Alex Vanin
ca552f53c6
[ #115 ] Check session token validity
...
Malicious user can stole public session key and use
it by sending request from it's own scope. To prevent
this each session token is signed and signature private
key must be corresponded with owner id in token. Therefore
malicious node cannot impersonate request without private
key to sign token.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2020-10-22 11:55:28 +03:00
Leonard Lyubich
dae94aa230
[ #60 ] morph/netmap: Implement Epoch method on netmap client wrapper
...
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2020-10-22 11:54:08 +03:00
Leonard Lyubich
20fb8547b6
[ #60 ] morph/netmap: Implement Epoch method on Client
...
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2020-10-22 11:54:08 +03:00
Leonard Lyubich
16a5107ef1
[ #60 ] object/put: Provide network State interface to formatter
...
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2020-10-22 11:54:08 +03:00
Leonard Lyubich
b627814dd8
[ #60 ] object/transformer: Set creation epoch number in new objects
...
Set value of CreationEpoch object field to the value from network State.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2020-10-22 11:54:08 +03:00
Leonard Lyubich
7c081e4f15
[ #60 ] core/netmap: Define interface of current network properties
...
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2020-10-22 11:54:08 +03:00
Leonard Lyubich
4a56f82571
[ #60 ] object/transformer: Group parameters of NewFormatTarget func
...
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2020-10-22 11:54:08 +03:00
Leonard Lyubich
2541ed4b8f
[ #88 ] object/eacl: Use String() methods to calculate ID values
...
Replace hex encoding of IDs with String() call (base58) in eACL processing.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2020-10-21 18:53:04 +03:00
Leonard Lyubich
5318abcf38
[ #88 ] object/search: Use String() methods to calculate ID values
...
Replace hex encoding of IDs with String() call (base58) in search query
processing.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2020-10-21 18:53:04 +03:00
Leonard Lyubich
0dab4b7581
[ #108 ] services: Implement Policer service
...
Implement Policer service that performs background work to check compliance
with the placement policy for local objects in the container. In the initial
implementation, the selection of the working queue of objects is
simplified, and there is no transfer of the result to the replicator.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2020-10-21 14:42:51 +03:00
Leonard Lyubich
f6e56aa956
[ #108 ] placement: Implement Builder from netmap source
...
Implement placement.Builder interface on netmap.Source wrapper.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2020-10-21 14:42:51 +03:00
Leonard Lyubich
5017ff0e4a
[ #108 ] object/head: Export remote header retrieval utility
...
Export remote head functionality in headsvc package. Refactor head service
to use RemoteHeader.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2020-10-21 14:42:51 +03:00
Leonard Lyubich
5ad0df7794
[ #108 ] object/head: Return 404 error if header was not found
...
Define ErrNotFound error in headsvc package. Return ErrNotFound from Head
method if the header was not found in the container.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2020-10-21 14:42:51 +03:00
Alex Vanin
ae0dd9e051
[ #106 ] Pass bearer token through generated requests
...
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2020-10-20 18:05:29 +03:00
Alex Vanin
e6f04f7785
[ #104 ] Update neofs-api-go with new protobuf API
...
Also update contains JSON converters for neofs-cli
and fixes bug in container.set-acl command of SDK.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2020-10-20 17:31:59 +03:00
Alex Vanin
9e08b41a6f
[ #102 ] Set split header in left object
...
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2020-10-20 09:59:09 +03:00
Leonard Lyubich
54bdeb60a1
[ #22 ] Support string type in stack parameter converter
...
Set type of stack parameter to StringType in type-switch statement of
toStackParameter function.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2020-10-19 12:27:56 +03:00
Alex Vanin
643e81254c
[ #25 ] Add placement policy QL encoder
...
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2020-10-17 13:16:59 +03:00
Evgenii Stratonikov
d7c53debb5
[ #46 ] Make SELECT attribute optional
...
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
2020-10-16 16:15:27 +03:00
Alex Vanin
719075ca97
[ #99 ] Fix no-root search matcher
...
Wrong boolean operation order made matcher return false
on `non-root` search query with non-regular objects. Instead
it should return true for `non-root` query and false for `root`
query.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2020-10-16 13:45:35 +03:00
Alex Vanin
1332a6d3a8
[ #92 ] Provide session token to all produced requests
...
If object service produces new request, the should contain
session token. This is the only way for node to grant access
for a private container.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2020-10-15 10:20:10 +03:00
Alex Vanin
dd48666357
[ #72 ] Shutdown inner ring app if RPC node has been terminated
...
Adopt error channel from Listener interface.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2020-10-14 09:37:48 +03:00
Alex Vanin
ccbb9ce6ab
[ #72 ] Add ListenWithError method in Listener interface
...
Listen and ListenWithError methods check if subscriber channel
has been closed. If so, ListenWithError passes error message
into provided channel.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2020-10-14 09:37:48 +03:00
Alex Vanin
ca006245d2
[ #72 ] Close subscription channel if RPC was terminated
...
RPC node closes websocket notification channel if it was terminated
or something wrong happened. Subscriber has to check this condition
and alert about this in upper context by closing it's own channel.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2020-10-14 09:37:48 +03:00
Alex Vanin
d3d8f00757
[ #72 ] Init inner ring configuration before run
...
This way we can re-initialize application in any given
moment, which is useful for reconnects.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2020-10-14 09:37:48 +03:00
Alex Vanin
ade185191b
[ #47 ] Use less extra gas on netmap contract methods
...
* 1.0 extra gas for new epoch vote
* 0.5 extra gas for new peer approve
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2020-10-12 14:43:33 +03:00
Alex Vanin
b7ee05088c
[ #86 ] Use alphabet processor in inner ring app
...
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2020-10-12 14:43:33 +03:00
Alex Vanin
f1f20b49db
[ #86 ] Add alphabet contract processor
...
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2020-10-12 14:43:33 +03:00
Alex Vanin
4308a6f522
[ #86 ] Run timer for gas emission event
...
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2020-10-12 14:43:33 +03:00
Alex Vanin
6bc787bb19
[ #86 ] Add alphabet contract configuration
...
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2020-10-12 14:43:33 +03:00
Alex Vanin
dcb384d551
[ #86 ] Specify inner ring list index in global state
...
Inner ring index will be used to access alphabet contracts.
First seven inner ring nods communicating with one alphabet
contract, depending on their index.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2020-10-12 14:43:33 +03:00
Alex Vanin
2d5cb378a7
[ #84 ] Add netmap service executor and signer
...
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2020-10-09 09:15:18 +03:00
Alex Vanin
f92dc5b27c
[ #84 ] Add GRPC layer of netmap service
...
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2020-10-09 09:15:18 +03:00
Alex Vanin
0e7e0bd2d6
[ #84 ] Remove mocks and debug code from neofs-node services
...
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2020-10-09 09:15:18 +03:00
Alex Vanin
b5aef1011b
[ #74 ] Update test of netmap.UpdateState
event parser
...
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2020-10-09 09:15:18 +03:00
Alex Vanin
e3f8e350f9
[ #82 ] Fix conversion of container id values from smart-contract
...
Smart-contract stores container ids as a raw bytes, not marshaled
protobuf structures.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2020-10-08 11:22:50 +03:00
Alex Vanin
7d51688d2c
[ #82 ] Return length check of serialized container
...
In #37 we've decided to remove length check, because smart contract would
fail on casting `nil` value from storage to `[]byte` producing FAULT state.
Apparently it does not fail, so we have to check length explicitly.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2020-10-08 11:22:50 +03:00
Alex Vanin
87fc4f5df7
[ #82 ] Use morph wrapper in container service
...
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2020-10-08 11:22:50 +03:00
Alex Vanin
204eaab5a9
[ #75 ] Fix order of update peer state method arguments
...
This method has node status first and public key second.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2020-10-05 18:58:35 +03:00
Alex Vanin
f40f1ca0c0
[ #74 ] Fix order of netmap.UpdateState event arguments
...
This event has node status first and public key second.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2020-10-05 18:31:13 +03:00
Alex Vanin
cd34145969
[ #73 ] Use request owner public key in eACL check
...
Classifier fetches public key of the request owner
and owner itself. Extended ACL check should rely on
this public key, because it might be extracted from
session token.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2020-10-05 18:02:37 +03:00
Alex Vanin
7a2654719e
[ #71 ] Return only regular objects in root object search
...
Root search applies for user objects, so it should not
return tombstones and storage groups.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2020-10-05 14:03:55 +03:00
Alex Vanin
11262bed4a
[ #71 ] Broadcast tombstone to container
...
With one tombstone for split objects we can't simply
place it in container. We should inform all nodes that
store split objects of removed original object.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2020-10-05 14:03:55 +03:00
Leonard Lyubich
9cdf7d3896
[ #69 ] object/acl: Check eACL rules in ACL service
...
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2020-10-05 14:02:14 +03:00
Leonard Lyubich
1d676fcfb2
[ #69 ] object/acl: Add eACL components to service
...
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2020-10-05 14:02:14 +03:00
Leonard Lyubich
a7782cf1f9
[ #69 ] object/acl: Extended requestInfo structure
...
Add container identifier field. Add send public key field.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2020-10-05 14:02:14 +03:00
Leonard Lyubich
6c3c872ee4
[ #69 ] object/acl: Define access denied error
...
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2020-10-05 14:02:14 +03:00
Leonard Lyubich
0f52444ae9
[ #69 ] object/acl: Change basic ACL type in requestInfo
...
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2020-10-05 14:02:14 +03:00
Leonard Lyubich
30e6912c7b
[ #69 ] object/acl: Construct service from options
...
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2020-10-05 14:02:14 +03:00
Leonard Lyubich
e5898c9ca8
[ #69 ] object/acl: Rename BasicChecker to Service
...
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2020-10-05 14:02:14 +03:00