frostfs-node/pkg/services/object/acl
Alex Vanin d8f7fed10a [] acl: Use session token from request at object.Put
Session token can be present in both object header and
request meta header. They are the same during initial object
placement.

At the object replication, storage node puts object without
any session tokens attached to the request. If container's eACL
denies object.Put for USER role (use bearer to upload), then
replication might fail on objects with session tokens of the
signed by container owner. It is incorrect, so use session
token directly from request meta header.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-10-08 17:18:32 +03:00
..
eacl [] object/acl: fix eACL target processing 2021-09-10 15:15:36 +03:00
acl.go [] acl: Use session token from request at object.Put 2021-10-08 17:18:32 +03:00
acl_test.go [] object/acl: Fit sticky bit specification 2021-09-10 15:14:59 +03:00
basic_helper.go [] acl: Add permission to get objects for inner ring 2020-12-25 16:49:27 +03:00
basic_helper_test.go [] Add tests for basic ACL helper 2020-10-02 11:25:36 +03:00
classifier.go [] pkg: remove nspcc-dev/neofs-crypto dependency 2021-06-15 14:49:59 +03:00
opts.go [] pkg: Sync method names and commentaries to them 2021-06-24 16:10:44 +03:00