diff --git a/eacl/record.go b/eacl/record.go index 9495010..722a4bc 100644 --- a/eacl/record.go +++ b/eacl/record.go @@ -20,22 +20,22 @@ import ( type Record struct { action Action operation Operation - filters []*Filter - targets []*Target + filters []Filter + targets []Target } // Targets returns list of target subjects to apply ACL rule to. -func (r Record) Targets() []*Target { +func (r Record) Targets() []Target { return r.targets } // SetTargets sets list of target subjects to apply ACL rule to. -func (r *Record) SetTargets(targets ...*Target) { +func (r *Record) SetTargets(targets ...Target) { r.targets = targets } // Filters returns list of filters to match and see if rule is applicable. -func (r Record) Filters() []*Filter { +func (r Record) Filters() []Filter { return r.filters } @@ -61,7 +61,7 @@ func (r *Record) SetAction(action Action) { // AddRecordTarget adds single Target to the Record. func AddRecordTarget(r *Record, t *Target) { - r.SetTargets(append(r.Targets(), t)...) + r.SetTargets(append(r.Targets(), *t)...) } // AddFormedTarget forms Target with specified Role and list of @@ -75,7 +75,7 @@ func AddFormedTarget(r *Record, role Role, keys ...ecdsa.PublicKey) { } func (r *Record) addFilter(from FilterHeaderType, m Match, keyTyp filterKeyType, key string, val fmt.Stringer) { - filter := &Filter{ + filter := Filter{ from: from, key: filterKey{ typ: keyTyp, @@ -162,18 +162,18 @@ func (r *Record) ToV2() *v2acl.Record { v2 := new(v2acl.Record) if r.targets != nil { - targets := make([]*v2acl.Target, 0, len(r.targets)) - for _, target := range r.targets { - targets = append(targets, target.ToV2()) + targets := make([]v2acl.Target, len(r.targets)) + for i := range r.targets { + targets[i] = *r.targets[i].ToV2() } v2.SetTargets(targets) } if r.filters != nil { - filters := make([]*v2acl.HeaderFilter, 0, len(r.filters)) - for _, filter := range r.filters { - filters = append(filters, filter.ToV2()) + filters := make([]v2acl.HeaderFilter, len(r.filters)) + for i := range r.filters { + filters[i] = *r.filters[i].ToV2() } v2.SetFilters(filters) @@ -201,8 +201,8 @@ func CreateRecord(action Action, operation Operation) *Record { r := NewRecord() r.action = action r.operation = operation - r.targets = []*Target{} - r.filters = []*Filter{} + r.targets = []Target{} + r.filters = []Filter{} return r } @@ -221,14 +221,14 @@ func NewRecordFromV2(record *v2acl.Record) *Record { v2targets := record.GetTargets() v2filters := record.GetFilters() - r.targets = make([]*Target, 0, len(v2targets)) + r.targets = make([]Target, len(v2targets)) for i := range v2targets { - r.targets = append(r.targets, NewTargetFromV2(v2targets[i])) + r.targets[i] = *NewTargetFromV2(&v2targets[i]) } - r.filters = make([]*Filter, 0, len(v2filters)) + r.filters = make([]Filter, len(v2filters)) for i := range v2filters { - r.filters = append(r.filters, NewFilterFromV2(v2filters[i])) + r.filters[i] = *NewFilterFromV2(&v2filters[i]) } return r diff --git a/eacl/record_test.go b/eacl/record_test.go index 73b7c8b..edc1945 100644 --- a/eacl/record_test.go +++ b/eacl/record_test.go @@ -63,18 +63,14 @@ func TestAddFormedTarget(t *testing.T) { }, } - targets := make([]*Target, 0, len(items)) + targets := make([]Target, len(items)) r := NewRecord() - for _, item := range items { - tgt := NewTarget() - tgt.SetRole(item.role) - SetTargetECDSAKeys(tgt, ecdsaKeysToPtrs(item.keys)...) - - targets = append(targets, tgt) - - AddFormedTarget(r, item.role, item.keys...) + for i := range items { + targets[i].SetRole(items[i].role) + SetTargetECDSAKeys(&targets[i], ecdsaKeysToPtrs(items[i].keys)...) + AddFormedTarget(r, items[i].role, items[i].keys...) } tgts := r.Targets() @@ -86,9 +82,9 @@ func TestAddFormedTarget(t *testing.T) { } func TestRecord_AddFilter(t *testing.T) { - filters := []*Filter{ - newObjectFilter(MatchStringEqual, "some name", "ContainerID"), - newObjectFilter(MatchStringNotEqual, "X-Header-Name", "X-Header-Value"), + filters := []Filter{ + *newObjectFilter(MatchStringEqual, "some name", "ContainerID"), + *newObjectFilter(MatchStringNotEqual, "X-Header-Name", "X-Header-Value"), } r := NewRecord() diff --git a/eacl/table.go b/eacl/table.go index 04dc64b..0397b16 100644 --- a/eacl/table.go +++ b/eacl/table.go @@ -18,7 +18,7 @@ type Table struct { cid *cid.ID token *session.Token sig *signature.Signature - records []*Record + records []Record } // CID returns identifier of the container that should use given access control rules. @@ -42,14 +42,14 @@ func (t *Table) SetVersion(version version.Version) { } // Records returns list of extended ACL rules. -func (t Table) Records() []*Record { +func (t Table) Records() []Record { return t.records } // AddRecord adds single eACL rule. func (t *Table) AddRecord(r *Record) { if r != nil { - t.records = append(t.records, r) + t.records = append(t.records, *r) } } @@ -90,9 +90,9 @@ func (t *Table) ToV2() *v2acl.Table { } if t.records != nil { - records := make([]*v2acl.Record, 0, len(t.records)) - for _, record := range t.records { - records = append(records, record.ToV2()) + records := make([]v2acl.Record, len(t.records)) + for i := range t.records { + records[i] = *t.records[i].ToV2() } v2.SetRecords(records) @@ -157,10 +157,10 @@ func NewTableFromV2(table *v2acl.Table) *Table { // set eacl records v2records := table.GetRecords() - t.records = make([]*Record, 0, len(v2records)) + t.records = make([]Record, len(v2records)) for i := range v2records { - t.records = append(t.records, NewRecordFromV2(v2records[i])) + t.records[i] = *NewRecordFromV2(&v2records[i]) } return t diff --git a/eacl/table_test.go b/eacl/table_test.go index 410eada..18331b0 100644 --- a/eacl/table_test.go +++ b/eacl/table_test.go @@ -51,14 +51,14 @@ func TestTable(t *testing.T) { } func TestTable_AddRecord(t *testing.T) { - records := []*eacl.Record{ - eacl.CreateRecord(eacl.ActionDeny, eacl.OperationDelete), - eacl.CreateRecord(eacl.ActionAllow, eacl.OperationPut), + records := []eacl.Record{ + *eacl.CreateRecord(eacl.ActionDeny, eacl.OperationDelete), + *eacl.CreateRecord(eacl.ActionAllow, eacl.OperationPut), } table := eacl.NewTable() for _, record := range records { - table.AddRecord(record) + table.AddRecord(&record) } require.Equal(t, records, table.Records()) diff --git a/eacl/test/generate.go b/eacl/test/generate.go index e5e0c37..895d11e 100644 --- a/eacl/test/generate.go +++ b/eacl/test/generate.go @@ -26,7 +26,7 @@ func Record() *eacl.Record { x.SetAction(eacl.ActionAllow) x.SetOperation(eacl.OperationRangeHash) - x.SetTargets(Target(), Target()) + x.SetTargets(*Target(), *Target()) x.AddObjectContainerIDFilter(eacl.MatchStringEqual, cidtest.ID()) x.AddObjectOwnerIDFilter(eacl.MatchStringNotEqual, ownertest.ID()) diff --git a/eacl/validator.go b/eacl/validator.go index 1c09dea..e8719e1 100644 --- a/eacl/validator.go +++ b/eacl/validator.go @@ -30,7 +30,7 @@ func (v *Validator) CalculateAction(unit *ValidationUnit) Action { } // check target - if !targetMatches(unit, record) { + if !targetMatches(unit, &record) { continue } @@ -51,7 +51,7 @@ func (v *Validator) CalculateAction(unit *ValidationUnit) Action { // - positive value if no matching header is found for at least one filter; // - zero if at least one suitable header is found for all filters; // - negative value if the headers of at least one filter cannot be obtained. -func matchFilters(hdrSrc TypedHeaderSource, filters []*Filter) int { +func matchFilters(hdrSrc TypedHeaderSource, filters []Filter) int { matched := 0 for _, filter := range filters { @@ -79,7 +79,7 @@ func matchFilters(hdrSrc TypedHeaderSource, filters []*Filter) int { } // check match - if !matchFn(header, filter) { + if !matchFn(header, &filter) { continue } diff --git a/eacl/validator_test.go b/eacl/validator_test.go index 1f0749d..8457f7c 100644 --- a/eacl/validator_test.go +++ b/eacl/validator_test.go @@ -8,7 +8,7 @@ import ( ) func TestFilterMatch(t *testing.T) { - tgt := NewTarget() + tgt := *NewTarget() tgt.SetRole(RoleOthers) t.Run("simple header match", func(t *testing.T) { @@ -115,7 +115,7 @@ func TestFilterMatch(t *testing.T) { } func TestOperationMatch(t *testing.T) { - tgt := NewTarget() + tgt := *NewTarget() tgt.SetRole(RoleOthers) t.Run("single operation", func(t *testing.T) { @@ -161,7 +161,7 @@ func TestTargetMatches(t *testing.T) { tgt2.SetRole(RoleOthers) r := NewRecord() - r.SetTargets(tgt1, tgt2) + r.SetTargets(*tgt1, *tgt2) u := newValidationUnit(RoleUser, pubs[0], nil) require.True(t, targetMatches(u, r)) @@ -224,7 +224,7 @@ func (h headers) HeadersOfType(ht FilterHeaderType) ([]Header, bool) { } } -func newRecord(a Action, op Operation, tgt ...*Target) *Record { +func newRecord(a Action, op Operation, tgt ...Target) *Record { r := NewRecord() r.SetAction(a) r.SetOperation(op)