From ac00938fa4479c4666f30da21a9a17cbeb7bd591 Mon Sep 17 00:00:00 2001
From: Denis Kirillov <d.kirillov@yadro.com>
Date: Tue, 21 Feb 2023 11:23:08 +0300
Subject: [PATCH] [#XX] Add impersonate flag to bearer token

Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
---
 acl/convert.go       |   3 +++
 acl/grpc/types.go    |   5 +++++
 acl/grpc/types.pb.go | Bin 38729 -> 39400 bytes
 acl/marshal.go       |   5 ++++-
 acl/types.go         |  14 ++++++++++++++
 5 files changed, 26 insertions(+), 1 deletion(-)

diff --git a/acl/convert.go b/acl/convert.go
index 697f699..b07639a 100644
--- a/acl/convert.go
+++ b/acl/convert.go
@@ -427,6 +427,7 @@ func (bt *BearerTokenBody) ToGRPCMessage() grpc.Message {
 		m.SetOwnerId(bt.ownerID.ToGRPCMessage().(*refsGRPC.OwnerID))
 		m.SetLifetime(bt.lifetime.ToGRPCMessage().(*acl.BearerToken_Body_TokenLifetime))
 		m.SetEaclTable(bt.eacl.ToGRPCMessage().(*acl.EACLTable))
+		m.SetImpersonate(bt.impersonate)
 	}
 
 	return m
@@ -479,6 +480,8 @@ func (bt *BearerTokenBody) FromGRPCMessage(m grpc.Message) error {
 		err = bt.eacl.FromGRPCMessage(eacl)
 	}
 
+	bt.impersonate = v.GetAllowImpersonate()
+
 	return err
 }
 
diff --git a/acl/grpc/types.go b/acl/grpc/types.go
index 436ae58..c9c0649 100644
--- a/acl/grpc/types.go
+++ b/acl/grpc/types.go
@@ -84,6 +84,11 @@ func (m *BearerToken_Body) SetLifetime(v *BearerToken_Body_TokenLifetime) {
 	m.Lifetime = v
 }
 
+// SetImpersonate allows impersonate.
+func (m *BearerToken_Body) SetImpersonate(v bool) {
+	m.AllowImpersonate = v
+}
+
 // SetBody sets bearer token body.
 func (m *BearerToken) SetBody(v *BearerToken_Body) {
 	m.Body = v
diff --git a/acl/grpc/types.pb.go b/acl/grpc/types.pb.go
index 6e9ac460474a8a6b0bc7ed9e8a762b7aa4009cd2..0f546a20b35c92f512937d07d4cf79fd967907c5 100644
GIT binary patch
delta 1315
zcmaJ=K}Zx)7^Y<rc9k@BQ#11^K?;jIyE`+x8cLcSGzXOE6lAkAZ*^^VW}SJvj;3qp
zyafNPE<q4MV8w#xPJyQgx^(CeT{=XU=nw?;-v0)Q4Z1wu{NMk7|M!3IpX0;G=Vs)7
zC7RYI@-H`6m-b_+6qzlT-K~X6m3qGGn2eHQ*<2&cC6?>>C7XKuew#YPFReNJ!}N(q
zH*3^q#NFb7iMSwHC=#|_@=38o%QoQ`=G7>n0i%vhZ8Cd#i7>NJrljPAbOqPm9^;wL
z1xBi#Yf;~)HYfW>PQi7{FmkPDMNPU@mUPStoo-D^ZgB0>rkG^4^k<YLCuVMTln8ig
zw6zLej1R!fa(DCV(xWJxTsha*nlUy`u)TSHXrvX3$M)hekFuKQkfK@kY4hI7QGcYM
zH0L&cL?VSubGmX6oyjDL5@ZU=cuWZtQ+%WqajI!?>egRpQQUJmL?<zB!>{^jcyqHY
zp(ChM45yJTr@|*|d?qhK8n#JG&i^uNMJ(1^8eD8?Ae5-sOcQ4sm8*D{Qz$m}RXH16
z+DySj^(-t}y%GL-#WP^pi^I2C4?OqgdwG2*998PNsCnQG0`*S;vxXt?x}%dKxb7R^
z*5h%^Q-xAE=AjR@Zo%6ToPl|kg;y-ru4S=3Rvj=y^pNVL6CCCRUzh<?7S<Xy1K#;~
zJ*;7RI0im|Oz*54&>qCv(>OTCIYpJn@^!3x%dg*W;5D;lz}20QZE;Y+Hwy_-n406o
zLK4jG4nZPF!c*226+yTjNVV8F)Qm13NkFcLB5luzioR{ENXs|I?UCYw5Rf4hkwMk(
zB_MZ9l~!SosT~8lSQ~e=Lpb_yM_Pe96za#kpFHo`EgUdqjX>j0QaBuXi>s(<LfS`P
z<6MLAWVciB4e!d?FhiBEh=T5h0B)TW#77qd63|g&xP!I;=Jt>(Bllhxubo3T9!nsH
zp)B^`NxWj&Ou#@RFN7-6D)}o>0d}qT!gga4cM+}4;IG6T;^6Csae_1x`)dDhJ1m7P

delta 813
zcmYjPOK1~O6ony{rVVM7U}A0Jh%0T7naO;TjV`1M(LqpfA&AtZ0g)CfW;&Bj#$?^9
zm9y8SJEe}`#^ORygo3&ebY)$M=)#2y1<`l!d!=q3Gv~Z}?m73qFRAwWp|&=kvCN~*
z^~Fo4v2i$uiZh=6^&e!?%DKm7tx-?kUHzqL4JX}PSjk{>ZZtQRH9}*yri-(USJypk
zEKcRE8o{Q)@GK5=EBJk*v5P<tx56^+c8h3rjXi|8b9BwM_;hhQEa6$VQ6$P?(5N%j
ztmzmHeB`6?EaP@ZAXfrk8_OaIC$Z9>z*gXLrQuSI!<7zIPA~aP*bWmcKr~hr;jvqn
zX;aYnzQoGkVjuUDiIPY|mQ>c(wmcq%QkZH)W}8mBghIsiAHsteM91**;uJncGh|ju
z7AC#_71^roQMv74E2&_$pT~<{RpycEd>Y~se)d!zcA`>=<~YBs{K)C=<axTxe%8dK
z^mv9<)rPpKMV_PB=Z)GX`>122H;q5>5pumAlyE1^;$;6g{k{!~xYs{LpJ!W#@TOfr
zHK~orwc%@gMocXyy<gs*iI@y|f1W7sVu2zphq9@?ep3-*V}g()5eYC<gv*f2b#7Y_
zpA}(Ah_~(uL7W)){JK1b>fFQXK)<#ZpDtAKez1QxuagN=jvYVdOV~GTvTOMgEPk9c
O4s?bzzx2t_F8>3@-08po

diff --git a/acl/marshal.go b/acl/marshal.go
index 1ecdb70..c744798 100644
--- a/acl/marshal.go
+++ b/acl/marshal.go
@@ -31,6 +31,7 @@ const (
 	bearerTokenBodyACLField      = 1
 	bearerTokenBodyOwnerField    = 2
 	bearerTokenBodyLifetimeField = 3
+	bearerTokenBodyImpersonate   = 4
 
 	bearerTokenBodyField      = 1
 	bearerTokenSignatureField = 2
@@ -251,7 +252,8 @@ func (bt *BearerTokenBody) StableMarshal(buf []byte) []byte {
 
 	offset += protoutil.NestedStructureMarshal(bearerTokenBodyACLField, buf[offset:], bt.eacl)
 	offset += protoutil.NestedStructureMarshal(bearerTokenBodyOwnerField, buf[offset:], bt.ownerID)
-	protoutil.NestedStructureMarshal(bearerTokenBodyLifetimeField, buf[offset:], bt.lifetime)
+	offset += protoutil.NestedStructureMarshal(bearerTokenBodyLifetimeField, buf[offset:], bt.lifetime)
+	protoutil.BoolMarshal(bearerTokenBodyImpersonate, buf[offset:], bt.impersonate)
 
 	return buf
 }
@@ -264,6 +266,7 @@ func (bt *BearerTokenBody) StableSize() (size int) {
 	size += protoutil.NestedStructureSize(bearerTokenBodyACLField, bt.eacl)
 	size += protoutil.NestedStructureSize(bearerTokenBodyOwnerField, bt.ownerID)
 	size += protoutil.NestedStructureSize(bearerTokenBodyLifetimeField, bt.lifetime)
+	size += protoutil.BoolSize(bearerTokenBodyImpersonate, bt.impersonate)
 
 	return size
 }
diff --git a/acl/types.go b/acl/types.go
index f360af6..a2309cb 100644
--- a/acl/types.go
+++ b/acl/types.go
@@ -52,6 +52,8 @@ type BearerTokenBody struct {
 	ownerID *refs.OwnerID
 
 	lifetime *TokenLifetime
+
+	impersonate bool
 }
 
 type BearerToken struct {
@@ -340,6 +342,18 @@ func (bt *BearerTokenBody) SetLifetime(v *TokenLifetime) {
 	bt.lifetime = v
 }
 
+func (bt *BearerTokenBody) GetImpersonate() bool {
+	if bt != nil {
+		return bt.impersonate
+	}
+
+	return false
+}
+
+func (bt *BearerTokenBody) SetImpersonate(v bool) {
+	bt.impersonate = v
+}
+
 func (bt *BearerToken) GetBody() *BearerTokenBody {
 	if bt != nil {
 		return bt.body