[#303] ir: Use pub key when validate container deletion

Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com>
2023-06-01 11:55:06 +03:00 · 2023-06-01 11:55:06 +03:00 · 50caa388b0
commit 50caa388b0
parent 69df0d21c2
6 changed files with 31 additions and 47 deletions
--- a/pkg/core/container/delete.go
+++ b/pkg/core/container/delete.go
@ -1,6 +1,7 @@
 package container
 import (
 	"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/refs"
 	cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/session"
 )
@ -8,43 +9,14 @@ import (
 // RemovalWitness groups the information required
 // to prove and verify the removal of a container.
 type RemovalWitness struct {
-	cnr cid.ID
+	// ContainerID returns the identifier of the container
 	// to be removed.
 	ContainerID cid.ID
-	sig []byte
+	// Signature the signature of the container identifier.
 	Signature *refs.Signature
-	token *session.Container
+	// SessionToken the token of the session within
-}
+	// which the container was removed.
-
+	SessionToken *session.Container
 // ContainerID returns the identifier of the container
 // to be removed.
 func (x RemovalWitness) ContainerID() cid.ID {
 	return x.cnr
 }
 // SetContainerID sets the identifier of the container
 // to be removed.
 func (x *RemovalWitness) SetContainerID(id cid.ID) {
 	x.cnr = id
 }
 // Signature returns the signature of the container identifier.
 func (x RemovalWitness) Signature() []byte {
 	return x.sig
 }
 // SetSignature sets a signature of the container identifier.
 func (x *RemovalWitness) SetSignature(sig []byte) {
 	x.sig = sig
 }
 // SessionToken returns the token of the session within
 // which the container was removed.
 func (x RemovalWitness) SessionToken() *session.Container {
 	return x.token
 }
 // SetSessionToken sets the token of the session within
 // which the container was removed.
 func (x *RemovalWitness) SetSessionToken(tok *session.Container) {
 	x.token = tok
 }
--- a/pkg/innerring/processors/container/process_container.go
+++ b/pkg/innerring/processors/container/process_container.go
@ -148,6 +148,7 @@ func (cp *Processor) checkDeleteContainer(e containerEvent.Delete) error {
 		binTokenSession: e.SessionToken(),
 		signature:       e.Signature(),
 		signedData:      binCnr,
 		binPublicKey:    e.PublicKeyValue,
 	})
 	if err != nil {
 		return fmt.Errorf("auth container removal: %w", err)
--- a/pkg/morph/client/container/delete.go
+++ b/pkg/morph/client/container/delete.go
@ -14,14 +14,15 @@ import (
 // Returns error if container ID is nil.
 func Delete(c *Client, witness core.RemovalWitness) error {
 	binCnr := make([]byte, sha256.Size)
-	witness.ContainerID().Encode(binCnr)
+	witness.ContainerID.Encode(binCnr)
 	var prm DeletePrm
 	prm.SetCID(binCnr)
-	prm.SetSignature(witness.Signature())
+	prm.SetSignature(witness.Signature.GetSign())
 	prm.SetKey(witness.Signature.GetKey())
-	if tok := witness.SessionToken(); tok != nil {
+	if tok := witness.SessionToken; tok != nil {
 		prm.SetToken(tok.Marshal())
 	}
@ -33,6 +34,7 @@ type DeletePrm struct {
 	cnr       []byte
 	signature []byte
 	token     []byte
 	key       []byte
 	client.InvokePrmOptional
 }
@ -52,6 +54,11 @@ func (d *DeletePrm) SetToken(token []byte) {
 	d.token = token
 }
 // SetKey sets public key.
 func (d *DeletePrm) SetKey(key []byte) {
 	d.key = key
 }
 // Delete removes the container from FrostFS system
 // through Container contract call.
 //
@ -66,7 +73,7 @@ func (c *Client) Delete(p DeletePrm) error {
 	prm := client.InvokePrm{}
 	prm.SetMethod(deleteMethod)
-	prm.SetArgs(p.cnr, p.signature, p.token)
+	prm.SetArgs(p.cnr, p.signature, p.key, p.token)
 	prm.InvokePrmOptional = p.InvokePrmOptional
 	err := c.client.Invoke(prm)
--- a/pkg/morph/event/container/delete.go
+++ b/pkg/morph/event/container/delete.go
@ -15,6 +15,7 @@ type Delete struct {
 	ContainerIDValue []byte
 	SignatureValue   []byte
 	TokenValue       []byte
 	PublicKeyValue   []byte
 	// For notary notifications only.
 	// Contains raw transactions of notary request.
@ -42,7 +43,7 @@ func (d Delete) NotaryRequest() *payload.P2PNotaryRequest {
 	return d.NotaryRequestValue
 }
-const expectedItemNumDelete = 3
+const expectedItemNumDelete = 4
 // DeleteSuccess structures notification event of successful container removal
 // thrown by Container contract.
--- a/pkg/morph/event/container/delete_notary.go
+++ b/pkg/morph/event/container/delete_notary.go
@ -17,6 +17,10 @@ func (d *Delete) setSignature(v []byte) {
 	}
 }
 func (d *Delete) setPublicKey(v []byte) {
 	d.PublicKeyValue = v
 }
 func (d *Delete) setToken(v []byte) {
 	if v != nil {
 		d.TokenValue = v
@ -26,6 +30,7 @@ func (d *Delete) setToken(v []byte) {
 var deleteFieldSetters = []func(*Delete, []byte){
 	// order on stack is reversed
 	(*Delete).setToken,
 	(*Delete).setPublicKey,
 	(*Delete).setSignature,
 	(*Delete).setContainerID,
 }
--- a/pkg/services/container/morph/executor.go
+++ b/pkg/services/container/morph/executor.go
@ -109,8 +109,6 @@ func (s *morphExecutor) Delete(_ context.Context, tokV2 *sessionV2.Token, body *
 		return nil, fmt.Errorf("invalid container ID: %w", err)
 	}
 	sig := body.GetSignature().GetSign()
 	var tok *session.Container
 	if tokV2 != nil {
@ -124,9 +122,9 @@ func (s *morphExecutor) Delete(_ context.Context, tokV2 *sessionV2.Token, body *
 	var rmWitness containercore.RemovalWitness
-	rmWitness.SetContainerID(id)
+	rmWitness.ContainerID = id
-	rmWitness.SetSignature(sig)
+	rmWitness.Signature = body.GetSignature()
-	rmWitness.SetSessionToken(tok)
+	rmWitness.SessionToken = tok
 	err = s.wrt.Delete(rmWitness)
 	if err != nil {