package policy import ( policycontract "git.frostfs.info/TrueCloudLab/frostfs-contract/policy" "git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/cache" "git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/handler" cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id" "git.frostfs.info/TrueCloudLab/policy-engine/pkg/chain" "git.frostfs.info/TrueCloudLab/policy-engine/pkg/engine" "git.frostfs.info/TrueCloudLab/policy-engine/pkg/engine/inmemory" "git.frostfs.info/TrueCloudLab/policy-engine/pkg/resource" "github.com/nspcc-dev/neo-go/pkg/util" "go.uber.org/zap" ) type Storage struct { router engine.ChainRouter morph handler.MorphRuleChainStorage local engine.LocalOverrideStorage policy handler.PolicyStorage } type StorageConfig struct { Contract Contract Cache *cache.MorphPolicyCache Log *zap.Logger } type Contract interface { AddChain(kind policycontract.Kind, entity string, name []byte, chain []byte) (util.Uint256, uint32, error) GetChain(kind policycontract.Kind, entity string, name []byte) ([]byte, error) RemoveChain(kind policycontract.Kind, entity string, name []byte) (util.Uint256, uint32, error) ListChains(kind policycontract.Kind, entity string, name []byte) ([][]byte, error) Wait(tx util.Uint256, vub uint32, err error) error } var _ handler.APE = (*Storage)(nil) func NewStorage(cfg StorageConfig) *Storage { // todo use thread safe inmemory https://git.frostfs.info/TrueCloudLab/policy-engine/issues/35 local := inmemory.NewInmemoryLocalStorage() morph := NewMorphRuleChainStorage(&MorphRuleChainStorageConfig{ Contract: cfg.Contract, Cache: cfg.Cache, Log: cfg.Log, }) policyStorage := NewMorphPolicyStorage(&MorphPolicyStorageConfig{ Contract: cfg.Contract, Log: cfg.Log, }) return &Storage{ router: engine.NewDefaultChainRouterWithLocalOverrides(morph, local), morph: morph, local: local, policy: policyStorage, } } func (s *Storage) IsAllowed(name chain.Name, target engine.RequestTarget, r resource.Request) (status chain.Status, found bool, err error) { return s.router.IsAllowed(name, target, r) } func (s *Storage) LocalStorage() engine.LocalOverrideStorage { return s.local } func (s *Storage) AddChain(target engine.Target, policyChain *chain.Chain) error { return s.morph.AddChain(target, policyChain) } func (s *Storage) RemoveChain(target engine.Target, chainID chain.ID) error { return s.morph.RemoveChain(target, chainID) } func (s *Storage) ListChains(target engine.Target) ([]*chain.Chain, error) { return s.morph.ListChains(target) } func (s *Storage) PutPolicy(namespace string, cnrID cid.ID, policy []byte) error { return s.policy.PutPolicy(namespace, cnrID, policy) } func (s *Storage) GetPolicy(namespace string, cnrID cid.ID) ([]byte, error) { return s.policy.GetPolicy(namespace, cnrID) } func (s *Storage) DeletePolicy(namespace string, cnrID cid.ID) error { return s.policy.DeletePolicy(namespace, cnrID) }