forked from TrueCloudLab/frostfs-api-go
Merge pull request #60 from nspcc-dev/bump/api-v-0-6-0
Update neo-api library to v0.6.0
This commit is contained in:
commit
08fe4f8383
12 changed files with 106 additions and 81 deletions
2
Makefile
2
Makefile
|
@ -1,4 +1,4 @@
|
|||
PROTO_VERSION=v0.5.0
|
||||
PROTO_VERSION=v0.6.0
|
||||
PROTO_URL=https://github.com/nspcc-dev/neofs-api/archive/$(PROTO_VERSION).tar.gz
|
||||
|
||||
B=\033[0;1m
|
||||
|
|
BIN
acl/types.pb.go
Normal file
BIN
acl/types.pb.go
Normal file
Binary file not shown.
27
acl/types.proto
Normal file
27
acl/types.proto
Normal file
|
@ -0,0 +1,27 @@
|
|||
syntax = "proto3";
|
||||
package acl;
|
||||
option go_package = "github.com/nspcc-dev/neofs-api-go/acl";
|
||||
option csharp_namespace = "NeoFS.API.Acl";
|
||||
|
||||
import "github.com/gogo/protobuf/gogoproto/gogo.proto";
|
||||
option (gogoproto.stable_marshaler_all) = true;
|
||||
|
||||
// Target of the access control rule in access control list.
|
||||
enum Target {
|
||||
// Unknown target, default value.
|
||||
Unknown = 0;
|
||||
|
||||
// User target rule is applied if sender is the owner of the container.
|
||||
User = 1;
|
||||
|
||||
// System target rule is applied if sender is the storage node within the
|
||||
// container or inner ring node.
|
||||
System = 2;
|
||||
|
||||
// Others target rule is applied if sender is not user or system target.
|
||||
Others = 3;
|
||||
|
||||
// PubKey target rule is applied if sender has public key provided in
|
||||
// extended ACL.
|
||||
PubKey = 4;
|
||||
}
|
|
@ -31,9 +31,11 @@ func (m *PutRequest) PrepareData() ([]byte, error) {
|
|||
err error
|
||||
buf = new(bytes.Buffer)
|
||||
capBytes = make([]byte, 8)
|
||||
aclBytes = make([]byte, 4)
|
||||
)
|
||||
|
||||
binary.BigEndian.PutUint64(capBytes, m.Capacity)
|
||||
binary.BigEndian.PutUint32(capBytes, m.BasicACL)
|
||||
|
||||
if _, err = buf.Write(m.MessageID.Bytes()); err != nil {
|
||||
return nil, errors.Wrap(err, "could not write message id")
|
||||
|
@ -45,6 +47,8 @@ func (m *PutRequest) PrepareData() ([]byte, error) {
|
|||
return nil, errors.Wrap(err, "could not marshal placement")
|
||||
} else if _, err = buf.Write(data); err != nil {
|
||||
return nil, errors.Wrap(err, "could not write placement")
|
||||
} else if _, err = buf.Write(aclBytes); err != nil {
|
||||
return nil, errors.Wrap(err, "could not write basic acl")
|
||||
}
|
||||
|
||||
return buf.Bytes(), nil
|
||||
|
|
Binary file not shown.
|
@ -42,8 +42,8 @@ message PutRequest {
|
|||
// Rules define storage policy for the object inside the container.
|
||||
netmap.PlacementRule rules = 4 [(gogoproto.nullable) = false];
|
||||
|
||||
// Container ACL.
|
||||
AccessGroup Group = 5 [(gogoproto.nullable) = false];
|
||||
// BasicACL of the container.
|
||||
uint32 BasicACL = 5;
|
||||
|
||||
// RequestMetaHeader contains information about request meta headers (should be embedded into message)
|
||||
service.RequestMetaHeader Meta = 98 [(gogoproto.embed) = true, (gogoproto.nullable) = false];
|
||||
|
|
|
@ -11,19 +11,6 @@ import (
|
|||
"github.com/pkg/errors"
|
||||
)
|
||||
|
||||
// AccessMode is a container access mode type.
|
||||
type AccessMode uint32
|
||||
|
||||
const (
|
||||
// AccessModeRead is a read access mode.
|
||||
AccessModeRead AccessMode = 1 << iota
|
||||
// AccessModeWrite is a write access mode.
|
||||
AccessModeWrite
|
||||
)
|
||||
|
||||
// AccessModeReadWrite is a read/write container access mode.
|
||||
const AccessModeReadWrite = AccessModeRead | AccessModeWrite
|
||||
|
||||
var (
|
||||
_ internal.Custom = (*Container)(nil)
|
||||
|
||||
|
@ -31,8 +18,8 @@ var (
|
|||
emptyOwner = (OwnerID{}).Bytes()
|
||||
)
|
||||
|
||||
// New creates new user container based on capacity, OwnerID and PlacementRules.
|
||||
func New(cap uint64, owner OwnerID, rules netmap.PlacementRule) (*Container, error) {
|
||||
// New creates new user container based on capacity, OwnerID, ACL and PlacementRules.
|
||||
func New(cap uint64, owner OwnerID, acl uint32, rules netmap.PlacementRule) (*Container, error) {
|
||||
if bytes.Equal(owner[:], emptyOwner) {
|
||||
return nil, refs.ErrEmptyOwner
|
||||
} else if cap == 0 {
|
||||
|
@ -49,6 +36,7 @@ func New(cap uint64, owner OwnerID, rules netmap.PlacementRule) (*Container, err
|
|||
Salt: UUID(salt),
|
||||
Capacity: cap,
|
||||
Rules: rules,
|
||||
BasicACL: acl,
|
||||
}, nil
|
||||
}
|
||||
|
||||
|
@ -90,7 +78,7 @@ func NewTestContainer() (*Container, error) {
|
|||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return New(100, owner, netmap.PlacementRule{
|
||||
return New(100, owner, 0xFFFFFFFF, netmap.PlacementRule{
|
||||
ReplFactor: 2,
|
||||
SFGroups: []netmap.SFGroup{
|
||||
{
|
||||
|
|
Binary file not shown.
|
@ -18,18 +18,7 @@ message Container {
|
|||
uint64 Capacity = 3;
|
||||
// Rules define storage policy for the object inside the container.
|
||||
netmap.PlacementRule Rules = 4 [(gogoproto.nullable) = false];
|
||||
// Container ACL.
|
||||
AccessControlList List = 5 [(gogoproto.nullable) = false];
|
||||
}
|
||||
|
||||
message AccessGroup {
|
||||
// Group access mode.
|
||||
uint32 AccessMode = 1;
|
||||
// Group members.
|
||||
repeated bytes UserGroup = 2 [(gogoproto.customtype) = "OwnerID", (gogoproto.nullable) = false];
|
||||
}
|
||||
|
||||
message AccessControlList {
|
||||
// List of access groups.
|
||||
repeated AccessGroup List = 1 [(gogoproto.nullable) = false];
|
||||
// BasicACL with access control rules for owner, system, others and
|
||||
// permission bits for bearer token and extended ACL.
|
||||
uint32 BasicACL = 5;
|
||||
}
|
||||
|
|
|
@ -36,7 +36,7 @@ func TestCID(t *testing.T) {
|
|||
owner, err := refs.NewOwnerID(&key.PublicKey)
|
||||
require.NoError(t, err)
|
||||
|
||||
c1, err := New(10, owner, rules)
|
||||
c1, err := New(10, owner, 0xDEADBEEF, rules)
|
||||
require.NoError(t, err)
|
||||
|
||||
data, err := proto.Marshal(c1)
|
||||
|
@ -55,23 +55,3 @@ func TestCID(t *testing.T) {
|
|||
require.Equal(t, cid1, cid2)
|
||||
})
|
||||
}
|
||||
|
||||
func TestAccessMode(t *testing.T) {
|
||||
t.Run("read access to read/write mode", func(t *testing.T) {
|
||||
require.Equal(t, AccessModeRead, AccessModeReadWrite&AccessModeRead)
|
||||
})
|
||||
|
||||
t.Run("write access to read/write mode", func(t *testing.T) {
|
||||
require.Equal(t, AccessModeWrite, AccessModeReadWrite&AccessModeWrite)
|
||||
})
|
||||
|
||||
t.Run("read(write) access to write(read) mode", func(t *testing.T) {
|
||||
require.Zero(t, AccessModeRead&AccessModeWrite)
|
||||
})
|
||||
|
||||
t.Run("access to same mode", func(t *testing.T) {
|
||||
require.Equal(t, AccessModeWrite, AccessModeWrite&AccessModeWrite)
|
||||
require.Equal(t, AccessModeRead, AccessModeRead&AccessModeRead)
|
||||
require.Equal(t, AccessModeReadWrite, AccessModeReadWrite&AccessModeReadWrite)
|
||||
})
|
||||
}
|
||||
|
|
62
docs/acl.md
Normal file
62
docs/acl.md
Normal file
|
@ -0,0 +1,62 @@
|
|||
# Protocol Documentation
|
||||
<a name="top"></a>
|
||||
|
||||
## Table of Contents
|
||||
|
||||
- [acl/types.proto](#acl/types.proto)
|
||||
|
||||
|
||||
|
||||
- [Scalar Value Types](#scalar-value-types)
|
||||
|
||||
|
||||
|
||||
<a name="acl/types.proto"></a>
|
||||
<p align="right"><a href="#top">Top</a></p>
|
||||
|
||||
## acl/types.proto
|
||||
|
||||
|
||||
<!-- end services -->
|
||||
|
||||
<!-- end messages -->
|
||||
|
||||
|
||||
<a name="acl.Target"></a>
|
||||
|
||||
### Target
|
||||
Target of the access control rule in access control list.
|
||||
|
||||
| Name | Number | Description |
|
||||
| ---- | ------ | ----------- |
|
||||
| Unknown | 0 | Unknown target, default value. |
|
||||
| User | 1 | User target rule is applied if sender is the owner of the container. |
|
||||
| System | 2 | System target rule is applied if sender is the storage node within the container or inner ring node. |
|
||||
| Others | 3 | Others target rule is applied if sender is not user or system target. |
|
||||
| PubKey | 4 | PubKey target rule is applied if sender has public key provided in extended ACL. |
|
||||
|
||||
|
||||
<!-- end enums -->
|
||||
|
||||
|
||||
|
||||
## Scalar Value Types
|
||||
|
||||
| .proto Type | Notes | C++ Type | Java Type | Python Type |
|
||||
| ----------- | ----- | -------- | --------- | ----------- |
|
||||
| <a name="double" /> double | | double | double | float |
|
||||
| <a name="float" /> float | | float | float | float |
|
||||
| <a name="int32" /> int32 | Uses variable-length encoding. Inefficient for encoding negative numbers – if your field is likely to have negative values, use sint32 instead. | int32 | int | int |
|
||||
| <a name="int64" /> int64 | Uses variable-length encoding. Inefficient for encoding negative numbers – if your field is likely to have negative values, use sint64 instead. | int64 | long | int/long |
|
||||
| <a name="uint32" /> uint32 | Uses variable-length encoding. | uint32 | int | int/long |
|
||||
| <a name="uint64" /> uint64 | Uses variable-length encoding. | uint64 | long | int/long |
|
||||
| <a name="sint32" /> sint32 | Uses variable-length encoding. Signed int value. These more efficiently encode negative numbers than regular int32s. | int32 | int | int |
|
||||
| <a name="sint64" /> sint64 | Uses variable-length encoding. Signed int value. These more efficiently encode negative numbers than regular int64s. | int64 | long | int/long |
|
||||
| <a name="fixed32" /> fixed32 | Always four bytes. More efficient than uint32 if values are often greater than 2^28. | uint32 | int | int |
|
||||
| <a name="fixed64" /> fixed64 | Always eight bytes. More efficient than uint64 if values are often greater than 2^56. | uint64 | long | int/long |
|
||||
| <a name="sfixed32" /> sfixed32 | Always four bytes. | int32 | int | int |
|
||||
| <a name="sfixed64" /> sfixed64 | Always eight bytes. | int64 | long | int/long |
|
||||
| <a name="bool" /> bool | | bool | boolean | boolean |
|
||||
| <a name="string" /> string | A string must always contain UTF-8 encoded or 7-bit ASCII text. | string | String | str/unicode |
|
||||
| <a name="bytes" /> bytes | May contain any arbitrary sequence of bytes. | string | ByteString | str |
|
||||
|
|
@ -21,8 +21,6 @@
|
|||
- [container/types.proto](#container/types.proto)
|
||||
|
||||
- Messages
|
||||
- [AccessControlList](#container.AccessControlList)
|
||||
- [AccessGroup](#container.AccessGroup)
|
||||
- [Container](#container.Container)
|
||||
|
||||
|
||||
|
@ -166,7 +164,7 @@ via consensus in inner ring nodes
|
|||
| Capacity | [uint64](#uint64) | | Capacity defines amount of data that can be stored in the container (doesn't used for now). |
|
||||
| OwnerID | [bytes](#bytes) | | OwnerID is a wallet address |
|
||||
| rules | [netmap.PlacementRule](#netmap.PlacementRule) | | Rules define storage policy for the object inside the container. |
|
||||
| Group | [AccessGroup](#container.AccessGroup) | | Container ACL. |
|
||||
| BasicACL | [uint32](#uint32) | | BasicACL of the container. |
|
||||
| Meta | [service.RequestMetaHeader](#service.RequestMetaHeader) | | RequestMetaHeader contains information about request meta headers (should be embedded into message) |
|
||||
| Verify | [service.RequestVerificationHeader](#service.RequestVerificationHeader) | | RequestVerificationHeader is a set of signatures of every NeoFS Node that processed request (should be embedded into message) |
|
||||
|
||||
|
@ -196,29 +194,6 @@ via consensus in inner ring nodes
|
|||
<!-- end services -->
|
||||
|
||||
|
||||
<a name="container.AccessControlList"></a>
|
||||
|
||||
### Message AccessControlList
|
||||
|
||||
|
||||
|
||||
| Field | Type | Label | Description |
|
||||
| ----- | ---- | ----- | ----------- |
|
||||
| List | [AccessGroup](#container.AccessGroup) | repeated | List of access groups. |
|
||||
|
||||
|
||||
<a name="container.AccessGroup"></a>
|
||||
|
||||
### Message AccessGroup
|
||||
|
||||
|
||||
|
||||
| Field | Type | Label | Description |
|
||||
| ----- | ---- | ----- | ----------- |
|
||||
| AccessMode | [uint32](#uint32) | | Group access mode. |
|
||||
| UserGroup | [bytes](#bytes) | repeated | Group members. |
|
||||
|
||||
|
||||
<a name="container.Container"></a>
|
||||
|
||||
### Message Container
|
||||
|
@ -231,7 +206,7 @@ The Container service definition.
|
|||
| Salt | [bytes](#bytes) | | Salt is a nonce for unique container id calculation. |
|
||||
| Capacity | [uint64](#uint64) | | Capacity defines amount of data that can be stored in the container (doesn't used for now). |
|
||||
| Rules | [netmap.PlacementRule](#netmap.PlacementRule) | | Rules define storage policy for the object inside the container. |
|
||||
| List | [AccessControlList](#container.AccessControlList) | | Container ACL. |
|
||||
| BasicACL | [uint32](#uint32) | | BasicACL with access control rules for owner, system, others and permission bits for bearer token and extended ACL. |
|
||||
|
||||
<!-- end messages -->
|
||||
|
||||
|
|
Loading…
Reference in a new issue