frostfs-node/cmd/neofs-cli/modules/container.go

778 lines
20 KiB
Go
Raw Normal View History

package cmd
import (
"bytes"
"encoding/json"
"errors"
"fmt"
"os"
"strconv"
"strings"
"time"
"github.com/google/uuid"
"github.com/nspcc-dev/neofs-api-go/v2/refs"
internalclient "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/client"
"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/common"
"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/commonflags"
"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/key"
objectCli "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/modules/object"
sessionCli "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/modules/session"
"github.com/nspcc-dev/neofs-sdk-go/acl"
"github.com/nspcc-dev/neofs-sdk-go/container"
cid "github.com/nspcc-dev/neofs-sdk-go/container/id"
"github.com/nspcc-dev/neofs-sdk-go/eacl"
"github.com/nspcc-dev/neofs-sdk-go/netmap"
"github.com/nspcc-dev/neofs-sdk-go/object"
"github.com/nspcc-dev/neofs-sdk-go/policy"
"github.com/nspcc-dev/neofs-sdk-go/session"
subnetid "github.com/nspcc-dev/neofs-sdk-go/subnet/id"
"github.com/nspcc-dev/neofs-sdk-go/user"
versionSDK "github.com/nspcc-dev/neofs-sdk-go/version"
"github.com/spf13/cobra"
)
const (
attributeDelimiter = "="
awaitTimeout = 120 // in seconds
)
// keywords of predefined basic ACL values
const (
basicACLPrivate = "private"
basicACLReadOnly = "public-read"
basicACLPublic = "public-read-write"
basicACLAppend = "public-append"
basicACLNoFinalPrivate = "eacl-private"
basicACLNoFinalReadOnly = "eacl-public-read"
basicACLNoFinalPublic = "eacl-public-read-write"
basicACLNoFinalAppend = "eacl-public-append"
)
var wellKnownBasicACL = map[string]acl.BasicACL{
basicACLPublic: acl.PublicBasicRule,
basicACLPrivate: acl.PrivateBasicRule,
basicACLReadOnly: acl.ReadOnlyBasicRule,
basicACLAppend: acl.PublicAppendRule,
basicACLNoFinalPublic: acl.EACLPublicBasicRule,
basicACLNoFinalPrivate: acl.EACLPrivateBasicRule,
basicACLNoFinalReadOnly: acl.EACLReadOnlyBasicRule,
basicACLNoFinalAppend: acl.EACLPublicAppendRule,
}
var (
containerOwner string
containerACL string
containerNonce string
containerPolicy string
containerAttributes []string
containerAwait bool
containerName string
containerNoTimestamp bool
containerSubnet string
containerID string
containerPathFrom string
containerPathTo string
containerJSON bool
eaclPathFrom string
)
var (
errDeleteTimeout = errors.New("timeout: container has not been removed from sidechain")
errCreateTimeout = errors.New("timeout: container has not been persisted on sidechain")
errSetEACLTimeout = errors.New("timeout: EACL has not been persisted on sidechain")
)
// containerCmd represents the container command
var containerCmd = &cobra.Command{
Use: "container",
Short: "Operations with containers",
Long: "Operations with containers",
PersistentPreRun: func(cmd *cobra.Command, args []string) {
// bind exactly that cmd's flags to
// the viper before execution
commonflags.Bind(cmd)
commonflags.BindAPI(cmd)
},
}
var listContainersCmd = &cobra.Command{
Use: "list",
Short: "List all created containers",
Long: "List all created containers",
Run: func(cmd *cobra.Command, args []string) {
var idUser user.ID
key := key.GetOrGenerate(cmd)
if containerOwner == "" {
user.IDFromKey(&idUser, key.PublicKey)
} else {
err := idUser.DecodeString(containerOwner)
common.ExitOnErr(cmd, "invalid user ID: %w", err)
}
cli := internalclient.GetSDKClientByFlag(cmd, key, commonflags.RPC)
var prm internalclient.ListContainersPrm
prm.SetClient(cli)
prm.SetAccount(idUser)
res, err := internalclient.ListContainers(prm)
common.ExitOnErr(cmd, "rpc error: %w", err)
// print to stdout
prettyPrintContainerList(cmd, res.IDList())
},
}
var createContainerCmd = &cobra.Command{
Use: "create",
Short: "Create new container",
Long: `Create new container and register it in the NeoFS.
It will be stored in sidechain when inner ring will accepts it.`,
Run: func(cmd *cobra.Command, args []string) {
placementPolicy, err := parseContainerPolicy(containerPolicy)
common.ExitOnErr(cmd, "", err)
var subnetID subnetid.ID
err = subnetID.DecodeString(containerSubnet)
common.ExitOnErr(cmd, "could not parse subnetID: %w", err)
placementPolicy.SetSubnetID(&subnetID)
attributes, err := parseAttributes(containerAttributes)
common.ExitOnErr(cmd, "", err)
basicACL, err := parseBasicACL(containerACL)
common.ExitOnErr(cmd, "", err)
nonce, err := parseNonce(containerNonce)
common.ExitOnErr(cmd, "", err)
key := key.GetOrGenerate(cmd)
cnr := container.New()
var tok *session.Container
sessionTokenPath, _ := cmd.Flags().GetString(commonflags.SessionToken)
if sessionTokenPath != "" {
tok = new(session.Container)
common.ReadSessionToken(cmd, tok, sessionTokenPath)
issuer := tok.Issuer()
cnr.SetOwnerID(&issuer)
cnr.SetSessionToken(tok)
} else {
var idOwner user.ID
user.IDFromKey(&idOwner, key.PublicKey)
cnr.SetOwnerID(&idOwner)
}
ver := versionSDK.Current()
cnr.SetVersion(&ver)
cnr.SetPlacementPolicy(placementPolicy)
cnr.SetBasicACL(basicACL)
cnr.SetAttributes(attributes)
cnr.SetNonceUUID(nonce)
cnr.SetSessionToken(tok)
cli := internalclient.GetSDKClientByFlag(cmd, key, commonflags.RPC)
var putPrm internalclient.PutContainerPrm
putPrm.SetClient(cli)
putPrm.SetContainer(*cnr)
res, err := internalclient.PutContainer(putPrm)
common.ExitOnErr(cmd, "rpc error: %w", err)
id := res.ID()
cmd.Println("container ID:", id)
if containerAwait {
cmd.Println("awaiting...")
var getPrm internalclient.GetContainerPrm
getPrm.SetClient(cli)
getPrm.SetContainer(id)
for i := 0; i < awaitTimeout; i++ {
time.Sleep(1 * time.Second)
_, err := internalclient.GetContainer(getPrm)
if err == nil {
cmd.Println("container has been persisted on sidechain")
return
}
}
common.ExitOnErr(cmd, "", errCreateTimeout)
}
},
}
var deleteContainerCmd = &cobra.Command{
Use: "delete",
Short: "Delete existing container",
Long: `Delete existing container.
Only owner of the container has a permission to remove container.`,
Run: func(cmd *cobra.Command, args []string) {
id, err := parseContainerID(containerID)
common.ExitOnErr(cmd, "", err)
var tok *session.Container
sessionTokenPath, _ := cmd.Flags().GetString(commonflags.SessionToken)
if sessionTokenPath != "" {
tok = new(session.Container)
common.ReadSessionToken(cmd, tok, sessionTokenPath)
}
var (
delPrm internalclient.DeleteContainerPrm
getPrm internalclient.GetContainerPrm
)
prepareAPIClient(cmd, &delPrm, &getPrm)
delPrm.SetContainer(*id)
if tok != nil {
delPrm.WithinSession(*tok)
}
_, err = internalclient.DeleteContainer(delPrm)
common.ExitOnErr(cmd, "rpc error: %w", err)
cmd.Println("container delete method invoked")
if containerAwait {
cmd.Println("awaiting...")
getPrm.SetContainer(*id)
for i := 0; i < awaitTimeout; i++ {
time.Sleep(1 * time.Second)
_, err := internalclient.GetContainer(getPrm)
if err != nil {
cmd.Println("container has been removed:", containerID)
return
}
}
common.ExitOnErr(cmd, "", errDeleteTimeout)
}
},
}
var listContainerObjectsCmd = &cobra.Command{
Use: "list-objects",
Short: "List existing objects in container",
Long: `List existing objects in container`,
Run: func(cmd *cobra.Command, args []string) {
id, err := parseContainerID(containerID)
common.ExitOnErr(cmd, "", err)
filters := new(object.SearchFilters)
filters.AddRootFilter() // search only user created objects
pk := key.GetOrGenerate(cmd)
var prm internalclient.SearchObjectsPrm
sessionCli.Prepare(cmd, *id, nil, pk, &prm)
objectCli.Prepare(cmd, &prm)
prm.SetContainerID(*id)
prm.SetFilters(*filters)
res, err := internalclient.SearchObjects(prm)
common.ExitOnErr(cmd, "rpc error: %w", err)
objectIDs := res.IDList()
for i := range objectIDs {
cmd.Println(objectIDs[i])
}
},
}
var getContainerInfoCmd = &cobra.Command{
Use: "get",
Short: "Get container field info",
Long: `Get container field info`,
Run: func(cmd *cobra.Command, args []string) {
var cnr *container.Container
if containerPathFrom != "" {
data, err := os.ReadFile(containerPathFrom)
common.ExitOnErr(cmd, "can't read file: %w", err)
cnr = container.New()
err = cnr.Unmarshal(data)
common.ExitOnErr(cmd, "can't unmarshal container: %w", err)
} else {
id, err := parseContainerID(containerID)
common.ExitOnErr(cmd, "", err)
var prm internalclient.GetContainerPrm
prepareAPIClient(cmd, &prm)
prm.SetContainer(*id)
res, err := internalclient.GetContainer(prm)
common.ExitOnErr(cmd, "rpc error: %w", err)
cnr = res.Container()
}
prettyPrintContainer(cmd, cnr, containerJSON)
if containerPathTo != "" {
var (
data []byte
err error
)
if containerJSON {
data, err = cnr.MarshalJSON()
common.ExitOnErr(cmd, "can't JSON encode container: %w", err)
} else {
data, err = cnr.Marshal()
common.ExitOnErr(cmd, "can't binary encode container: %w", err)
}
err = os.WriteFile(containerPathTo, data, 0644)
common.ExitOnErr(cmd, "can't write container to file: %w", err)
}
},
}
var getExtendedACLCmd = &cobra.Command{
Use: "get-eacl",
Short: "Get extended ACL table of container",
Long: `Get extended ACL talbe of container`,
Run: func(cmd *cobra.Command, args []string) {
id, err := parseContainerID(containerID)
common.ExitOnErr(cmd, "", err)
var eaclPrm internalclient.EACLPrm
prepareAPIClient(cmd, &eaclPrm)
eaclPrm.SetContainer(*id)
res, err := internalclient.EACL(eaclPrm)
common.ExitOnErr(cmd, "rpc error: %w", err)
eaclTable := res.EACL()
sig := eaclTable.Signature()
// TODO(@cthulhu-rider): #1387 avoid type conversion
var sigV2 refs.Signature
sig.WriteToV2(&sigV2)
if containerPathTo == "" {
cmd.Println("eACL: ")
prettyPrintEACL(cmd, eaclTable)
var sigV2 refs.Signature
sig.WriteToV2(&sigV2)
cmd.Println("Signature:")
common.PrettyPrintJSON(cmd, &sigV2, "signature")
return
}
var data []byte
if containerJSON {
data, err = eaclTable.MarshalJSON()
common.ExitOnErr(cmd, "can't encode to JSON: %w", err)
} else {
data, err = eaclTable.Marshal()
common.ExitOnErr(cmd, "can't encode to binary: %w", err)
}
cmd.Println("dumping data to file:", containerPathTo)
cmd.Println("Signature:")
common.PrettyPrintJSON(cmd, &sigV2, "signature")
err = os.WriteFile(containerPathTo, data, 0644)
common.ExitOnErr(cmd, "could not write eACL to file: %w", err)
},
}
var setExtendedACLCmd = &cobra.Command{
Use: "set-eacl",
Short: "Set new extended ACL table for container",
Long: `Set new extended ACL table for container.
Container ID in EACL table will be substituted with ID from the CLI.`,
Run: func(cmd *cobra.Command, args []string) {
id, err := parseContainerID(containerID)
common.ExitOnErr(cmd, "", err)
eaclTable := common.ReadEACL(cmd, eaclPathFrom)
var tok *session.Container
sessionTokenPath, _ := cmd.Flags().GetString(commonflags.SessionToken)
if sessionTokenPath != "" {
tok = new(session.Container)
common.ReadSessionToken(cmd, tok, sessionTokenPath)
}
eaclTable.SetCID(*id)
eaclTable.SetSessionToken(tok)
var (
setEACLPrm internalclient.SetEACLPrm
getEACLPrm internalclient.EACLPrm
)
prepareAPIClient(cmd, &setEACLPrm, &getEACLPrm)
setEACLPrm.SetTable(*eaclTable)
_, err = internalclient.SetEACL(setEACLPrm)
common.ExitOnErr(cmd, "rpc error: %w", err)
if containerAwait {
exp, err := eaclTable.Marshal()
common.ExitOnErr(cmd, "broken EACL table: %w", err)
cmd.Println("awaiting...")
getEACLPrm.SetContainer(*id)
for i := 0; i < awaitTimeout; i++ {
time.Sleep(1 * time.Second)
res, err := internalclient.EACL(getEACLPrm)
if err == nil {
// compare binary values because EACL could have been set already
got, err := res.EACL().Marshal()
if err != nil {
continue
}
if bytes.Equal(exp, got) {
cmd.Println("EACL has been persisted on sidechain")
return
}
}
}
common.ExitOnErr(cmd, "", errSetEACLTimeout)
}
},
}
func initContainerListContainersCmd() {
commonflags.Init(listContainersCmd)
flags := listContainersCmd.Flags()
flags.StringVar(&containerOwner, "owner", "", "owner of containers (omit to use owner from private key)")
}
func initContainerCreateCmd() {
commonflags.Init(createContainerCmd)
flags := createContainerCmd.Flags()
flags.StringVar(&containerACL, "basic-acl", basicACLPrivate, fmt.Sprintf("hex encoded basic ACL value or keywords like '%s', '%s', '%s'", basicACLPublic, basicACLPrivate, basicACLNoFinalReadOnly))
flags.StringVarP(&containerPolicy, "policy", "p", "", "QL-encoded or JSON-encoded placement policy or path to file with it")
flags.StringSliceVarP(&containerAttributes, "attributes", "a", nil, "comma separated pairs of container attributes in form of Key1=Value1,Key2=Value2")
flags.StringVarP(&containerNonce, "nonce", "n", "", "UUIDv4 nonce value for container")
flags.BoolVar(&containerAwait, "await", false, "block execution until container is persisted")
flags.StringVar(&containerName, "name", "", "container name attribute")
flags.BoolVar(&containerNoTimestamp, "disable-timestamp", false, "disable timestamp container attribute")
flags.StringVar(&containerSubnet, "subnet", "", "string representation of container subnetwork")
}
func initContainerDeleteCmd() {
commonflags.Init(deleteContainerCmd)
flags := deleteContainerCmd.Flags()
flags.StringVar(&containerID, "cid", "", "container ID")
flags.BoolVar(&containerAwait, "await", false, "block execution until container is removed")
}
func initContainerListObjectsCmd() {
commonflags.Init(listContainerObjectsCmd)
flags := listContainerObjectsCmd.Flags()
flags.StringVar(&containerID, "cid", "", "container ID")
}
func initContainerInfoCmd() {
commonflags.Init(getContainerInfoCmd)
flags := getContainerInfoCmd.Flags()
flags.StringVar(&containerID, "cid", "", "container ID")
flags.StringVar(&containerPathTo, "to", "", "path to dump encoded container")
flags.StringVar(&containerPathFrom, "from", "", "path to file with encoded container")
flags.BoolVar(&containerJSON, "json", false, "print or dump container in JSON format")
}
func initContainerGetEACLCmd() {
commonflags.Init(getExtendedACLCmd)
flags := getExtendedACLCmd.Flags()
flags.StringVar(&containerID, "cid", "", "container ID")
flags.StringVar(&containerPathTo, "to", "", "path to dump encoded container (default: binary encoded)")
flags.BoolVar(&containerJSON, "json", false, "encode EACL table in json format")
}
func initContainerSetEACLCmd() {
commonflags.Init(setExtendedACLCmd)
flags := setExtendedACLCmd.Flags()
flags.StringVar(&containerID, "cid", "", "container ID")
flags.StringVar(&eaclPathFrom, "table", "", "path to file with JSON or binary encoded EACL table")
flags.BoolVar(&containerAwait, "await", false, "block execution until EACL is persisted")
}
func init() {
containerChildCommand := []*cobra.Command{
listContainersCmd,
createContainerCmd,
deleteContainerCmd,
listContainerObjectsCmd,
getContainerInfoCmd,
getExtendedACLCmd,
setExtendedACLCmd,
}
rootCmd.AddCommand(containerCmd)
containerCmd.AddCommand(containerChildCommand...)
// Here you will define your flags and configuration settings.
// Cobra supports Persistent Flags which will work for this command
// and all subcommands, e.g.:
// containerCmd.PersistentFlags().String("foo", "", "A help for foo")
// Cobra supports local flags which will only run when this command
// is called directly, e.g.:
// containerCmd.Flags().BoolP("toggle", "t", false, "Help message for toggle")
initContainerListContainersCmd()
initContainerCreateCmd()
initContainerDeleteCmd()
initContainerListObjectsCmd()
initContainerInfoCmd()
initContainerGetEACLCmd()
initContainerSetEACLCmd()
for _, containerCommand := range containerChildCommand {
commonflags.InitAPI(containerCommand)
}
for _, cmd := range []*cobra.Command{
createContainerCmd,
deleteContainerCmd,
setExtendedACLCmd,
} {
commonflags.InitSession(cmd)
}
}
func prettyPrintContainerList(cmd *cobra.Command, list []cid.ID) {
for i := range list {
cmd.Println(list[i])
}
}
func parseContainerPolicy(policyString string) (*netmap.PlacementPolicy, error) {
_, err := os.Stat(policyString) // check if `policyString` is a path to file with placement policy
if err == nil {
common.PrintVerbose("Reading placement policy from file: %s", policyString)
data, err := os.ReadFile(policyString)
if err != nil {
return nil, fmt.Errorf("can't read file with placement policy: %w", err)
}
policyString = string(data)
}
result, err := policy.Parse(policyString)
if err == nil {
common.PrintVerbose("Parsed QL encoded policy")
return result, nil
}
result = netmap.NewPlacementPolicy()
if err = result.UnmarshalJSON([]byte(policyString)); err == nil {
common.PrintVerbose("Parsed JSON encoded policy")
return result, nil
}
return nil, errors.New("can't parse placement policy")
}
func parseAttributes(attributes []string) ([]container.Attribute, error) {
result := make([]container.Attribute, len(attributes), len(attributes)+2) // name + timestamp attributes
for i := range attributes {
kvPair := strings.Split(attributes[i], attributeDelimiter)
if len(kvPair) != 2 {
return nil, errors.New("invalid container attribute")
}
result[i].SetKey(kvPair[0])
result[i].SetValue(kvPair[1])
}
if !containerNoTimestamp {
index := len(result)
result = append(result, container.Attribute{})
result[index].SetKey(container.AttributeTimestamp)
result[index].SetValue(strconv.FormatInt(time.Now().Unix(), 10))
}
if containerName != "" {
index := len(result)
result = append(result, container.Attribute{})
result[index].SetKey(container.AttributeName)
result[index].SetValue(containerName)
}
return result, nil
}
func parseBasicACL(basicACL string) (acl.BasicACL, error) {
if value, ok := wellKnownBasicACL[basicACL]; ok {
return value, nil
}
basicACL = strings.Trim(strings.ToLower(basicACL), "0x")
value, err := strconv.ParseUint(basicACL, 16, 32)
if err != nil {
return 0, fmt.Errorf("can't parse basic ACL: %s", basicACL)
}
return acl.BasicACL(value), nil
}
func parseNonce(nonce string) (uuid.UUID, error) {
if nonce == "" {
result := uuid.New()
common.PrintVerbose("Generating container nonce: %s", result)
return result, nil
}
uid, err := uuid.Parse(nonce)
if err != nil {
return uuid.UUID{}, fmt.Errorf("could not parse nonce: %w", err)
}
return uid, nil
}
func parseContainerID(idStr string) (*cid.ID, error) {
if idStr == "" {
return nil, errors.New("container ID is not set")
}
var id cid.ID
err := id.DecodeString(idStr)
if err != nil {
return nil, errors.New("can't decode container ID value")
}
return &id, nil
}
func prettyPrintContainer(cmd *cobra.Command, cnr *container.Container, jsonEncoding bool) {
if cnr == nil {
return
}
if jsonEncoding {
data, err := cnr.MarshalJSON()
if err != nil {
common.PrintVerbose("Can't convert container to json: %w", err)
return
}
buf := new(bytes.Buffer)
if err := json.Indent(buf, data, "", " "); err != nil {
common.PrintVerbose("Can't pretty print json: %w", err)
}
cmd.Println(buf)
return
}
id := container.CalculateID(cnr)
cmd.Println("container ID:", id)
v := cnr.Version()
cmd.Printf("version: %d.%d\n", v.Major(), v.Minor())
cmd.Println("owner ID:", cnr.OwnerID())
basicACL := cnr.BasicACL()
prettyPrintBasicACL(cmd, acl.BasicACL(basicACL))
for _, attribute := range cnr.Attributes() {
if attribute.Key() == container.AttributeTimestamp {
cmd.Printf("attribute: %s=%s (%s)\n",
attribute.Key(),
attribute.Value(),
common.PrettyPrintUnixTime(attribute.Value()))
continue
}
cmd.Printf("attribute: %s=%s\n", attribute.Key(), attribute.Value())
}
nonce, err := cnr.NonceUUID()
if err == nil {
cmd.Println("nonce:", nonce)
} else {
cmd.Println("invalid nonce:", err)
}
cmd.Println("placement policy:")
cmd.Println(strings.Join(policy.Encode(cnr.PlacementPolicy()), "\n"))
}
func prettyPrintEACL(cmd *cobra.Command, table *eacl.Table) {
common.PrettyPrintJSON(cmd, table, "eACL")
}
func prettyPrintBasicACL(cmd *cobra.Command, basicACL acl.BasicACL) {
cmd.Printf("basic ACL: %s", basicACL)
for k, v := range wellKnownBasicACL {
if v == basicACL {
cmd.Printf(" (%s)\n", k)
return
}
}
cmd.Println()
}