[] object/acl: Add eACL components to service

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
This commit is contained in:
Leonard Lyubich 2020-10-03 10:46:57 +03:00 committed by Alex Vanin
parent a7782cf1f9
commit 1d676fcfb2
5 changed files with 43 additions and 1 deletions
cmd/neofs-node
pkg/services/object/acl

View file

@ -17,6 +17,7 @@ import (
"github.com/nspcc-dev/neofs-node/pkg/local_object_storage/bucket/boltdb"
"github.com/nspcc-dev/neofs-node/pkg/local_object_storage/bucket/fsbucket"
"github.com/nspcc-dev/neofs-node/pkg/morph/client"
"github.com/nspcc-dev/neofs-node/pkg/morph/client/container/wrapper"
nmwrapper "github.com/nspcc-dev/neofs-node/pkg/morph/client/netmap/wrapper"
"github.com/nspcc-dev/neofs-node/pkg/network"
tokenStorage "github.com/nspcc-dev/neofs-node/pkg/services/session/storage"
@ -159,6 +160,8 @@ type cfgObject struct {
metastorage bucket.Bucket
blobstorage bucket.Bucket
cnrClient *wrapper.Wrapper
}
const (

View file

@ -26,6 +26,7 @@ func initContainerService(c *cfg) {
fatalOnErr(err)
c.cfgObject.cnrStorage = wrap // use RPC node as source of containers
c.cfgObject.cnrClient = wrap
metaHdr := new(session.ResponseMetaHeader)
xHdr := new(session.XHeader)

View file

@ -16,6 +16,7 @@ import (
objectTransportGRPC "github.com/nspcc-dev/neofs-node/pkg/network/transport/object/grpc"
objectService "github.com/nspcc-dev/neofs-node/pkg/services/object"
"github.com/nspcc-dev/neofs-node/pkg/services/object/acl"
"github.com/nspcc-dev/neofs-node/pkg/services/object/acl/eacl"
deletesvc "github.com/nspcc-dev/neofs-node/pkg/services/object/delete"
deletesvcV2 "github.com/nspcc-dev/neofs-node/pkg/services/object/delete/v2"
getsvc "github.com/nspcc-dev/neofs-node/pkg/services/object/get"
@ -319,6 +320,11 @@ func initObjectService(c *cfg) {
),
),
),
acl.WithLocalStorage(ls),
acl.WithEACLValidatorOptions(
eacl.WithMorphClient(c.cfgObject.cnrClient),
eacl.WithLogger(c.log),
),
),
),
)

View file

@ -11,6 +11,8 @@ import (
"github.com/nspcc-dev/neofs-api-go/v2/object"
"github.com/nspcc-dev/neofs-api-go/v2/session"
core "github.com/nspcc-dev/neofs-node/pkg/core/container"
"github.com/nspcc-dev/neofs-node/pkg/local_object_storage/localstore"
"github.com/nspcc-dev/neofs-node/pkg/services/object/acl/eacl"
"github.com/pkg/errors"
)
@ -59,6 +61,16 @@ type cfg struct {
sender SenderClassifier
next object.Service
*eACLCfg
}
type eACLCfg struct {
eACLOpts []eacl.Option
eACL *eacl.Validator
localStorage *localstore.Storage
}
type accessErr struct {
@ -74,7 +86,9 @@ var (
)
func defaultCfg() *cfg {
return new(cfg)
return &cfg{
eACLCfg: new(eACLCfg),
}
}
// New is a constructor for object ACL checking service.
@ -85,6 +99,8 @@ func New(opts ...Option) Service {
opts[i](cfg)
}
cfg.eACL = eacl.NewValidator(cfg.eACLOpts...)
return Service{
cfg: cfg,
}

View file

@ -3,6 +3,8 @@ package acl
import (
"github.com/nspcc-dev/neofs-api-go/v2/object"
"github.com/nspcc-dev/neofs-node/pkg/core/container"
"github.com/nspcc-dev/neofs-node/pkg/local_object_storage/localstore"
"github.com/nspcc-dev/neofs-node/pkg/services/object/acl/eacl"
)
// WithContainerSource returns option to set container source.
@ -25,3 +27,17 @@ func WithNextService(v object.Service) Option {
c.next = v
}
}
// WithEACLValidator returns options to set eACL validator options.
func WithEACLValidatorOptions(v ...eacl.Option) Option {
return func(c *cfg) {
c.eACLOpts = v
}
}
// WithLocalStorage returns options to set local object storage.
func WithLocalStorage(v *localstore.Storage) Option {
return func(c *cfg) {
c.localStorage = v
}
}