|
// since unsigned table cannot be approved in the storage by design.
|
|
|
|
sig := rpcAnswer.Signature()
|
|
|
|
if len(sig) == 0 {
|
2021-05-25 15:18:32 +00:00
|
|
|
return nil, container.ErrEACLNotFound
|
2020-11-24 09:45:27 +00:00
|
|
|
}
|
|
|
|
|
2021-01-14 16:00:10 +00:00
|
|
|
tableSignature := pkg.NewSignature()
|
|
|
|
tableSignature.SetKey(rpcAnswer.PublicKey())
|
|
|
|
tableSignature.SetSign(sig)
|
|
|
|
|
2020-11-16 10:26:35 +00:00
|
|
|
table := eacl.NewTable()
|
|
|
|
if err = table.Unmarshal(rpcAnswer.EACL()); err != nil {
|
2020-09-22 14:10:01 +00:00
|
|
|
// use other major version if there any
|
2021-05-25 15:18:32 +00:00
|
|
|
return nil, err
|
2020-09-22 14:10:01 +00:00
|
|
|
}
|
|
|
|
|
2021-05-25 15:18:32 +00:00
|
|
|
table.SetSignature(tableSignature)
|
|
|
|
|
|
|
|
return table, nil
|
2020-07-24 13:54:03 +00:00
|
|
|
}
|
|
|
|
|
2021-05-19 12:04:38 +00:00
|
|
|
// PutEACL marshals table, and passes it to Wrapper's PutEACLBinary method
|
|
|
|
// along with sig.Key() and sig.Sign().
|
2020-07-24 13:54:03 +00:00
|
|
|
//
|
2021-05-19 12:04:38 +00:00
|
|
|
// Returns error if table is nil.
|
2021-05-25 12:15:21 +00:00
|
|
|
//
|
|
|
|
// If TryNotary is provided, calls notary contract.
|
2021-05-25 15:27:12 +00:00
|
|
|
func PutEACL(w *Wrapper, table *eacl.Table) error {
|
2021-05-19 12:04:38 +00:00
|
|
|
if table == nil {
|
2020-09-22 14:10:01 +00:00
|
|
|
return errNilArgument
|
|
|
|
}
|
|
|
|
|
2020-11-16 10:26:35 +00:00
|
|
|
data, err := table.Marshal()
|
|
|
|
if err != nil {
|
2021-05-18 08:12:51 +00:00
|
|
|
return fmt.Errorf("can't marshal eacl table: %w", err)
|
2020-09-22 14:10:01 +00:00
|
|
|
}
|
|
|
|
|
2021-05-25 16:16:57 +00:00
|
|
|
binToken, err := table.SessionToken().Marshal()
|
|
|
|
if err != nil {
|
|
|
|
return fmt.Errorf("could not marshal session token: %w", err)
|
|
|
|
}
|
|
|
|
|
2021-05-25 15:27:12 +00:00
|
|
|
sig := table.Signature()
|
|
|
|
|
2021-05-25 16:16:57 +00:00
|
|
|
return w.PutEACL(data, sig.Key(), sig.Sign(), binToken)
|
2021-05-19 12:04:38 +00:00
|
|
|
}
|
|
|
|
|
2021-05-25 16:16:57 +00:00
|
|
|
// PutEACL saves binary eACL table with its session token, key and signature
|
2021-05-19 12:04:38 +00:00
|
|
|
// in NeoFS system through Container contract call.
|
|
|
|
//
|
|
|
|
// Returns any error encountered that caused the saving to interrupt.
|
2021-05-25 16:16:57 +00:00
|
|
|
func (w *Wrapper) PutEACL(table, key, sig, token []byte) error {
|
2021-05-19 12:04:38 +00:00
|
|
|
if len(sig) == 0 || len(key) == 0 {
|
|
|
|
return errNilArgument
|
|
|
|
}
|
|
|
|
|
|
|
|
args := client.SetEACLArgs{}
|
2021-05-25 14:34:16 +00:00
|
|
|
args.SetSignature(sig)
|
2021-05-19 12:04:38 +00:00
|
|
|
args.SetPublicKey(key)
|
2021-05-25 14:34:16 +00:00
|
|
|
args.SetEACL(table)
|
2021-05-25 16:16:57 +00:00
|
|
|
args.SetSessionToken(token)
|
2020-11-16 10:26:35 +00:00
|
|
|
|
2020-09-22 14:10:01 +00:00
|
|
|
return w.client.SetEACL(args)
|
2020-07-24 13:54:03 +00:00
|
|
|
}
|