forked from TrueCloudLab/frostfs-sdk-go
[#168] eacl: Replace pointer slices with non-pointer slices
- []*Record => []Record - []*Filter => []Filter - []*Target => []Target Signed-off-by: Alex Vanin <alexey@nspcc.ru>
This commit is contained in:
Alex Vanin
Alex Vanin
parent
ef96949cbf
commit
e70bf05fb9
7 changed files with 47 additions and 51 deletions
|
|
@ -20,22 +20,22 @@ import (
|
|||
type Record struct {
|
||||
action Action
|
||||
operation Operation
|
||||
filters []*Filter
|
||||
targets []*Target
|
||||
filters []Filter
|
||||
targets []Target
|
||||
}
|
||||
|
||||
// Targets returns list of target subjects to apply ACL rule to.
|
||||
func (r Record) Targets() []*Target {
|
||||
func (r Record) Targets() []Target {
|
||||
return r.targets
|
||||
}
|
||||
|
||||
// SetTargets sets list of target subjects to apply ACL rule to.
|
||||
func (r *Record) SetTargets(targets ...*Target) {
|
||||
func (r *Record) SetTargets(targets ...Target) {
|
||||
r.targets = targets
|
||||
}
|
||||
|
||||
// Filters returns list of filters to match and see if rule is applicable.
|
||||
func (r Record) Filters() []*Filter {
|
||||
func (r Record) Filters() []Filter {
|
||||
return r.filters
|
||||
}
|
||||
|
||||
|
|
@ -61,7 +61,7 @@ func (r *Record) SetAction(action Action) {
|
|||
|
||||
// AddRecordTarget adds single Target to the Record.
|
||||
func AddRecordTarget(r *Record, t *Target) {
|
||||
r.SetTargets(append(r.Targets(), t)...)
|
||||
r.SetTargets(append(r.Targets(), *t)...)
|
||||
}
|
||||
|
||||
// AddFormedTarget forms Target with specified Role and list of
|
||||
|
|
@ -75,7 +75,7 @@ func AddFormedTarget(r *Record, role Role, keys ...ecdsa.PublicKey) {
|
|||
}
|
||||
|
||||
func (r *Record) addFilter(from FilterHeaderType, m Match, keyTyp filterKeyType, key string, val fmt.Stringer) {
|
||||
filter := &Filter{
|
||||
filter := Filter{
|
||||
from: from,
|
||||
key: filterKey{
|
||||
typ: keyTyp,
|
||||
|
|
@ -162,18 +162,18 @@ func (r *Record) ToV2() *v2acl.Record {
|
|||
v2 := new(v2acl.Record)
|
||||
|
||||
if r.targets != nil {
|
||||
targets := make([]*v2acl.Target, 0, len(r.targets))
|
||||
for _, target := range r.targets {
|
||||
targets = append(targets, target.ToV2())
|
||||
targets := make([]v2acl.Target, len(r.targets))
|
||||
for i := range r.targets {
|
||||
targets[i] = *r.targets[i].ToV2()
|
||||
}
|
||||
|
||||
v2.SetTargets(targets)
|
||||
}
|
||||
|
||||
if r.filters != nil {
|
||||
filters := make([]*v2acl.HeaderFilter, 0, len(r.filters))
|
||||
for _, filter := range r.filters {
|
||||
filters = append(filters, filter.ToV2())
|
||||
filters := make([]v2acl.HeaderFilter, len(r.filters))
|
||||
for i := range r.filters {
|
||||
filters[i] = *r.filters[i].ToV2()
|
||||
}
|
||||
|
||||
v2.SetFilters(filters)
|
||||
|
|
@ -201,8 +201,8 @@ func CreateRecord(action Action, operation Operation) *Record {
|
|||
r := NewRecord()
|
||||
r.action = action
|
||||
r.operation = operation
|
||||
r.targets = []*Target{}
|
||||
r.filters = []*Filter{}
|
||||
r.targets = []Target{}
|
||||
r.filters = []Filter{}
|
||||
|
||||
return r
|
||||
}
|
||||
|
|
@ -221,14 +221,14 @@ func NewRecordFromV2(record *v2acl.Record) *Record {
|
|||
v2targets := record.GetTargets()
|
||||
v2filters := record.GetFilters()
|
||||
|
||||
r.targets = make([]*Target, 0, len(v2targets))
|
||||
r.targets = make([]Target, len(v2targets))
|
||||
for i := range v2targets {
|
||||
r.targets = append(r.targets, NewTargetFromV2(v2targets[i]))
|
||||
r.targets[i] = *NewTargetFromV2(&v2targets[i])
|
||||
}
|
||||
|
||||
r.filters = make([]*Filter, 0, len(v2filters))
|
||||
r.filters = make([]Filter, len(v2filters))
|
||||
for i := range v2filters {
|
||||
r.filters = append(r.filters, NewFilterFromV2(v2filters[i]))
|
||||
r.filters[i] = *NewFilterFromV2(&v2filters[i])
|
||||
}
|
||||
|
||||
return r
|
||||
|
|
|
|||
|
|
@ -63,18 +63,14 @@ func TestAddFormedTarget(t *testing.T) {
|
|||
},
|
||||
}
|
||||
|
||||
targets := make([]*Target, 0, len(items))
|
||||
targets := make([]Target, len(items))
|
||||
|
||||
r := NewRecord()
|
||||
|
||||
for _, item := range items {
|
||||
tgt := NewTarget()
|
||||
tgt.SetRole(item.role)
|
||||
SetTargetECDSAKeys(tgt, ecdsaKeysToPtrs(item.keys)...)
|
||||
|
||||
targets = append(targets, tgt)
|
||||
|
||||
AddFormedTarget(r, item.role, item.keys...)
|
||||
for i := range items {
|
||||
targets[i].SetRole(items[i].role)
|
||||
SetTargetECDSAKeys(&targets[i], ecdsaKeysToPtrs(items[i].keys)...)
|
||||
AddFormedTarget(r, items[i].role, items[i].keys...)
|
||||
}
|
||||
|
||||
tgts := r.Targets()
|
||||
|
|
@ -86,9 +82,9 @@ func TestAddFormedTarget(t *testing.T) {
|
|||
}
|
||||
|
||||
func TestRecord_AddFilter(t *testing.T) {
|
||||
filters := []*Filter{
|
||||
newObjectFilter(MatchStringEqual, "some name", "ContainerID"),
|
||||
newObjectFilter(MatchStringNotEqual, "X-Header-Name", "X-Header-Value"),
|
||||
filters := []Filter{
|
||||
*newObjectFilter(MatchStringEqual, "some name", "ContainerID"),
|
||||
*newObjectFilter(MatchStringNotEqual, "X-Header-Name", "X-Header-Value"),
|
||||
}
|
||||
|
||||
r := NewRecord()
|
||||
|
|
|
|||
|
|
@ -18,7 +18,7 @@ type Table struct {
|
|||
cid *cid.ID
|
||||
token *session.Token
|
||||
sig *signature.Signature
|
||||
records []*Record
|
||||
records []Record
|
||||
}
|
||||
|
||||
// CID returns identifier of the container that should use given access control rules.
|
||||
|
|
@ -42,14 +42,14 @@ func (t *Table) SetVersion(version version.Version) {
|
|||
}
|
||||
|
||||
// Records returns list of extended ACL rules.
|
||||
func (t Table) Records() []*Record {
|
||||
func (t Table) Records() []Record {
|
||||
return t.records
|
||||
}
|
||||
|
||||
// AddRecord adds single eACL rule.
|
||||
func (t *Table) AddRecord(r *Record) {
|
||||
if r != nil {
|
||||
t.records = append(t.records, r)
|
||||
t.records = append(t.records, *r)
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -90,9 +90,9 @@ func (t *Table) ToV2() *v2acl.Table {
|
|||
}
|
||||
|
||||
if t.records != nil {
|
||||
records := make([]*v2acl.Record, 0, len(t.records))
|
||||
for _, record := range t.records {
|
||||
records = append(records, record.ToV2())
|
||||
records := make([]v2acl.Record, len(t.records))
|
||||
for i := range t.records {
|
||||
records[i] = *t.records[i].ToV2()
|
||||
}
|
||||
|
||||
v2.SetRecords(records)
|
||||
|
|
@ -157,10 +157,10 @@ func NewTableFromV2(table *v2acl.Table) *Table {
|
|||
|
||||
// set eacl records
|
||||
v2records := table.GetRecords()
|
||||
t.records = make([]*Record, 0, len(v2records))
|
||||
t.records = make([]Record, len(v2records))
|
||||
|
||||
for i := range v2records {
|
||||
t.records = append(t.records, NewRecordFromV2(v2records[i]))
|
||||
t.records[i] = *NewRecordFromV2(&v2records[i])
|
||||
}
|
||||
|
||||
return t
|
||||
|
|
|
|||
|
|
@ -51,14 +51,14 @@ func TestTable(t *testing.T) {
|
|||
}
|
||||
|
||||
func TestTable_AddRecord(t *testing.T) {
|
||||
records := []*eacl.Record{
|
||||
eacl.CreateRecord(eacl.ActionDeny, eacl.OperationDelete),
|
||||
eacl.CreateRecord(eacl.ActionAllow, eacl.OperationPut),
|
||||
records := []eacl.Record{
|
||||
*eacl.CreateRecord(eacl.ActionDeny, eacl.OperationDelete),
|
||||
*eacl.CreateRecord(eacl.ActionAllow, eacl.OperationPut),
|
||||
}
|
||||
|
||||
table := eacl.NewTable()
|
||||
for _, record := range records {
|
||||
table.AddRecord(record)
|
||||
table.AddRecord(&record)
|
||||
}
|
||||
|
||||
require.Equal(t, records, table.Records())
|
||||
|
|
|
|||
|
|
@ -26,7 +26,7 @@ func Record() *eacl.Record {
|
|||
|
||||
x.SetAction(eacl.ActionAllow)
|
||||
x.SetOperation(eacl.OperationRangeHash)
|
||||
x.SetTargets(Target(), Target())
|
||||
x.SetTargets(*Target(), *Target())
|
||||
x.AddObjectContainerIDFilter(eacl.MatchStringEqual, cidtest.ID())
|
||||
x.AddObjectOwnerIDFilter(eacl.MatchStringNotEqual, ownertest.ID())
|
||||
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@ func (v *Validator) CalculateAction(unit *ValidationUnit) Action {
|
|||
}
|
||||
|
||||
// check target
|
||||
if !targetMatches(unit, record) {
|
||||
if !targetMatches(unit, &record) {
|
||||
continue
|
||||
}
|
||||
|
||||
|
|
@ -51,7 +51,7 @@ func (v *Validator) CalculateAction(unit *ValidationUnit) Action {
|
|||
// - positive value if no matching header is found for at least one filter;
|
||||
// - zero if at least one suitable header is found for all filters;
|
||||
// - negative value if the headers of at least one filter cannot be obtained.
|
||||
func matchFilters(hdrSrc TypedHeaderSource, filters []*Filter) int {
|
||||
func matchFilters(hdrSrc TypedHeaderSource, filters []Filter) int {
|
||||
matched := 0
|
||||
|
||||
for _, filter := range filters {
|
||||
|
|
@ -79,7 +79,7 @@ func matchFilters(hdrSrc TypedHeaderSource, filters []*Filter) int {
|
|||
}
|
||||
|
||||
// check match
|
||||
if !matchFn(header, filter) {
|
||||
if !matchFn(header, &filter) {
|
||||
continue
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@ import (
|
|||
)
|
||||
|
||||
func TestFilterMatch(t *testing.T) {
|
||||
tgt := NewTarget()
|
||||
tgt := *NewTarget()
|
||||
tgt.SetRole(RoleOthers)
|
||||
|
||||
t.Run("simple header match", func(t *testing.T) {
|
||||
|
|
@ -115,7 +115,7 @@ func TestFilterMatch(t *testing.T) {
|
|||
}
|
||||
|
||||
func TestOperationMatch(t *testing.T) {
|
||||
tgt := NewTarget()
|
||||
tgt := *NewTarget()
|
||||
tgt.SetRole(RoleOthers)
|
||||
|
||||
t.Run("single operation", func(t *testing.T) {
|
||||
|
|
@ -161,7 +161,7 @@ func TestTargetMatches(t *testing.T) {
|
|||
tgt2.SetRole(RoleOthers)
|
||||
|
||||
r := NewRecord()
|
||||
r.SetTargets(tgt1, tgt2)
|
||||
r.SetTargets(*tgt1, *tgt2)
|
||||
|
||||
u := newValidationUnit(RoleUser, pubs[0], nil)
|
||||
require.True(t, targetMatches(u, r))
|
||||
|
|
@ -224,7 +224,7 @@ func (h headers) HeadersOfType(ht FilterHeaderType) ([]Header, bool) {
|
|||
}
|
||||
}
|
||||
|
||||
func newRecord(a Action, op Operation, tgt ...*Target) *Record {
|
||||
func newRecord(a Action, op Operation, tgt ...Target) *Record {
|
||||
r := NewRecord()
|
||||
r.SetAction(a)
|
||||
r.SetOperation(op)
|
||||
|
|
|
|||
Loading…
Reference in a new issue