diff --git a/cmd/neofs-node/config.go b/cmd/neofs-node/config.go index d2b008011..2ce95ccff 100644 --- a/cmd/neofs-node/config.go +++ b/cmd/neofs-node/config.go @@ -17,6 +17,7 @@ import ( "github.com/nspcc-dev/neofs-node/pkg/local_object_storage/bucket/boltdb" "github.com/nspcc-dev/neofs-node/pkg/local_object_storage/bucket/fsbucket" "github.com/nspcc-dev/neofs-node/pkg/morph/client" + "github.com/nspcc-dev/neofs-node/pkg/morph/client/container/wrapper" nmwrapper "github.com/nspcc-dev/neofs-node/pkg/morph/client/netmap/wrapper" "github.com/nspcc-dev/neofs-node/pkg/network" tokenStorage "github.com/nspcc-dev/neofs-node/pkg/services/session/storage" @@ -159,6 +160,8 @@ type cfgObject struct { metastorage bucket.Bucket blobstorage bucket.Bucket + + cnrClient *wrapper.Wrapper } const ( diff --git a/cmd/neofs-node/container.go b/cmd/neofs-node/container.go index 6eacdcd6d..51b20f622 100644 --- a/cmd/neofs-node/container.go +++ b/cmd/neofs-node/container.go @@ -26,6 +26,7 @@ func initContainerService(c *cfg) { fatalOnErr(err) c.cfgObject.cnrStorage = wrap // use RPC node as source of containers + c.cfgObject.cnrClient = wrap metaHdr := new(session.ResponseMetaHeader) xHdr := new(session.XHeader) diff --git a/cmd/neofs-node/object.go b/cmd/neofs-node/object.go index f0c5d5fd9..69a027df6 100644 --- a/cmd/neofs-node/object.go +++ b/cmd/neofs-node/object.go @@ -16,6 +16,7 @@ import ( objectTransportGRPC "github.com/nspcc-dev/neofs-node/pkg/network/transport/object/grpc" objectService "github.com/nspcc-dev/neofs-node/pkg/services/object" "github.com/nspcc-dev/neofs-node/pkg/services/object/acl" + "github.com/nspcc-dev/neofs-node/pkg/services/object/acl/eacl" deletesvc "github.com/nspcc-dev/neofs-node/pkg/services/object/delete" deletesvcV2 "github.com/nspcc-dev/neofs-node/pkg/services/object/delete/v2" getsvc "github.com/nspcc-dev/neofs-node/pkg/services/object/get" @@ -319,6 +320,11 @@ func initObjectService(c *cfg) { ), ), ), + acl.WithLocalStorage(ls), + acl.WithEACLValidatorOptions( + eacl.WithMorphClient(c.cfgObject.cnrClient), + eacl.WithLogger(c.log), + ), ), ), ) diff --git a/pkg/services/object/acl/basic.go b/pkg/services/object/acl/basic.go index b0a9742d6..214cdb352 100644 --- a/pkg/services/object/acl/basic.go +++ b/pkg/services/object/acl/basic.go @@ -11,6 +11,8 @@ import ( "github.com/nspcc-dev/neofs-api-go/v2/object" "github.com/nspcc-dev/neofs-api-go/v2/session" core "github.com/nspcc-dev/neofs-node/pkg/core/container" + "github.com/nspcc-dev/neofs-node/pkg/local_object_storage/localstore" + "github.com/nspcc-dev/neofs-node/pkg/services/object/acl/eacl" "github.com/pkg/errors" ) @@ -59,6 +61,16 @@ type cfg struct { sender SenderClassifier next object.Service + + *eACLCfg +} + +type eACLCfg struct { + eACLOpts []eacl.Option + + eACL *eacl.Validator + + localStorage *localstore.Storage } type accessErr struct { @@ -74,7 +86,9 @@ var ( ) func defaultCfg() *cfg { - return new(cfg) + return &cfg{ + eACLCfg: new(eACLCfg), + } } // New is a constructor for object ACL checking service. @@ -85,6 +99,8 @@ func New(opts ...Option) Service { opts[i](cfg) } + cfg.eACL = eacl.NewValidator(cfg.eACLOpts...) + return Service{ cfg: cfg, } diff --git a/pkg/services/object/acl/opts.go b/pkg/services/object/acl/opts.go index 52fa75b40..4dcb321e8 100644 --- a/pkg/services/object/acl/opts.go +++ b/pkg/services/object/acl/opts.go @@ -3,6 +3,8 @@ package acl import ( "github.com/nspcc-dev/neofs-api-go/v2/object" "github.com/nspcc-dev/neofs-node/pkg/core/container" + "github.com/nspcc-dev/neofs-node/pkg/local_object_storage/localstore" + "github.com/nspcc-dev/neofs-node/pkg/services/object/acl/eacl" ) // WithContainerSource returns option to set container source. @@ -25,3 +27,17 @@ func WithNextService(v object.Service) Option { c.next = v } } + +// WithEACLValidator returns options to set eACL validator options. +func WithEACLValidatorOptions(v ...eacl.Option) Option { + return func(c *cfg) { + c.eACLOpts = v + } +} + +// WithLocalStorage returns options to set local object storage. +func WithLocalStorage(v *localstore.Storage) Option { + return func(c *cfg) { + c.localStorage = v + } +}