From df197dc38b45b08cd8b274b977e764dfee478b2f Mon Sep 17 00:00:00 2001 From: Leonard Lyubich Date: Tue, 25 May 2021 18:18:32 +0300 Subject: [PATCH] [#525] morph/container: Do not return signature from GetEACL method In previous implementation wrapper over the Container contract's client returned the signature of the eACL table in addition to itself. After recent changes in API Go lib table carries its signature. Thus, it is redundant to return the table signature separately. Make `Wrapper.GetEACL` method to return only `eacl.Table` with error. Signed-off-by: Leonard Lyubich --- cmd/neofs-node/object.go | 4 +++- pkg/morph/client/container/wrapper/eacl.go | 16 +++++++++------- pkg/services/container/morph/executor.go | 4 ++-- 3 files changed, 14 insertions(+), 10 deletions(-) diff --git a/cmd/neofs-node/object.go b/cmd/neofs-node/object.go index 449c41b8a..d10c3bdbf 100644 --- a/cmd/neofs-node/object.go +++ b/cmd/neofs-node/object.go @@ -371,11 +371,13 @@ func (s *signedEACLTable) SignedDataSize() int { } func (s *morphEACLStorage) GetEACL(cid *container.ID) (*eaclSDK.Table, error) { - table, sig, err := s.w.GetEACL(cid) + table, err := s.w.GetEACL(cid) if err != nil { return nil, err } + sig := table.Signature() + if err := signature.VerifyDataWithSource( (*signedEACLTable)(table), func() ([]byte, []byte) { diff --git a/pkg/morph/client/container/wrapper/eacl.go b/pkg/morph/client/container/wrapper/eacl.go index ba98b8e4a..6b0001ed7 100644 --- a/pkg/morph/client/container/wrapper/eacl.go +++ b/pkg/morph/client/container/wrapper/eacl.go @@ -12,23 +12,23 @@ import ( // GetEACL reads the extended ACL table from NeoFS system // through Container contract call. -func (w *Wrapper) GetEACL(cid *containerSDK.ID) (*eacl.Table, *pkg.Signature, error) { +func (w *Wrapper) GetEACL(cid *containerSDK.ID) (*eacl.Table, error) { if cid == nil { - return nil, nil, errNilArgument + return nil, errNilArgument } args := client.EACLArgs{} v2 := cid.ToV2() if v2 == nil { - return nil, nil, errUnsupported // use other major version if there any + return nil, errUnsupported // use other major version if there any } args.SetCID(v2.GetValue()) rpcAnswer, err := w.client.EACL(args) if err != nil { - return nil, nil, err + return nil, err } // Client may not return errors if the table is missing, so check this case additionally. @@ -36,7 +36,7 @@ func (w *Wrapper) GetEACL(cid *containerSDK.ID) (*eacl.Table, *pkg.Signature, er // since unsigned table cannot be approved in the storage by design. sig := rpcAnswer.Signature() if len(sig) == 0 { - return nil, nil, container.ErrEACLNotFound + return nil, container.ErrEACLNotFound } tableSignature := pkg.NewSignature() @@ -46,10 +46,12 @@ func (w *Wrapper) GetEACL(cid *containerSDK.ID) (*eacl.Table, *pkg.Signature, er table := eacl.NewTable() if err = table.Unmarshal(rpcAnswer.EACL()); err != nil { // use other major version if there any - return nil, nil, err + return nil, err } - return table, tableSignature, nil + table.SetSignature(tableSignature) + + return table, nil } // PutEACL marshals table, and passes it to Wrapper's PutEACLBinary method diff --git a/pkg/services/container/morph/executor.go b/pkg/services/container/morph/executor.go index c2a75345d..d17d60138 100644 --- a/pkg/services/container/morph/executor.go +++ b/pkg/services/container/morph/executor.go @@ -102,14 +102,14 @@ func (s *morphExecutor) SetExtendedACL(ctx context.Context, body *container.SetE func (s *morphExecutor) GetExtendedACL(ctx context.Context, body *container.GetExtendedACLRequestBody) (*container.GetExtendedACLResponseBody, error) { cid := containerSDK.NewIDFromV2(body.GetContainerID()) - table, signature, err := s.wrapper.GetEACL(cid) + table, err := s.wrapper.GetEACL(cid) if err != nil { return nil, err } res := new(container.GetExtendedACLResponseBody) res.SetEACL(table.ToV2()) - res.SetSignature(signature.ToV2()) + res.SetSignature(table.Signature().ToV2()) res.SetSessionToken(table.SessionToken().ToV2()) return res, nil