From ab565b1862e3945595d954207d32ef25360a3aa9 Mon Sep 17 00:00:00 2001 From: Alex Vanin Date: Mon, 21 Sep 2020 12:51:15 +0300 Subject: [PATCH] [#32] Add basis of basic ACL check service Signed-off-by: Alex Vanin --- go.sum | 2 + pkg/services/object/acl/acl.go | 129 +++++++++++++++++++++++++++++++++ 2 files changed, 131 insertions(+) create mode 100644 pkg/services/object/acl/acl.go diff --git a/go.sum b/go.sum index e3e2f4652..7a59fb51c 100644 --- a/go.sum +++ b/go.sum @@ -267,6 +267,8 @@ github.com/nspcc-dev/neo-go v0.73.1-pre.0.20200303142215-f5a1b928ce09/go.mod h1: github.com/nspcc-dev/neo-go v0.91.0/go.mod h1:G6HdOWvzQ6tlvFdvFSN/PgCzLPN/X/X4d5hTjFRUDcc= github.com/nspcc-dev/neo-go v0.91.1-pre.0.20200827184617-7560aa345a78 h1:stIa+nBXK8uDY/JZaxIZzAUfkzfaotVw2FbnHxO4aZI= github.com/nspcc-dev/neo-go v0.91.1-pre.0.20200827184617-7560aa345a78/go.mod h1:G6HdOWvzQ6tlvFdvFSN/PgCzLPN/X/X4d5hTjFRUDcc= +github.com/nspcc-dev/neofs-api-go v1.3.1-0.20200917104527-95ae0a649608 h1:rT3MBvM3u5D8p/V8lbt0TVP75nXQSC/YCwpORrv6QEA= +github.com/nspcc-dev/neofs-api-go v1.3.1-0.20200917104527-95ae0a649608/go.mod h1:FsFd1z4YzoEgPlltsUgnqna9qhcF87RHYjot0pby2L4= github.com/nspcc-dev/neofs-api-go v1.3.1-0.20200925125840-c814cc62faf4 h1:+ko1UlGsPhKF6O1+ZDOwW7lNhXLEk+e/N/gdma5NNJo= github.com/nspcc-dev/neofs-api-go v1.3.1-0.20200925125840-c814cc62faf4/go.mod h1:FsFd1z4YzoEgPlltsUgnqna9qhcF87RHYjot0pby2L4= github.com/nspcc-dev/neofs-api-go v1.3.1-0.20200925143744-2cc58e36f8d7 h1:7/Dh5Mkk0uJD99EULqYvxULrUVtzN6Kn+KvmFuafE74= diff --git a/pkg/services/object/acl/acl.go b/pkg/services/object/acl/acl.go new file mode 100644 index 000000000..d88a4a0d4 --- /dev/null +++ b/pkg/services/object/acl/acl.go @@ -0,0 +1,129 @@ +package acl + +import ( + "context" + + "github.com/nspcc-dev/neofs-api-go/v2/object" +) + +type ( + // ContainerGetter accesses NeoFS container storage. + ContainerGetter interface{} + + // BasicChecker checks basic ACL rules. + BasicChecker struct { + containers ContainerGetter + next object.Service + } + + putStreamBasicChecker struct { + containers ContainerGetter + next object.PutObjectStreamer + } + + getStreamBasicChecker struct { + containers ContainerGetter + next object.GetObjectStreamer + } + + searchStreamBasicChecker struct { + containers ContainerGetter + next object.SearchObjectStreamer + } + + getRangeStreamBasicChecker struct { + containers ContainerGetter + next object.GetRangeObjectStreamer + } +) + +// NewBasicChecker is a constructor for basic ACL checker of object requests. +func NewBasicChecker(cnr ContainerGetter, next object.Service) BasicChecker { + return BasicChecker{ + containers: cnr, + next: next, + } +} + +func (b BasicChecker) Get( + ctx context.Context, + request *object.GetRequest) (object.GetObjectStreamer, error) { + + stream, err := b.next.Get(ctx, request) + return getStreamBasicChecker{ + containers: b.containers, + next: stream, + }, err +} + +func (b BasicChecker) Put(ctx context.Context) (object.PutObjectStreamer, error) { + streamer, err := b.next.Put(ctx) + + return putStreamBasicChecker{ + containers: b.containers, + next: streamer, + }, err +} + +func (b BasicChecker) Head( + ctx context.Context, + request *object.HeadRequest) (*object.HeadResponse, error) { + + return b.next.Head(ctx, request) +} + +func (b BasicChecker) Search( + ctx context.Context, + request *object.SearchRequest) (object.SearchObjectStreamer, error) { + + stream, err := b.next.Search(ctx, request) + return searchStreamBasicChecker{ + containers: b.containers, + next: stream, + }, err +} + +func (b BasicChecker) Delete( + ctx context.Context, + request *object.DeleteRequest) (*object.DeleteResponse, error) { + + return b.next.Delete(ctx, request) +} + +func (b BasicChecker) GetRange( + ctx context.Context, + request *object.GetRangeRequest) (object.GetRangeObjectStreamer, error) { + + stream, err := b.next.GetRange(ctx, request) + return getRangeStreamBasicChecker{ + containers: b.containers, + next: stream, + }, err +} + +func (b BasicChecker) GetRangeHash( + ctx context.Context, + request *object.GetRangeHashRequest) (*object.GetRangeHashResponse, error) { + + return b.next.GetRangeHash(ctx, request) +} + +func (p putStreamBasicChecker) Send(request *object.PutRequest) error { + return p.next.Send(request) +} + +func (p putStreamBasicChecker) CloseAndRecv() (*object.PutResponse, error) { + return p.next.CloseAndRecv() +} + +func (g getStreamBasicChecker) Recv() (*object.GetResponse, error) { + return g.next.Recv() +} + +func (s searchStreamBasicChecker) Recv() (*object.SearchResponse, error) { + return s.next.Recv() +} + +func (g getRangeStreamBasicChecker) Recv() (*object.GetRangeResponse, error) { + return g.next.Recv() +}