diff --git a/cmd/frostfs-adm/internal/modules/morph/frostfsid_util.go b/cmd/frostfs-adm/internal/modules/morph/frostfsid_util.go index 248ad76b0..cfe3c1ee9 100644 --- a/cmd/frostfs-adm/internal/modules/morph/frostfsid_util.go +++ b/cmd/frostfs-adm/internal/modules/morph/frostfsid_util.go @@ -5,38 +5,29 @@ import ( "github.com/nspcc-dev/neo-go/pkg/crypto/keys" "github.com/nspcc-dev/neo-go/pkg/encoding/address" - "github.com/nspcc-dev/neo-go/pkg/smartcontract" "github.com/nspcc-dev/neo-go/pkg/util" "github.com/spf13/viper" ) -// neo-go doesn't support []util.Uint160 type: -// https://github.com/nspcc-dev/neo-go/blob/v0.103.0/pkg/smartcontract/parameter.go#L262 -// Thus, return []smartcontract.Parameter. -func getFrostfsIDAuthorizedKeys(v *viper.Viper, defaultOwner util.Uint160) ([]smartcontract.Parameter, error) { - var res []smartcontract.Parameter - res = append(res, smartcontract.Parameter{Type: smartcontract.Hash160Type, Value: defaultOwner}) - - ks := v.GetStringSlice(frostfsIDAuthorizedKeysConfigKey) - for i := range ks { - h, err := address.StringToUint160(ks[i]) - if err == nil { - res = append(res, smartcontract.Parameter{Type: smartcontract.Hash160Type, Value: h}) - continue - } - - h, err = util.Uint160DecodeStringLE(ks[i]) - if err == nil { - res = append(res, smartcontract.Parameter{Type: smartcontract.Hash160Type, Value: h}) - continue - } - - pk, err := keys.NewPublicKeyFromString(ks[i]) - if err == nil { - res = append(res, smartcontract.Parameter{Type: smartcontract.Hash160Type, Value: pk.GetScriptHash()}) - continue - } - return nil, fmt.Errorf("frostfsid: #%d item in authorized_keys is invalid: '%s'", i, ks[i]) +func getFrostfsIDAdmin(v *viper.Viper) (util.Uint160, bool, error) { + admin := v.GetString(frostfsIDAdminConfigKey) + if admin == "" { + return util.Uint160{}, false, nil } - return res, nil + + h, err := address.StringToUint160(admin) + if err == nil { + return h, true, nil + } + + h, err = util.Uint160DecodeStringLE(admin) + if err == nil { + return h, true, nil + } + + pk, err := keys.NewPublicKeyFromString(admin) + if err == nil { + return pk.GetScriptHash(), true, nil + } + return util.Uint160{}, true, fmt.Errorf("frostfsid: admin is invalid: '%s'", admin) } diff --git a/cmd/frostfs-adm/internal/modules/morph/frostfsid_util_test.go b/cmd/frostfs-adm/internal/modules/morph/frostfsid_util_test.go index f4b6a66f6..192dc9f12 100644 --- a/cmd/frostfs-adm/internal/modules/morph/frostfsid_util_test.go +++ b/cmd/frostfs-adm/internal/modules/morph/frostfsid_util_test.go @@ -6,8 +6,6 @@ import ( "github.com/nspcc-dev/neo-go/pkg/crypto/keys" "github.com/nspcc-dev/neo-go/pkg/encoding/address" - "github.com/nspcc-dev/neo-go/pkg/smartcontract" - "github.com/nspcc-dev/neo-go/pkg/util" "github.com/spf13/viper" "github.com/stretchr/testify/require" ) @@ -20,30 +18,36 @@ func TestFrostfsIDConfig(t *testing.T) { pks[i] = pk } - v := viper.New() - v.Set("frostfsid.authorized_keys", []string{ + fmts := []string{ pks[0].GetScriptHash().StringLE(), address.Uint160ToString(pks[1].GetScriptHash()), hex.EncodeToString(pks[2].PublicKey().UncompressedBytes()), hex.EncodeToString(pks[3].PublicKey().Bytes()), - }) + } - comm := util.Uint160{1, 2, 3} - actual, err := getFrostfsIDAuthorizedKeys(v, comm) - require.NoError(t, err) - require.Equal(t, len(pks)+1, len(actual)) - require.Equal(t, smartcontract.Hash160Type, actual[0].Type) - require.Equal(t, comm, actual[0].Value) - for i := range pks { - require.Equal(t, smartcontract.Hash160Type, actual[i+1].Type) - require.Equal(t, pks[i].GetScriptHash(), actual[i+1].Value) + for i := range fmts { + v := viper.New() + v.Set("frostfsid.admin", fmts[i]) + + actual, found, err := getFrostfsIDAdmin(v) + require.NoError(t, err) + require.True(t, found) + require.Equal(t, pks[i].GetScriptHash(), actual) } t.Run("bad key", func(t *testing.T) { v := viper.New() - v.Set("frostfsid.authorized_keys", []string{"abc"}) + v.Set("frostfsid.admin", "abc") - _, err := getFrostfsIDAuthorizedKeys(v, comm) + _, found, err := getFrostfsIDAdmin(v) require.Error(t, err) + require.True(t, found) + }) + t.Run("missing key", func(t *testing.T) { + v := viper.New() + + _, found, err := getFrostfsIDAdmin(v) + require.NoError(t, err) + require.False(t, found) }) } diff --git a/cmd/frostfs-adm/internal/modules/morph/initialize_deploy.go b/cmd/frostfs-adm/internal/modules/morph/initialize_deploy.go index 4ba72ef41..533fcad4d 100644 --- a/cmd/frostfs-adm/internal/modules/morph/initialize_deploy.go +++ b/cmd/frostfs-adm/internal/modules/morph/initialize_deploy.go @@ -47,7 +47,7 @@ const ( proxyContract = "proxy" ) -const frostfsIDAuthorizedKeysConfigKey = "frostfsid.authorized_keys" +const frostfsIDAdminConfigKey = "frostfsid.admin" var ( contractList = []string{ @@ -538,12 +538,16 @@ func (c *initializeContext) getContractDeployData(ctrName string, keysParam []an nnsCs.Hash, "container") case frostfsIDContract: - hs, err := getFrostfsIDAuthorizedKeys(viper.GetViper(), c.CommitteeAcc.PublicKey().GetScriptHash()) + h, found, err := getFrostfsIDAdmin(viper.GetViper()) if err != nil { panic(err) } - items = append(items, hs) + if found { + items = append(items, h) + } else { + items = append(items, nil) + } case netmapContract: md := getDefaultNetmapContractConfigMap() if method == updateMethodName {