frostfs-s3-gw

Author	SHA1	Message	Date
Alex Vanin	6bf6a3b1a3	[#362 ] Check user and groups during policy check Signed-off-by: Alex Vanin <a.vanin@yadro.com>	2024-05-08 15:25:14 +03:00
Marina Biryukova	2ab655b909	[#380 ] Add test for credentials versioning Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>	2024-05-03 07:24:13 +00:00
Pavel Pogodaev	3c436d8de9	[#365 ] Include iam user tags in query Signed-off-by: Pavel Pogodaev <p.pogodaev@yadro.com>	2024-04-22 10:47:43 +03:00
Marina Biryukova	e22ff52165	[#367 ] Add check of AccessBox attributes Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>	2024-04-19 06:25:26 +00:00
Denis Kirillov	5315f7b733	[#269 ] Create frostfsid wrapper with cache Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-04-18 09:32:30 +03:00
Denis Kirillov	29a2dae40c	[#269 ] Move frostfsid client to separate package Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-04-17 12:11:23 +03:00
Alex Vanin	6da1acc554	[#360 ] Use 'c' prefix for bucket policies instead of 'n' With 'c' prefix, acl chains become shorter, thus gateway receives shorter results and avoids sessions to neo-go. There is still issue with many IAM rules. Signed-off-by: Alex Vanin <a.vanin@yadro.com>	2024-04-10 17:56:47 +03:00
Alex Vanin	cb83f7646f	[#347 ] port: Explicitly specify sorting order of subtree for object listing Signed-off-by: Alex Vanin <a.vanin@yadro.com>	2024-04-09 18:57:47 +03:00
Denis Kirillov	8407b3ea4c	[#352 ] policy: Use iterators to list chains Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-04-04 12:51:12 +00:00
Denis Kirillov	8669bf6b50	[#346 ] acl: Update APE and fix using * Remove native policy when remove bucket policy * Allow policies that contain only s3 compatible statements (now deny rules cannot be converted to native rules) Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-04-02 12:43:04 +00:00
Pavel Pogodaev	bfcde09f07	[#291 ] server auto re-binding Signed-off-by: Pavel Pogodaev <p.pogodaev@yadro.com>	2024-03-27 14:28:50 +03:00
Denis Kirillov	80c7b73eb9	[#306 ] In APE buckets forbid canned acl except private Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-03-19 16:57:26 +03:00
Denis Kirillov	62cc5a04a7	[#328 ] Log error on failed response writing Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-03-15 11:02:26 +03:00
Denis Kirillov	6788306998	[#328 ] Log invalid tree service KVs Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-03-04 15:35:23 +03:00
Denis Kirillov	4ee3648183	[#328 ] Log invalid lock enabled header Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-03-04 15:09:51 +03:00
Denis Kirillov	ee48d1dc85	[#325 ] Log error on failed request id generation Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-03-04 09:49:41 +00:00
Marina Biryukova	70043c4800	[#324 ] Close nns resolver after use Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>	2024-03-04 09:06:26 +00:00
Denis Kirillov	8050ca2d51	[#306 ] Use session token for container read operations Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-03-01 18:14:33 +03:00
Denis Kirillov	fabb4134bc	[#318 ] Use log msg from constants Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-02-29 17:30:28 +03:00
Denis Kirillov	4741e74210	[#318 ] Log successfully authenticated accessKeyIDs Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-02-29 17:30:28 +03:00
Marina Biryukova	31da31862a	[#300 ] Update error logging in DeleteMultipleObjects Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>	2024-02-29 14:24:32 +00:00
Denis Kirillov	56b50f2075	[#306 ] Remove flag to disable policy contract Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-02-28 17:50:08 +03:00
Denis Kirillov	8f89f275bd	[#306 ] Save bucket policy as native chain Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-02-28 17:50:08 +03:00
Denis Kirillov	bac1b3fb2d	[#306 ] Use zero basic acl to mark APE containers Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-02-28 17:50:08 +03:00
Denis Kirillov	c452d58ce2	[#306 ] Reduce number of policy contract invocations Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-02-28 17:50:08 +03:00
Denis Kirillov	d9d12debc3	[#306 ] Add tests Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-02-28 17:50:08 +03:00
Denis Kirillov	3d0d2032c6	[#306 ] acl: Handle put/get acl for APE buckets Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-02-28 17:50:08 +03:00
Denis Kirillov	1f2cf0ed67	[#306 ] Use APE instead of eACL on bucket creation Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-02-28 17:50:08 +03:00
Marina Biryukova	391fc9cbe3	[#311 ] Change object owner for anonymous put Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>	2024-02-21 15:03:16 +00:00
Denis Kirillov	4eb2c7fb7d	[#290 ] Fix TestErrorTimeoutChecking test Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-02-20 11:39:49 +00:00
Denis Kirillov	924e87face	[#305 ] Support checking if accessbox was removed Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-02-09 09:41:48 +03:00
Denis Kirillov	5121c73d3f	[#307 ] Update APE Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-02-07 12:24:13 +03:00
Denis Kirillov	69297a4a38	[#165 ] Delete object from tree in case of storage error Extend storage node errors in case of which we continue deleting from tree with 'object not found' error Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-02-02 16:15:08 +03:00
Denis Kirillov	71d82d1cc8	[#165 ] Fix lint issues Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-02-02 16:15:08 +03:00
Denis Kirillov	4e15452853	[#165 ] Fix lint errors Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-02-02 16:09:48 +03:00
Denis Kirillov	b52552e8c2	[#165 ] Add batching in streamin listing Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-02-02 16:09:48 +03:00
Denis Kirillov	6e8960b2ab	[#165 ] Add list session cache Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-02-02 16:09:48 +03:00
Denis Kirillov	29ac91dfd5	[#165 ] Support streaming listing Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-02-02 16:09:48 +03:00
Denis Kirillov	eae49908da	[#292 ] authmate: Support custom attributes Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-01-22 10:02:43 +03:00
Marina Biryukova	c32220762f	[#288 ] Fix possibility of panic during SIGHUP Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>	2024-01-09 10:53:54 +03:00
Denis Kirillov	899213b3f3	[#287 ] Support proxy for frostfsid and policy contracts Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2023-12-22 15:45:10 +03:00
Denis Kirillov	3b6d2bc522	[#287 ] authmate: Support frostfsid proxy and namespace Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2023-12-22 15:43:14 +03:00
Denis Kirillov	5698d5844e	[#283 ] Support frostfsid groups in policy request checking Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2023-12-21 14:21:36 +03:00
Denis Kirillov	8273af8bf8	[#261 ] Make PutBucketPolicy handler use policy contract Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2023-12-18 15:49:54 +03:00
Denis Kirillov	6dbb07f0fa	[#261 ] Update policy-engine dependency Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2023-12-14 17:52:13 +03:00
Denis Kirillov	9272f4e108	[#259 ] Support contract based policies Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2023-12-11 10:01:46 +03:00
Denis Kirillov	473239bf36	[#257 ] Add policy checker Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2023-12-06 17:47:51 +03:00
Denis Kirillov	42862fd69e	[#258 ] Support policy management in control svc Add PutPolicies, RemovePolicies, GetPolicy, ListPolicies methods Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2023-12-01 15:47:12 +03:00
Denis Kirillov	c7a65bd075	[#258 ] Add control service Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2023-12-01 14:17:06 +03:00
Denis Kirillov	28c6bb4cb8	[#266 ] Support per namespace placement policies configuration Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2023-11-28 16:12:42 +03:00

1 2 3 4

190 commits