forked from TrueCloudLab/frostfs-s3-gw
cd64f41ce8
Make `tokens`, `authmate` and `layer` packages to depend from locally defined `NeoFS` interface of the virtual connection to NeoFS network. Create internal `neofs` package and implement these interfaces through `pool.Pool` there. Implement mediators between `NeoFS` interfaces and `neofs.NeoFS` implementation. Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
240 lines
5.8 KiB
Go
240 lines
5.8 KiB
Go
package layer
|
|
|
|
import (
|
|
"bytes"
|
|
"context"
|
|
"fmt"
|
|
"strconv"
|
|
"strings"
|
|
"time"
|
|
|
|
"github.com/nspcc-dev/neofs-s3-gw/api"
|
|
"github.com/nspcc-dev/neofs-s3-gw/api/data"
|
|
"github.com/nspcc-dev/neofs-s3-gw/api/errors"
|
|
"github.com/nspcc-dev/neofs-sdk-go/acl"
|
|
"github.com/nspcc-dev/neofs-sdk-go/container"
|
|
cid "github.com/nspcc-dev/neofs-sdk-go/container/id"
|
|
"github.com/nspcc-dev/neofs-sdk-go/eacl"
|
|
"github.com/nspcc-dev/neofs-sdk-go/session"
|
|
"go.uber.org/zap"
|
|
)
|
|
|
|
type (
|
|
// BucketACL extends BucketInfo by eacl.Table.
|
|
BucketACL struct {
|
|
Info *data.BucketInfo
|
|
EACL *eacl.Table
|
|
}
|
|
)
|
|
|
|
const locationConstraintAttr = ".s3-location-constraint"
|
|
|
|
func (n *layer) containerInfo(ctx context.Context, idCnr *cid.ID) (*data.BucketInfo, error) {
|
|
var (
|
|
err error
|
|
res *container.Container
|
|
rid = api.GetRequestID(ctx)
|
|
|
|
info = &data.BucketInfo{
|
|
CID: idCnr,
|
|
Name: idCnr.String(),
|
|
}
|
|
)
|
|
res, err = n.neoFS.Container(ctx, *idCnr)
|
|
if err != nil {
|
|
n.log.Error("could not fetch container",
|
|
zap.Stringer("cid", idCnr),
|
|
zap.String("request_id", rid),
|
|
zap.Error(err))
|
|
|
|
if strings.Contains(err.Error(), "container not found") {
|
|
return nil, errors.GetAPIError(errors.ErrNoSuchBucket)
|
|
}
|
|
return nil, err
|
|
}
|
|
|
|
info.Owner = res.OwnerID()
|
|
info.BasicACL = res.BasicACL()
|
|
|
|
for _, attr := range res.Attributes() {
|
|
switch key, val := attr.Key(), attr.Value(); key {
|
|
case container.AttributeName:
|
|
info.Name = val
|
|
case container.AttributeTimestamp:
|
|
unix, err := strconv.ParseInt(attr.Value(), 10, 64)
|
|
if err != nil {
|
|
n.log.Error("could not parse container creation time",
|
|
zap.Stringer("cid", idCnr),
|
|
zap.String("request_id", rid),
|
|
zap.String("created_at", val),
|
|
zap.Error(err))
|
|
|
|
continue
|
|
}
|
|
|
|
info.Created = time.Unix(unix, 0)
|
|
case locationConstraintAttr:
|
|
info.LocationConstraint = val
|
|
}
|
|
}
|
|
|
|
if err := n.bucketCache.Put(info); err != nil {
|
|
n.log.Warn("could not put bucket info into cache",
|
|
zap.Stringer("cid", idCnr),
|
|
zap.String("bucket_name", info.Name),
|
|
zap.Error(err))
|
|
}
|
|
|
|
return info, nil
|
|
}
|
|
|
|
func (n *layer) containerList(ctx context.Context) ([]*data.BucketInfo, error) {
|
|
var (
|
|
err error
|
|
own = n.Owner(ctx)
|
|
res []cid.ID
|
|
rid = api.GetRequestID(ctx)
|
|
)
|
|
res, err = n.neoFS.UserContainers(ctx, *own)
|
|
if err != nil {
|
|
n.log.Error("could not list user containers",
|
|
zap.String("request_id", rid),
|
|
zap.Error(err))
|
|
return nil, err
|
|
}
|
|
|
|
list := make([]*data.BucketInfo, 0, len(res))
|
|
for i := range res {
|
|
info, err := n.containerInfo(ctx, &res[i])
|
|
if err != nil {
|
|
n.log.Error("could not fetch container info",
|
|
zap.String("request_id", rid),
|
|
zap.Error(err))
|
|
continue
|
|
}
|
|
|
|
list = append(list, info)
|
|
}
|
|
|
|
return list, nil
|
|
}
|
|
|
|
func (n *layer) createContainer(ctx context.Context, p *CreateBucketParams) (*cid.ID, error) {
|
|
var err error
|
|
bktInfo := &data.BucketInfo{
|
|
Name: p.Name,
|
|
Owner: n.Owner(ctx),
|
|
Created: time.Now(),
|
|
BasicACL: p.ACL,
|
|
LocationConstraint: p.LocationConstraint,
|
|
}
|
|
|
|
var locConstAttr *container.Attribute
|
|
|
|
if p.LocationConstraint != "" {
|
|
locConstAttr = container.NewAttribute()
|
|
locConstAttr.SetKey(locationConstraintAttr)
|
|
locConstAttr.SetValue(p.LocationConstraint)
|
|
}
|
|
|
|
if bktInfo.CID, err = n.neoFS.CreateContainer(ctx, PrmContainerCreate{
|
|
Creator: *bktInfo.Owner,
|
|
Policy: *p.Policy,
|
|
Name: p.Name,
|
|
SessionToken: p.SessionToken,
|
|
Time: bktInfo.Created,
|
|
BasicACL: acl.BasicACL(p.ACL),
|
|
LocationConstraintAttribute: locConstAttr,
|
|
}); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if err = n.setContainerEACLTable(ctx, bktInfo.CID, p.EACL); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if err = n.bucketCache.Put(bktInfo); err != nil {
|
|
n.log.Warn("couldn't put bucket info into cache",
|
|
zap.String("bucket name", bktInfo.Name),
|
|
zap.Stringer("bucket cid", bktInfo.CID),
|
|
zap.Error(err))
|
|
}
|
|
|
|
return bktInfo.CID, nil
|
|
}
|
|
|
|
func (n *layer) setContainerEACLTable(ctx context.Context, cid *cid.ID, table *eacl.Table) error {
|
|
table.SetCID(cid)
|
|
|
|
boxData, err := GetBoxData(ctx)
|
|
if err == nil {
|
|
table.SetSessionToken(boxData.Gate.SessionTokenForSetEACL())
|
|
}
|
|
|
|
if err := n.neoFS.SetContainerEACL(ctx, *table); err != nil {
|
|
return err
|
|
}
|
|
|
|
return n.waitEACLPresence(ctx, *cid, table, defaultWaitParams())
|
|
}
|
|
|
|
func (n *layer) GetContainerEACL(ctx context.Context, cid *cid.ID) (*eacl.Table, error) {
|
|
return n.neoFS.ContainerEACL(ctx, *cid)
|
|
}
|
|
|
|
type waitParams struct {
|
|
WaitTimeout time.Duration
|
|
PollInterval time.Duration
|
|
}
|
|
|
|
func defaultWaitParams() *waitParams {
|
|
return &waitParams{
|
|
WaitTimeout: 60 * time.Second,
|
|
PollInterval: 3 * time.Second,
|
|
}
|
|
}
|
|
|
|
func (n *layer) waitEACLPresence(ctx context.Context, cid cid.ID, table *eacl.Table, params *waitParams) error {
|
|
exp, err := table.Marshal()
|
|
if err != nil {
|
|
return fmt.Errorf("couldn't marshal eacl: %w", err)
|
|
}
|
|
|
|
wctx, cancel := context.WithTimeout(ctx, params.WaitTimeout)
|
|
defer cancel()
|
|
ticker := time.NewTimer(params.PollInterval)
|
|
defer ticker.Stop()
|
|
wdone := wctx.Done()
|
|
done := ctx.Done()
|
|
var eaclTable *eacl.Table
|
|
var got []byte
|
|
for {
|
|
select {
|
|
case <-done:
|
|
return ctx.Err()
|
|
case <-wdone:
|
|
return wctx.Err()
|
|
case <-ticker.C:
|
|
eaclTable, err = n.neoFS.ContainerEACL(ctx, cid)
|
|
if err == nil {
|
|
got, err = eaclTable.Marshal()
|
|
if err != nil {
|
|
// not expected, but if occurred - doesn't make sense to continue
|
|
return fmt.Errorf("marshal received eACL: %w", err)
|
|
} else if bytes.Equal(exp, got) {
|
|
return nil
|
|
}
|
|
}
|
|
ticker.Reset(params.PollInterval)
|
|
}
|
|
}
|
|
}
|
|
|
|
func (n *layer) deleteContainer(ctx context.Context, idCnr *cid.ID) error {
|
|
var sessionToken *session.Token
|
|
boxData, err := GetBoxData(ctx)
|
|
if err == nil {
|
|
sessionToken = boxData.Gate.SessionTokenForDelete()
|
|
}
|
|
return n.neoFS.DeleteContainer(ctx, *idCnr, sessionToken)
|
|
}
|