forked from TrueCloudLab/frostfs-node
[#1628] tree: Make ACL checks the same way as for object requests
1. Do not require a request to be signed by the container owner if a bearer token is missing 2. Do not check the system role since public requests are not expected to be signed by IR or a container node (unlike the object requests) Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
This commit is contained in:
Pavel Karpy
parent
4f18893d9b
commit
876e014b5d
5 changed files with 171 additions and 72 deletions
|
|
@ -21,6 +21,7 @@ func initTreeService(c *cfg) {
|
|||
|
||||
c.treeService = tree.New(
|
||||
tree.WithContainerSource(c.cfgObject.cnrSource),
|
||||
tree.WithEACLSource(c.cfgObject.eaclSource),
|
||||
tree.WithNetmapSource(c.netMapSource),
|
||||
tree.WithPrivateKey(&c.key.PrivateKey),
|
||||
tree.WithLogger(c.log),
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue