frostfs-api/container/types.proto
alexvanin 18b698d429 container: Replace AccessGroup with BasicACL
With new ACL conception, access control lists in NeoFS
defined as a required basic ACL and optional extended ACL.

Basic ACL must be set up in container structure. It is a bit
mask stored in 32-bit unsigned integer.

Seven nibbles represent seven object operations: get, put,
head, search, delete, range, range-hash.

Every nibble defines access rules for three targets: user,
owner, others and has permission bit for bearer token.

There is a permission bit for extended ACL and three unused
bits.
2020-04-01 21:06:54 +03:00

24 lines
1.1 KiB
Protocol Buffer

syntax = "proto3";
package container;
option go_package = "github.com/nspcc-dev/neofs-api-go/container";
option csharp_namespace = "NeoFS.API.Container";
import "github.com/nspcc-dev/netmap/selector.proto";
import "github.com/gogo/protobuf/gogoproto/gogo.proto";
option (gogoproto.stable_marshaler_all) = true;
// The Container service definition.
message Container {
// OwnerID is a wallet address.
bytes OwnerID = 1 [(gogoproto.customtype) = "OwnerID", (gogoproto.nullable) = false];
// Salt is a nonce for unique container id calculation.
bytes Salt = 2 [(gogoproto.customtype) = "UUID", (gogoproto.nullable) = false];
// Capacity defines amount of data that can be stored in the container (doesn't used for now).
uint64 Capacity = 3;
// Rules define storage policy for the object inside the container.
netmap.PlacementRule Rules = 4 [(gogoproto.nullable) = false];
// BasicACL with access control rules for owner, system, others and
// permission bits for bearer token and extended ACL.
uint32 BasicACL = 5;
}