frostfs-node/pkg/innerring/processors/container
Leonard Lyubich ead4513feb [#525] ir/container: Verify operations with session token
Session token can be presented `Put`, `Delete` and `SetEACL` notification
events. IR should consider this case as issuing a power of attorney to a
third party. Thus, checking the eligibility for an operation should be
complicated:

 - token owner should be the owner of the related container;
 - the intent must be signed with a session key;
 - the power of attorney must be signed by the owner of the container.

Omitted checks (TBD):

 - session token should have container session context;
 - the verb of the context should correspond to the operation.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-05-27 17:07:20 +03:00
..
common.go [#525] ir/container: Verify operations with session token 2021-05-27 17:07:20 +03:00
handlers.go [#505] ir/container: Implement simplified handling of SetEACL event 2021-05-25 16:35:52 +03:00
process_container.go [#525] ir/container: Verify operations with session token 2021-05-27 17:07:20 +03:00
process_eacl.go [#525] ir/container: Verify operations with session token 2021-05-27 17:07:20 +03:00
processor.go [#505] ir/container: Use client wrapper with enabled notary calls 2021-05-25 16:35:52 +03:00