package layer import ( "context" "fmt" "strconv" "git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api" "git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data" s3errors "git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/errors" "git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/middleware" "git.frostfs.info/TrueCloudLab/frostfs-s3-gw/internal/logs" "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/client" "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container" "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/acl" cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id" "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/eacl" "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/session" "go.uber.org/zap" ) type ( // BucketACL extends BucketInfo by eacl.Table. BucketACL struct { Info *data.BucketInfo EACL *eacl.Table } ) const ( attributeLocationConstraint = ".s3-location-constraint" AttributeLockEnabled = "LockEnabled" ) func (n *layer) containerInfo(ctx context.Context, prm PrmContainer) (*data.BucketInfo, error) { var ( err error res *container.Container log = n.reqLogger(ctx).With(zap.Stringer("cid", prm.ContainerID)) info = &data.BucketInfo{ CID: prm.ContainerID, Name: prm.ContainerID.EncodeToString(), } reqInfo = middleware.GetReqInfo(ctx) ) res, err = n.frostFS.Container(ctx, prm) if err != nil { if client.IsErrContainerNotFound(err) { return nil, fmt.Errorf("%w: %s", s3errors.GetAPIError(s3errors.ErrNoSuchBucket), err.Error()) } return nil, fmt.Errorf("get frostfs container: %w", err) } cnr := *res info.Owner = cnr.Owner() if domain := container.ReadDomain(cnr); domain.Name() != "" { info.Name = domain.Name() info.Zone = domain.Zone() } info.Created = container.CreatedAt(cnr) info.LocationConstraint = cnr.Attribute(attributeLocationConstraint) info.HomomorphicHashDisabled = container.IsHomomorphicHashingDisabled(cnr) info.APEEnabled = cnr.BasicACL().Bits() == 0 attrLockEnabled := cnr.Attribute(AttributeLockEnabled) if len(attrLockEnabled) > 0 { info.ObjectLockEnabled, err = strconv.ParseBool(attrLockEnabled) if err != nil { log.Error(logs.CouldNotParseContainerObjectLockEnabledAttribute, zap.String("lock_enabled", attrLockEnabled), zap.Error(err), ) } } zone, _ := n.features.FormContainerZone(reqInfo.Namespace) if zone != info.Zone { return nil, fmt.Errorf("ns '%s' and zone '%s' are mismatched for container '%s'", zone, info.Zone, prm.ContainerID) } n.cache.PutBucket(info) return info, nil } func (n *layer) containerList(ctx context.Context) ([]*data.BucketInfo, error) { stoken := n.SessionTokenForRead(ctx) prm := PrmUserContainers{ UserID: n.BearerOwner(ctx), SessionToken: stoken, } res, err := n.frostFS.UserContainers(ctx, prm) if err != nil { n.reqLogger(ctx).Error(logs.CouldNotListUserContainers, zap.Error(err)) return nil, err } list := make([]*data.BucketInfo, 0, len(res)) for i := range res { getPrm := PrmContainer{ ContainerID: res[i], SessionToken: stoken, } info, err := n.containerInfo(ctx, getPrm) if err != nil { n.reqLogger(ctx).Error(logs.CouldNotFetchContainerInfo, zap.Error(err)) continue } list = append(list, info) } return list, nil } func (n *layer) createContainer(ctx context.Context, p *CreateBucketParams) (*data.BucketInfo, error) { if p.LocationConstraint == "" { p.LocationConstraint = api.DefaultLocationConstraint // s3tests_boto3.functional.test_s3:test_bucket_get_location } zone, _ := n.features.FormContainerZone(p.Namespace) bktInfo := &data.BucketInfo{ Name: p.Name, Zone: zone, Owner: n.BearerOwner(ctx), Created: TimeNow(ctx), LocationConstraint: p.LocationConstraint, ObjectLockEnabled: p.ObjectLockEnabled, APEEnabled: p.APEEnabled, } attributes := [][2]string{ {attributeLocationConstraint, p.LocationConstraint}, } if p.ObjectLockEnabled { attributes = append(attributes, [2]string{ AttributeLockEnabled, "true", }) } basicACL := acl.PublicRWExtended if p.APEEnabled { basicACL = 0 } res, err := n.frostFS.CreateContainer(ctx, PrmContainerCreate{ Creator: bktInfo.Owner, Policy: p.Policy, Name: p.Name, Zone: zone, SessionToken: p.SessionContainerCreation, CreationTime: bktInfo.Created, AdditionalAttributes: attributes, BasicACL: basicACL, }) if err != nil { return nil, fmt.Errorf("create container: %w", err) } bktInfo.CID = res.ContainerID bktInfo.HomomorphicHashDisabled = res.HomomorphicHashDisabled n.cache.PutBucket(bktInfo) return bktInfo, nil } func (n *layer) setContainerEACLTable(ctx context.Context, idCnr cid.ID, table *eacl.Table, sessionToken *session.Container) error { table.SetCID(idCnr) return n.frostFS.SetContainerEACL(ctx, *table, sessionToken) } func (n *layer) GetContainerEACL(ctx context.Context, cnrID cid.ID) (*eacl.Table, error) { prm := PrmContainerEACL{ ContainerID: cnrID, SessionToken: n.SessionTokenForRead(ctx), } return n.frostFS.ContainerEACL(ctx, prm) }