forked from TrueCloudLab/frostfs-s3-gw
[#306] Simplify namespaces configuration
Resolve ns alias at the beginning of the request just once. Keep in ns map only one default ns key. Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
This commit is contained in:
parent
c4c199defe
commit
37be8851b3
5 changed files with 29 additions and 47 deletions
|
@ -489,8 +489,7 @@ func (h *handler) GetBucketPolicyHandler(w http.ResponseWriter, r *http.Request)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
resolvedNamespace := h.cfg.ResolveNamespaceAlias(reqInfo.Namespace)
|
jsonPolicy, err := h.ape.GetPolicy(reqInfo.Namespace, bktInfo.CID)
|
||||||
jsonPolicy, err := h.ape.GetPolicy(resolvedNamespace, bktInfo.CID)
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if strings.Contains(err.Error(), "not found") {
|
if strings.Contains(err.Error(), "not found") {
|
||||||
err = fmt.Errorf("%w: %s", errors.GetAPIError(errors.ErrNoSuchBucketPolicy), err.Error())
|
err = fmt.Errorf("%w: %s", errors.GetAPIError(errors.ErrNoSuchBucketPolicy), err.Error())
|
||||||
|
@ -516,16 +515,14 @@ func (h *handler) DeleteBucketPolicyHandler(w http.ResponseWriter, r *http.Reque
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
resolvedNamespace := h.cfg.ResolveNamespaceAlias(reqInfo.Namespace)
|
target := engine.NamespaceTarget(reqInfo.Namespace)
|
||||||
|
|
||||||
target := engine.NamespaceTarget(resolvedNamespace)
|
|
||||||
chainID := getBucketChainID(bktInfo)
|
chainID := getBucketChainID(bktInfo)
|
||||||
if err = h.ape.RemoveChain(target, chainID); err != nil {
|
if err = h.ape.RemoveChain(target, chainID); err != nil {
|
||||||
h.logAndSendError(w, "failed to remove morph rule chain", reqInfo, err)
|
h.logAndSendError(w, "failed to remove morph rule chain", reqInfo, err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
if err = h.ape.DeletePolicy(resolvedNamespace, bktInfo.CID); err != nil {
|
if err = h.ape.DeletePolicy(reqInfo.Namespace, bktInfo.CID); err != nil {
|
||||||
h.logAndSendError(w, "failed to delete policy from storage", reqInfo, err)
|
h.logAndSendError(w, "failed to delete policy from storage", reqInfo, err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
@ -581,15 +578,13 @@ func (h *handler) PutBucketPolicyHandler(w http.ResponseWriter, r *http.Request)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
resolvedNamespace := h.cfg.ResolveNamespaceAlias(reqInfo.Namespace)
|
target := engine.NamespaceTarget(reqInfo.Namespace)
|
||||||
|
|
||||||
target := engine.NamespaceTarget(resolvedNamespace)
|
|
||||||
if err = h.ape.AddChain(target, s3Chain); err != nil {
|
if err = h.ape.AddChain(target, s3Chain); err != nil {
|
||||||
h.logAndSendError(w, "failed to add morph rule chain", reqInfo, err)
|
h.logAndSendError(w, "failed to add morph rule chain", reqInfo, err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
if err = h.ape.PutPolicy(resolvedNamespace, bktInfo.CID, jsonPolicy); err != nil {
|
if err = h.ape.PutPolicy(reqInfo.Namespace, bktInfo.CID, jsonPolicy); err != nil {
|
||||||
h.logAndSendError(w, "failed to save policy to storage", reqInfo, err)
|
h.logAndSendError(w, "failed to save policy to storage", reqInfo, err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
|
@ -47,7 +47,6 @@ type (
|
||||||
IsResolveListAllow() bool
|
IsResolveListAllow() bool
|
||||||
BypassContentEncodingInChunks() bool
|
BypassContentEncodingInChunks() bool
|
||||||
MD5Enabled() bool
|
MD5Enabled() bool
|
||||||
ResolveNamespaceAlias(namespace string) string
|
|
||||||
}
|
}
|
||||||
|
|
||||||
FrostFSID interface {
|
FrostFSID interface {
|
||||||
|
|
|
@ -191,6 +191,7 @@ func GetReqLog(ctx context.Context) *zap.Logger {
|
||||||
|
|
||||||
type RequestSettings interface {
|
type RequestSettings interface {
|
||||||
NamespaceHeader() string
|
NamespaceHeader() string
|
||||||
|
ResolveNamespaceAlias(string) string
|
||||||
}
|
}
|
||||||
|
|
||||||
func Request(log *zap.Logger, settings RequestSettings) Func {
|
func Request(log *zap.Logger, settings RequestSettings) Func {
|
||||||
|
@ -207,7 +208,7 @@ func Request(log *zap.Logger, settings RequestSettings) Func {
|
||||||
// set request info into context
|
// set request info into context
|
||||||
// bucket name and object will be set in reqInfo later (limitation of go-chi)
|
// bucket name and object will be set in reqInfo later (limitation of go-chi)
|
||||||
reqInfo := NewReqInfo(w, r, ObjectRequest{})
|
reqInfo := NewReqInfo(w, r, ObjectRequest{})
|
||||||
reqInfo.Namespace = r.Header.Get(settings.NamespaceHeader())
|
reqInfo.Namespace = settings.ResolveNamespaceAlias(r.Header.Get(settings.NamespaceHeader()))
|
||||||
r = r.WithContext(SetReqInfo(r.Context(), reqInfo))
|
r = r.WithContext(SetReqInfo(r.Context(), reqInfo))
|
||||||
|
|
||||||
// set request id into gRPC meta header
|
// set request id into gRPC meta header
|
||||||
|
|
|
@ -220,18 +220,28 @@ func newAppSettings(log *Logger, v *viper.Viper, key *keys.PrivateKey) *appSetti
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *appSettings) update(v *viper.Viper, log *zap.Logger, key *keys.PrivateKey) {
|
func (s *appSettings) update(v *viper.Viper, log *zap.Logger, key *keys.PrivateKey) {
|
||||||
s.setNamespaceHeader(v.GetString(cfgResolveNamespaceHeader)) // should be updated before placement policies
|
s.updateNamespacesSettings(v, log)
|
||||||
s.initPlacementPolicy(log, v)
|
|
||||||
s.useDefaultXMLNamespace(v.GetBool(cfgKludgeUseDefaultXMLNS))
|
s.useDefaultXMLNamespace(v.GetBool(cfgKludgeUseDefaultXMLNS))
|
||||||
s.setBypassContentEncodingInChunks(v.GetBool(cfgKludgeBypassContentEncodingCheckInChunks))
|
s.setBypassContentEncodingInChunks(v.GetBool(cfgKludgeBypassContentEncodingCheckInChunks))
|
||||||
s.setClientCut(v.GetBool(cfgClientCut))
|
s.setClientCut(v.GetBool(cfgClientCut))
|
||||||
s.setBufferMaxSizeForPut(v.GetUint64(cfgBufferMaxSizeForPut))
|
s.setBufferMaxSizeForPut(v.GetUint64(cfgBufferMaxSizeForPut))
|
||||||
s.setMD5Enabled(v.GetBool(cfgMD5Enabled))
|
s.setMD5Enabled(v.GetBool(cfgMD5Enabled))
|
||||||
s.setDefaultNamespaces(fetchDefaultNamespaces(log, v))
|
|
||||||
s.setAuthorizedControlAPIKeys(append(fetchAuthorizedKeys(log, v), key.PublicKey()))
|
s.setAuthorizedControlAPIKeys(append(fetchAuthorizedKeys(log, v), key.PublicKey()))
|
||||||
s.setPolicyDenyByDefault(v.GetBool(cfgPolicyDenyByDefault))
|
s.setPolicyDenyByDefault(v.GetBool(cfgPolicyDenyByDefault))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (s *appSettings) updateNamespacesSettings(v *viper.Viper, log *zap.Logger) {
|
||||||
|
nsHeader := v.GetString(cfgResolveNamespaceHeader)
|
||||||
|
nsConfig, defaultNamespaces := fetchNamespacesConfig(log, v)
|
||||||
|
|
||||||
|
s.mu.Lock()
|
||||||
|
defer s.mu.Unlock()
|
||||||
|
|
||||||
|
s.namespaceHeader = nsHeader
|
||||||
|
s.defaultNamespaces = defaultNamespaces
|
||||||
|
s.namespaces = nsConfig.Namespaces
|
||||||
|
}
|
||||||
|
|
||||||
func (s *appSettings) BypassContentEncodingInChunks() bool {
|
func (s *appSettings) BypassContentEncodingInChunks() bool {
|
||||||
s.mu.RLock()
|
s.mu.RLock()
|
||||||
defer s.mu.RUnlock()
|
defer s.mu.RUnlock()
|
||||||
|
@ -268,15 +278,6 @@ func (s *appSettings) setBufferMaxSizeForPut(size uint64) {
|
||||||
s.mu.Unlock()
|
s.mu.Unlock()
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *appSettings) initPlacementPolicy(l *zap.Logger, v *viper.Viper) {
|
|
||||||
nsConfig := fetchNamespacesConfig(l, v)
|
|
||||||
|
|
||||||
s.mu.Lock()
|
|
||||||
defer s.mu.Unlock()
|
|
||||||
|
|
||||||
s.namespaces = nsConfig.Namespaces
|
|
||||||
}
|
|
||||||
|
|
||||||
func (s *appSettings) DefaultPlacementPolicy(namespace string) netmap.PlacementPolicy {
|
func (s *appSettings) DefaultPlacementPolicy(namespace string) netmap.PlacementPolicy {
|
||||||
s.mu.RLock()
|
s.mu.RLock()
|
||||||
defer s.mu.RUnlock()
|
defer s.mu.RUnlock()
|
||||||
|
@ -357,33 +358,21 @@ func (s *appSettings) NamespaceHeader() string {
|
||||||
return s.namespaceHeader
|
return s.namespaceHeader
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *appSettings) setNamespaceHeader(nsHeader string) {
|
|
||||||
s.mu.Lock()
|
|
||||||
s.namespaceHeader = nsHeader
|
|
||||||
s.mu.Unlock()
|
|
||||||
}
|
|
||||||
|
|
||||||
func (s *appSettings) FormContainerZone(ns string) (zone string, isDefault bool) {
|
func (s *appSettings) FormContainerZone(ns string) (zone string, isDefault bool) {
|
||||||
if s.IsDefaultNamespace(ns) {
|
if len(ns) == 0 {
|
||||||
return v2container.SysAttributeZoneDefault, true
|
return v2container.SysAttributeZoneDefault, true
|
||||||
}
|
}
|
||||||
|
|
||||||
return ns + ".ns", false
|
return ns + ".ns", false
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *appSettings) IsDefaultNamespace(ns string) bool {
|
func (s *appSettings) isDefaultNamespace(ns string) bool {
|
||||||
s.mu.RLock()
|
s.mu.RLock()
|
||||||
namespaces := s.defaultNamespaces
|
namespaces := s.defaultNamespaces
|
||||||
s.mu.RUnlock()
|
s.mu.RUnlock()
|
||||||
return slices.Contains(namespaces, ns)
|
return slices.Contains(namespaces, ns)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *appSettings) setDefaultNamespaces(namespaces []string) {
|
|
||||||
s.mu.Lock()
|
|
||||||
s.defaultNamespaces = namespaces
|
|
||||||
s.mu.Unlock()
|
|
||||||
}
|
|
||||||
|
|
||||||
func (s *appSettings) FetchRawKeys() [][]byte {
|
func (s *appSettings) FetchRawKeys() [][]byte {
|
||||||
s.mu.RLock()
|
s.mu.RLock()
|
||||||
defer s.mu.RUnlock()
|
defer s.mu.RUnlock()
|
||||||
|
@ -402,7 +391,7 @@ func (s *appSettings) setAuthorizedControlAPIKeys(keys keys.PublicKeys) {
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *appSettings) ResolveNamespaceAlias(namespace string) string {
|
func (s *appSettings) ResolveNamespaceAlias(namespace string) string {
|
||||||
if s.IsDefaultNamespace(namespace) {
|
if s.isDefaultNamespace(namespace) {
|
||||||
return defaultNamespace
|
return defaultNamespace
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -515,7 +515,7 @@ func fetchDefaultNamespaces(l *zap.Logger, v *viper.Viper) []string {
|
||||||
return defaultNamespaces
|
return defaultNamespaces
|
||||||
}
|
}
|
||||||
|
|
||||||
func fetchNamespacesConfig(l *zap.Logger, v *viper.Viper) NamespacesConfig {
|
func fetchNamespacesConfig(l *zap.Logger, v *viper.Viper) (NamespacesConfig, []string) {
|
||||||
defaultNSRegionMap := fetchRegionMappingPolicies(l, v)
|
defaultNSRegionMap := fetchRegionMappingPolicies(l, v)
|
||||||
defaultNSRegionMap[defaultConstraintName] = fetchDefaultPolicy(l, v)
|
defaultNSRegionMap[defaultConstraintName] = fetchDefaultPolicy(l, v)
|
||||||
|
|
||||||
|
@ -551,15 +551,13 @@ func fetchNamespacesConfig(l *zap.Logger, v *viper.Viper) NamespacesConfig {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
for _, name := range defaultNamespacesNames {
|
nsConfig.Namespaces[defaultNamespace] = Namespace{
|
||||||
nsConfig.Namespaces[name] = Namespace{
|
Name: defaultNamespace,
|
||||||
Name: name,
|
LocationConstraints: defaultNSValue.LocationConstraints,
|
||||||
LocationConstraints: defaultNSValue.LocationConstraints,
|
CopiesNumbers: defaultNSValue.CopiesNumbers,
|
||||||
CopiesNumbers: defaultNSValue.CopiesNumbers,
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return nsConfig
|
return nsConfig, defaultNamespacesNames
|
||||||
}
|
}
|
||||||
|
|
||||||
func readNamespacesConfig(filepath string) (NamespacesConfig, error) {
|
func readNamespacesConfig(filepath string) (NamespacesConfig, error) {
|
||||||
|
|
Loading…
Reference in a new issue