dstepanov-yadro/frostfs-node
1
0
Fork 0
forked from TrueCloudLab/frostfs-node
Code Issues Pull requests Projects Releases Packages Wiki Activity

[#1283] services/object: Disallow creating objects without a session token

Browse source 
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
This commit is contained in:
Evgenii Stratonikov 2022-04-04 12:21:54 +03:00 committed by LeL
parent a254fd6bc8
commit c6a9c5cd8c
1 changed files with 7 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
pkg/services/object/put/streamer.go
View file

@ -11,6 +11,7 @@ import (
"github.com/nspcc-dev/neofs-node/pkg/services/object_manager/placement"
"github.com/nspcc-dev/neofs-node/pkg/services/object_manager/transformer"
"github.com/nspcc-dev/neofs-sdk-go/object"
"github.com/nspcc-dev/neofs-sdk-go/owner"
)
type Streamer struct {
@ -88,6 +89,12 @@ func (p *Streamer) initTarget(prm *PutInitPrm) error {
return fmt.Errorf("(%T) could not receive session key: %w", p, err)
}
// In case session token is missing, the line above returns the default key.
// If it isn't owner key, replication attempts will fail, thus this check.
if sToken == nil && !prm.hdr.OwnerID().Equal(owner.NewIDFromPublicKey(&sessionKey.PublicKey)) {
return fmt.Errorf("(%T) session token is missing but object owner id is different from the default key", p)
}
p.target = transformer.NewPayloadSizeLimiter(
p.maxPayloadSz,
func() transformer.ObjectTarget {