forked from TrueCloudLab/frostfs-api-go
acl: refactor the package
This commit: * replaces the wrappers of the messages to eacl sub-package; * renames Target to Group in eacl package; * defines Group constants; * replaces EACLTable message marshaler (unmarshaler) with custom MarshalTable (UnmarshalTable) of the Table.
This commit is contained in:
parent
630ac612ea
commit
befb34a9ff
7 changed files with 1026 additions and 633 deletions
126
acl/extended/enum.go
Normal file
126
acl/extended/enum.go
Normal file
|
@ -0,0 +1,126 @@
|
|||
package eacl
|
||||
|
||||
const (
|
||||
// MatchUnknown is a MatchType value used to mark value as undefined.
|
||||
// Most of the tools consider MatchUnknown as incalculable.
|
||||
// Using MatchUnknown in HeaderFilter is unsafe.
|
||||
MatchUnknown MatchType = iota
|
||||
|
||||
// StringEqual is a MatchType of string equality.
|
||||
StringEqual
|
||||
|
||||
// StringNotEqual is a MatchType of string inequality.
|
||||
StringNotEqual
|
||||
)
|
||||
|
||||
const (
|
||||
// ActionUnknown is Action used to mark value as undefined.
|
||||
// Most of the tools consider ActionUnknown as incalculable.
|
||||
// Using ActionUnknown in Record is unsafe.
|
||||
ActionUnknown Action = iota
|
||||
|
||||
// ActionAllow is Action used to mark an applicability of ACL rule.
|
||||
ActionAllow
|
||||
|
||||
// ActionDeny is Action used to mark an inapplicability of ACL rule.
|
||||
ActionDeny
|
||||
)
|
||||
|
||||
const (
|
||||
// GroupUnknown is a Group value used to mark value as undefined.
|
||||
// Most of the tools consider GroupUnknown as incalculable.
|
||||
// Using GroupUnknown in Target is unsafe.
|
||||
GroupUnknown Group = iota
|
||||
|
||||
// GroupUser is a Group value for User access group.
|
||||
GroupUser
|
||||
|
||||
// GroupSystem is a Group value for System access group.
|
||||
GroupSystem
|
||||
|
||||
// GroupOthers is a Group value for Others access group.
|
||||
GroupOthers
|
||||
)
|
||||
|
||||
const (
|
||||
// HdrTypeUnknown is a HeaderType value used to mark value as undefined.
|
||||
// Most of the tools consider HdrTypeUnknown as incalculable.
|
||||
// Using HdrTypeUnknown in HeaderFilter is unsafe.
|
||||
HdrTypeUnknown HeaderType = iota
|
||||
|
||||
// HdrTypeRequest is a HeaderType for request header.
|
||||
HdrTypeRequest
|
||||
|
||||
// HdrTypeObjSys is a HeaderType for system headers of object.
|
||||
HdrTypeObjSys
|
||||
|
||||
// HdrTypeObjUsr is a HeaderType for user headers of object.
|
||||
HdrTypeObjUsr
|
||||
)
|
||||
|
||||
const (
|
||||
// OpTypeUnknown is a OperationType value used to mark value as undefined.
|
||||
// Most of the tools consider OpTypeUnknown as incalculable.
|
||||
// Using OpTypeUnknown in Record is unsafe.
|
||||
OpTypeUnknown OperationType = iota
|
||||
|
||||
// OpTypeGet is an OperationType for object.Get RPC
|
||||
OpTypeGet
|
||||
|
||||
// OpTypePut is an OperationType for object.Put RPC
|
||||
OpTypePut
|
||||
|
||||
// OpTypeHead is an OperationType for object.Head RPC
|
||||
OpTypeHead
|
||||
|
||||
// OpTypeSearch is an OperationType for object.Search RPC
|
||||
OpTypeSearch
|
||||
|
||||
// OpTypeDelete is an OperationType for object.Delete RPC
|
||||
OpTypeDelete
|
||||
|
||||
// OpTypeRange is an OperationType for object.GetRange RPC
|
||||
OpTypeRange
|
||||
|
||||
// OpTypeRangeHash is an OperationType for object.GetRangeHash RPC
|
||||
OpTypeRangeHash
|
||||
)
|
||||
|
||||
const (
|
||||
// HdrObjSysNameID is a name of ID field in system header of object.
|
||||
HdrObjSysNameID = "ID"
|
||||
|
||||
// HdrObjSysNameCID is a name of CID field in system header of object.
|
||||
HdrObjSysNameCID = "CID"
|
||||
|
||||
// HdrObjSysNameOwnerID is a name of OwnerID field in system header of object.
|
||||
HdrObjSysNameOwnerID = "OWNER_ID"
|
||||
|
||||
// HdrObjSysNameVersion is a name of Version field in system header of object.
|
||||
HdrObjSysNameVersion = "VERSION"
|
||||
|
||||
// HdrObjSysNamePayloadLength is a name of PayloadLength field in system header of object.
|
||||
HdrObjSysNamePayloadLength = "PAYLOAD_LENGTH"
|
||||
|
||||
// HdrObjSysNameCreatedUnix is a name of CreatedAt.UnitTime field in system header of object.
|
||||
HdrObjSysNameCreatedUnix = "CREATED_UNIX"
|
||||
|
||||
// HdrObjSysNameCreatedEpoch is a name of CreatedAt.Epoch field in system header of object.
|
||||
HdrObjSysNameCreatedEpoch = "CREATED_EPOCH"
|
||||
|
||||
// HdrObjSysLinkPrev is a name of previous link header in extended headers of object.
|
||||
HdrObjSysLinkPrev = "LINK_PREV"
|
||||
|
||||
// HdrObjSysLinkNext is a name of next link header in extended headers of object.
|
||||
HdrObjSysLinkNext = "LINK_NEXT"
|
||||
|
||||
// HdrObjSysLinkChild is a name of child link header in extended headers of object.
|
||||
HdrObjSysLinkChild = "LINK_CHILD"
|
||||
|
||||
// HdrObjSysLinkPar is a name of parent link header in extended headers of object.
|
||||
HdrObjSysLinkPar = "LINK_PAR"
|
||||
|
||||
// HdrObjSysLinkSG is a name of storage group link header in extended headers of object.
|
||||
HdrObjSysLinkSG = "LINK_SG"
|
||||
)
|
||||
|
333
acl/extended/marshal.go
Normal file
333
acl/extended/marshal.go
Normal file
|
@ -0,0 +1,333 @@
|
|||
package eacl
|
||||
|
||||
import (
|
||||
"encoding/binary"
|
||||
|
||||
"github.com/pkg/errors"
|
||||
)
|
||||
|
||||
const (
|
||||
sliceLenSize = 2 // uint16 for len()
|
||||
actionSize = 4 // uint32
|
||||
opTypeSize = 4 // uint32
|
||||
hdrTypeSize = 4 // uint32
|
||||
matchTypeSize = 4 // uint32
|
||||
targetSize = 4 // uint32
|
||||
)
|
||||
|
||||
// MarshalTable encodes Table into a
|
||||
// binary form and returns the result.
|
||||
//
|
||||
// If table is nil, empty slice is returned.
|
||||
func MarshalTable(table Table) []byte {
|
||||
if table == nil {
|
||||
return make([]byte, 0)
|
||||
}
|
||||
|
||||
// allocate buffer
|
||||
buf := make([]byte, tableBinSize(table))
|
||||
|
||||
records := table.Records()
|
||||
|
||||
// write record number
|
||||
binary.BigEndian.PutUint16(buf, uint16(len(records)))
|
||||
off := sliceLenSize
|
||||
|
||||
// write all records
|
||||
for _, record := range records {
|
||||
// write action
|
||||
binary.BigEndian.PutUint32(buf[off:], uint32(record.Action()))
|
||||
off += actionSize
|
||||
|
||||
// write operation type
|
||||
binary.BigEndian.PutUint32(buf[off:], uint32(record.OperationType()))
|
||||
off += actionSize
|
||||
|
||||
filters := record.HeaderFilters()
|
||||
|
||||
// write filter number
|
||||
binary.BigEndian.PutUint16(buf[off:], uint16(len(filters)))
|
||||
off += sliceLenSize
|
||||
|
||||
// write all filters
|
||||
for _, filter := range filters {
|
||||
// write header type
|
||||
binary.BigEndian.PutUint32(buf[off:], uint32(filter.HeaderType()))
|
||||
off += hdrTypeSize
|
||||
|
||||
// write match type
|
||||
binary.BigEndian.PutUint32(buf[off:], uint32(filter.MatchType()))
|
||||
off += matchTypeSize
|
||||
|
||||
// write header name size
|
||||
name := []byte(filter.Name())
|
||||
binary.BigEndian.PutUint16(buf[off:], uint16(len(name)))
|
||||
off += sliceLenSize
|
||||
|
||||
// write header name bytes
|
||||
off += copy(buf[off:], name)
|
||||
|
||||
// write header value size
|
||||
val := []byte(filter.Value())
|
||||
binary.BigEndian.PutUint16(buf[off:], uint16(len(val)))
|
||||
off += sliceLenSize
|
||||
|
||||
// write header value bytes
|
||||
off += copy(buf[off:], val)
|
||||
}
|
||||
|
||||
targets := record.TargetList()
|
||||
|
||||
// write target number
|
||||
binary.BigEndian.PutUint16(buf[off:], uint16(len(targets)))
|
||||
off += sliceLenSize
|
||||
|
||||
// write all targets
|
||||
for _, target := range targets {
|
||||
// write target group
|
||||
binary.BigEndian.PutUint32(buf[off:], uint32(target.Group()))
|
||||
off += targetSize
|
||||
|
||||
keys := target.KeyList()
|
||||
|
||||
// write key number
|
||||
binary.BigEndian.PutUint16(buf[off:], uint16(len(keys)))
|
||||
off += sliceLenSize
|
||||
|
||||
// write keys
|
||||
for i := range keys {
|
||||
// write key size
|
||||
binary.BigEndian.PutUint16(buf[off:], uint16(len(keys[i])))
|
||||
off += sliceLenSize
|
||||
|
||||
// write key bytes
|
||||
off += copy(buf[off:], keys[i])
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return buf
|
||||
}
|
||||
|
||||
// returns the size of Table in a binary format.
|
||||
func tableBinSize(table Table) (sz int) {
|
||||
sz = sliceLenSize // number of records
|
||||
|
||||
records := table.Records()
|
||||
ln := len(records)
|
||||
|
||||
sz += ln * actionSize // action type of each record
|
||||
sz += ln * opTypeSize // operation type of each record
|
||||
|
||||
for _, record := range records {
|
||||
sz += sliceLenSize // number of filters
|
||||
|
||||
filters := record.HeaderFilters()
|
||||
ln := len(filters)
|
||||
|
||||
sz += ln * hdrTypeSize // header type of each filter
|
||||
sz += ln * matchTypeSize // match type of each filter
|
||||
|
||||
for _, filter := range filters {
|
||||
sz += sliceLenSize // header name size
|
||||
sz += len(filter.Name()) // header name bytes
|
||||
|
||||
sz += sliceLenSize // header value size
|
||||
sz += len(filter.Value()) // header value bytes
|
||||
}
|
||||
|
||||
sz += sliceLenSize // number of targets
|
||||
|
||||
targets := record.TargetList()
|
||||
ln = len(targets)
|
||||
|
||||
sz += ln * targetSize // target group of each target
|
||||
|
||||
for _, target := range targets {
|
||||
sz += sliceLenSize // number of keys
|
||||
|
||||
for _, key := range target.KeyList() {
|
||||
sz += sliceLenSize // key size
|
||||
sz += len(key) // key bytes
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
// UnmarshalTable unmarshals Table from
|
||||
// a binary representation.
|
||||
//
|
||||
// If data is empty, table w/o records is returned.
|
||||
func UnmarshalTable(data []byte) (Table, error) {
|
||||
table := WrapTable(nil)
|
||||
|
||||
if len(data) == 0 {
|
||||
return table, nil
|
||||
}
|
||||
|
||||
// decode record number
|
||||
if len(data) < sliceLenSize {
|
||||
return nil, errors.New("could not decode record number")
|
||||
}
|
||||
|
||||
recordNum := binary.BigEndian.Uint16(data)
|
||||
records := make([]Record, 0, recordNum)
|
||||
|
||||
off := sliceLenSize
|
||||
|
||||
// decode all records one by one
|
||||
for i := uint16(0); i < recordNum; i++ {
|
||||
record := WrapRecord(nil)
|
||||
|
||||
// decode action
|
||||
if len(data[off:]) < actionSize {
|
||||
return nil, errors.Errorf("could not decode action of record #%d", i)
|
||||
}
|
||||
|
||||
record.SetAction(Action(binary.BigEndian.Uint32(data[off:])))
|
||||
off += actionSize
|
||||
|
||||
// decode operation type
|
||||
if len(data[off:]) < opTypeSize {
|
||||
return nil, errors.Errorf("could not decode operation type of record #%d", i)
|
||||
}
|
||||
|
||||
record.SetOperationType(OperationType(binary.BigEndian.Uint32(data[off:])))
|
||||
off += opTypeSize
|
||||
|
||||
// decode filter number
|
||||
if len(data[off:]) < sliceLenSize {
|
||||
return nil, errors.Errorf("could not decode filter number of record #%d", i)
|
||||
}
|
||||
|
||||
filterNum := binary.BigEndian.Uint16(data[off:])
|
||||
off += sliceLenSize
|
||||
filters := make([]HeaderFilter, 0, filterNum)
|
||||
|
||||
// decode filters one by one
|
||||
for j := uint16(0); j < filterNum; j++ {
|
||||
filter := WrapFilterInfo(nil)
|
||||
|
||||
// decode header type
|
||||
if len(data[off:]) < hdrTypeSize {
|
||||
return nil, errors.Errorf("could not decode header type of filter #%d of record #%d", j, i)
|
||||
}
|
||||
|
||||
filter.SetHeaderType(HeaderType(binary.BigEndian.Uint32(data[off:])) )
|
||||
off += hdrTypeSize
|
||||
|
||||
// decode match type
|
||||
if len(data[off:]) < matchTypeSize {
|
||||
return nil, errors.Errorf("could not decode match type of filter #%d of record #%d", j, i)
|
||||
}
|
||||
|
||||
filter.SetMatchType(MatchType(binary.BigEndian.Uint32(data[off:])) )
|
||||
off += matchTypeSize
|
||||
|
||||
// decode header name size
|
||||
if len(data[off:]) < sliceLenSize {
|
||||
return nil, errors.Errorf("could not decode header name size of filter #%d of record #%d", j, i)
|
||||
}
|
||||
|
||||
hdrNameSize := int(binary.BigEndian.Uint16(data[off:]))
|
||||
off += sliceLenSize
|
||||
|
||||
// decode header name
|
||||
if len(data[off:]) < hdrNameSize {
|
||||
return nil, errors.Errorf("could not decode header name of filter #%d of record #%d", j, i)
|
||||
}
|
||||
|
||||
filter.SetName(string(data[off : off+hdrNameSize]))
|
||||
|
||||
off += hdrNameSize
|
||||
|
||||
// decode header value size
|
||||
if len(data[off:]) < sliceLenSize {
|
||||
return nil, errors.Errorf("could not decode header value size of filter #%d of record #%d", j, i)
|
||||
}
|
||||
|
||||
hdrValSize := int(binary.BigEndian.Uint16(data[off:]))
|
||||
off += sliceLenSize
|
||||
|
||||
// decode header value
|
||||
if len(data[off:]) < hdrValSize {
|
||||
return nil, errors.Errorf("could not decode header value of filter #%d of record #%d", j, i)
|
||||
}
|
||||
|
||||
filter.SetValue(string(data[off : off+hdrValSize]))
|
||||
|
||||
off += hdrValSize
|
||||
|
||||
filters = append(filters, filter)
|
||||
}
|
||||
|
||||
record.SetHeaderFilters(filters)
|
||||
|
||||
// decode target number
|
||||
if len(data[off:]) < sliceLenSize {
|
||||
return nil, errors.Errorf("could not decode target number of record #%d", i)
|
||||
}
|
||||
|
||||
targetNum := int(binary.BigEndian.Uint16(data[off:]))
|
||||
off += sliceLenSize
|
||||
|
||||
targets := make([]Target, 0, targetNum)
|
||||
|
||||
// decode targets one by one
|
||||
for j := 0; j < targetNum; j++ {
|
||||
target := WrapTarget(nil)
|
||||
|
||||
// decode target group
|
||||
if len(data[off:]) < targetSize {
|
||||
return nil, errors.Errorf("could not decode target group of target #%d of record #%d", j, i)
|
||||
}
|
||||
|
||||
target.SetGroup( Group(binary.BigEndian.Uint32(data[off:])), )
|
||||
off += targetSize
|
||||
|
||||
// decode key number
|
||||
if len(data[off:]) < sliceLenSize {
|
||||
return nil, errors.Errorf("could not decode key number of target #%d of record #%d", j, i)
|
||||
}
|
||||
|
||||
keyNum := int(binary.BigEndian.Uint16(data[off:]))
|
||||
off += sliceLenSize
|
||||
keys := make([][]byte, 0, keyNum)
|
||||
|
||||
for k := 0; k < keyNum; k++ {
|
||||
// decode key size
|
||||
if len(data[off:]) < sliceLenSize {
|
||||
return nil, errors.Errorf("could not decode size of key #%d target #%d of record #%d", k, j, i)
|
||||
}
|
||||
|
||||
keySz := int(binary.BigEndian.Uint16(data[off:]))
|
||||
off += sliceLenSize
|
||||
|
||||
// decode key
|
||||
if len(data[off:]) < keySz {
|
||||
return nil, errors.Errorf("could not decode key #%d target #%d of record #%d", k, j, i)
|
||||
}
|
||||
|
||||
key := make([]byte, keySz)
|
||||
|
||||
off += copy(key, data[off:off+keySz])
|
||||
|
||||
keys = append(keys, key)
|
||||
}
|
||||
|
||||
target.SetKeyList(keys)
|
||||
|
||||
targets = append(targets, target)
|
||||
}
|
||||
|
||||
record.SetTargetList(targets)
|
||||
|
||||
records = append(records, record)
|
||||
}
|
||||
|
||||
table.SetRecords(records)
|
||||
|
||||
return table, nil
|
||||
}
|
73
acl/extended/types.go
Normal file
73
acl/extended/types.go
Normal file
|
@ -0,0 +1,73 @@
|
|||
package eacl
|
||||
|
||||
// OperationType is an enumeration of operation types for extended ACL.
|
||||
type OperationType uint32
|
||||
|
||||
// HeaderType is an enumeration of header types for extended ACL.
|
||||
type HeaderType uint32
|
||||
|
||||
// MatchType is an enumeration of match types for extended ACL.
|
||||
type MatchType uint32
|
||||
|
||||
// Action is an enumeration of extended ACL actions.
|
||||
type Action uint32
|
||||
|
||||
// Group is an enumeration of access groups.
|
||||
type Group uint32
|
||||
|
||||
// Header is an interface of string key-value pair,
|
||||
type Header interface {
|
||||
// Must return string identifier of header.
|
||||
Name() string
|
||||
|
||||
// Must return string value of header.
|
||||
Value() string
|
||||
}
|
||||
|
||||
// TypedHeader is an interface of Header and HeaderType pair.
|
||||
type TypedHeader interface {
|
||||
Header
|
||||
|
||||
// Must return type of filtered header.
|
||||
HeaderType() HeaderType
|
||||
}
|
||||
|
||||
// HeaderFilter is an interface of grouped information about filtered header.
|
||||
type HeaderFilter interface {
|
||||
// Must return match type of filter.
|
||||
MatchType() MatchType
|
||||
|
||||
TypedHeader
|
||||
}
|
||||
|
||||
// Target is an interface of grouped information about extended ACL rule target.
|
||||
type Target interface {
|
||||
// Must return ACL target type.
|
||||
Group() Group
|
||||
|
||||
// Must return public key list of ACL targets.
|
||||
KeyList() [][]byte
|
||||
}
|
||||
|
||||
// Record is an interface of record of extended ACL rule table.
|
||||
type Record interface {
|
||||
// Must return operation type of extended ACL rule.
|
||||
OperationType() OperationType
|
||||
|
||||
// Must return list of header filters of extended ACL rule.
|
||||
HeaderFilters() []HeaderFilter
|
||||
|
||||
// Must return target list of extended ACL rule.
|
||||
TargetList() []Target
|
||||
|
||||
// Must return action of extended ACL rule.
|
||||
Action() Action
|
||||
}
|
||||
|
||||
// Table is an interface of extended ACL table.
|
||||
type Table interface {
|
||||
// Must return list of extended ACL rules.
|
||||
Records() []Record
|
||||
}
|
||||
|
||||
|
528
acl/extended/wrappers.go
Normal file
528
acl/extended/wrappers.go
Normal file
|
@ -0,0 +1,528 @@
|
|||
package eacl
|
||||
|
||||
import (
|
||||
"github.com/nspcc-dev/neofs-api-go/acl"
|
||||
)
|
||||
|
||||
// FilterWrapper is a wrapper over acl.EACLRecord_FilterInfo pointer.
|
||||
type FilterWrapper struct {
|
||||
filter *acl.EACLRecord_FilterInfo
|
||||
}
|
||||
|
||||
// TargetWrapper is a wrapper over acl.EACLRecord_TargetInfo pointer.
|
||||
type TargetWrapper struct {
|
||||
target *acl.EACLRecord_TargetInfo
|
||||
}
|
||||
|
||||
// RecordWrapper is a wrapper over acl.EACLRecord pointer.
|
||||
type RecordWrapper struct {
|
||||
record *acl.EACLRecord
|
||||
}
|
||||
|
||||
// TableWrapper is a wrapper over acl.EACLTable pointer.
|
||||
type TableWrapper struct {
|
||||
table *acl.EACLTable
|
||||
}
|
||||
|
||||
// WrapFilterInfo wraps EACLRecord_FilterInfo pointer.
|
||||
//
|
||||
// If argument is nil, new EACLRecord_FilterInfo is initialized.
|
||||
func WrapFilterInfo(v *acl.EACLRecord_FilterInfo) FilterWrapper {
|
||||
if v == nil {
|
||||
v = new(acl.EACLRecord_FilterInfo)
|
||||
}
|
||||
|
||||
return FilterWrapper{
|
||||
filter: v,
|
||||
}
|
||||
}
|
||||
|
||||
// WrapTarget wraps EACLRecord_TargetInfo pointer.
|
||||
//
|
||||
// If argument is nil, new EACLRecord_TargetInfo is initialized.
|
||||
func WrapTarget(v *acl.EACLRecord_TargetInfo) TargetWrapper {
|
||||
if v == nil {
|
||||
v = new(acl.EACLRecord_TargetInfo)
|
||||
}
|
||||
|
||||
return TargetWrapper{
|
||||
target: v,
|
||||
}
|
||||
}
|
||||
|
||||
// WrapRecord wraps EACLRecord pointer.
|
||||
//
|
||||
// If argument is nil, new EACLRecord is initialized.
|
||||
func WrapRecord(v *acl.EACLRecord) RecordWrapper {
|
||||
if v == nil {
|
||||
v = new(acl.EACLRecord)
|
||||
}
|
||||
|
||||
return RecordWrapper{
|
||||
record: v,
|
||||
}
|
||||
}
|
||||
|
||||
// WrapTable wraps EACLTable pointer.
|
||||
//
|
||||
// If argument is nil, new EACLTable is initialized.
|
||||
func WrapTable(v *acl.EACLTable) TableWrapper {
|
||||
if v == nil {
|
||||
v = new(acl.EACLTable)
|
||||
}
|
||||
|
||||
return TableWrapper{
|
||||
table: v,
|
||||
}
|
||||
}
|
||||
|
||||
// MatchType returns the match type of the filter.
|
||||
//
|
||||
// If filter is not initialized, 0 returns.
|
||||
//
|
||||
// Returns 0 if MatchType is not one of:
|
||||
// - EACLRecord_FilterInfo_StringEqual;
|
||||
// - EACLRecord_FilterInfo_StringNotEqual.
|
||||
func (s FilterWrapper) MatchType() (res MatchType) {
|
||||
if s.filter != nil {
|
||||
switch s.filter.GetMatchType() {
|
||||
case acl.EACLRecord_FilterInfo_StringEqual:
|
||||
res = StringEqual
|
||||
case acl.EACLRecord_FilterInfo_StringNotEqual:
|
||||
res = StringNotEqual
|
||||
}
|
||||
}
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
// SetMatchType sets the match type of the filter.
|
||||
//
|
||||
// If filter is not initialized, nothing changes.
|
||||
//
|
||||
// MatchType is set to EACLRecord_FilterInfo_MatchUnknown if argument is not one of:
|
||||
// - StringEqual;
|
||||
// - StringNotEqual.
|
||||
func (s FilterWrapper) SetMatchType(v MatchType) {
|
||||
if s.filter != nil {
|
||||
switch v {
|
||||
case StringEqual:
|
||||
s.filter.SetMatchType(acl.EACLRecord_FilterInfo_StringEqual)
|
||||
case StringNotEqual:
|
||||
s.filter.SetMatchType(acl.EACLRecord_FilterInfo_StringNotEqual)
|
||||
default:
|
||||
s.filter.SetMatchType(acl.EACLRecord_FilterInfo_MatchUnknown)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Name returns the name of filtering header.
|
||||
//
|
||||
// If filter is not initialized, empty string returns.
|
||||
func (s FilterWrapper) Name() string {
|
||||
if s.filter == nil {
|
||||
return ""
|
||||
}
|
||||
|
||||
return s.filter.GetHeaderName()
|
||||
}
|
||||
|
||||
// SetName sets the name of the filtering header.
|
||||
//
|
||||
// If filter is not initialized, nothing changes.
|
||||
func (s FilterWrapper) SetName(v string) {
|
||||
if s.filter != nil {
|
||||
s.filter.SetHeaderName(v)
|
||||
}
|
||||
}
|
||||
|
||||
// Value returns the value of filtering header.
|
||||
//
|
||||
// If filter is not initialized, empty string returns.
|
||||
func (s FilterWrapper) Value() string {
|
||||
if s.filter == nil {
|
||||
return ""
|
||||
}
|
||||
|
||||
return s.filter.GetHeaderVal()
|
||||
}
|
||||
|
||||
// SetValue sets the value of filtering header.
|
||||
//
|
||||
// If filter is not initialized, nothing changes.
|
||||
func (s FilterWrapper) SetValue(v string) {
|
||||
if s.filter != nil {
|
||||
s.filter.SetHeaderVal(v)
|
||||
}
|
||||
}
|
||||
|
||||
// HeaderType returns the header type of the filter.
|
||||
//
|
||||
// If filter is not initialized, HdrTypeUnknown returns.
|
||||
//
|
||||
// Returns HdrTypeUnknown if Header is not one of:
|
||||
// - EACLRecord_FilterInfo_Request;
|
||||
// - EACLRecord_FilterInfo_ObjectSystem;
|
||||
// - EACLRecord_FilterInfo_ObjectUser.
|
||||
func (s FilterWrapper) HeaderType() (res HeaderType) {
|
||||
res = HdrTypeUnknown
|
||||
|
||||
if s.filter != nil {
|
||||
switch s.filter.GetHeader() {
|
||||
case acl.EACLRecord_FilterInfo_Request:
|
||||
res = HdrTypeRequest
|
||||
case acl.EACLRecord_FilterInfo_ObjectSystem:
|
||||
res = HdrTypeObjSys
|
||||
case acl.EACLRecord_FilterInfo_ObjectUser:
|
||||
res = HdrTypeObjUsr
|
||||
}
|
||||
}
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
// SetHeaderType sets the header type of the filter.
|
||||
//
|
||||
// If filter is not initialized, nothing changes.
|
||||
//
|
||||
// Header is set to EACLRecord_FilterInfo_HeaderUnknown if argument is not one of:
|
||||
// - HdrTypeRequest;
|
||||
// - HdrTypeObjSys;
|
||||
// - HdrTypeObjUsr.
|
||||
func (s FilterWrapper) SetHeaderType(t HeaderType) {
|
||||
if s.filter != nil {
|
||||
switch t {
|
||||
case HdrTypeRequest:
|
||||
s.filter.SetHeader(acl.EACLRecord_FilterInfo_Request)
|
||||
case HdrTypeObjSys:
|
||||
s.filter.SetHeader(acl.EACLRecord_FilterInfo_ObjectSystem)
|
||||
case HdrTypeObjUsr:
|
||||
s.filter.SetHeader(acl.EACLRecord_FilterInfo_ObjectUser)
|
||||
default:
|
||||
s.filter.SetHeader(acl.EACLRecord_FilterInfo_HeaderUnknown)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Group returns the access group of the target.
|
||||
//
|
||||
// If target is not initialized, GroupUnknown returns.
|
||||
//
|
||||
// Returns GroupUnknown if Target is not one of:
|
||||
// - Target_User;
|
||||
// - GroupSystem;
|
||||
// - GroupOthers.
|
||||
func (s TargetWrapper) Group() (res Group) {
|
||||
res = GroupUnknown
|
||||
|
||||
if s.target != nil {
|
||||
switch s.target.GetTarget() {
|
||||
case acl.Target_User:
|
||||
res = GroupUser
|
||||
case acl.Target_System:
|
||||
res = GroupSystem
|
||||
case acl.Target_Others:
|
||||
res = GroupOthers
|
||||
}
|
||||
}
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
// SetGroup sets the access group of the target.
|
||||
//
|
||||
// If target is not initialized, nothing changes.
|
||||
//
|
||||
// Target is set to Target_Unknown if argument is not one of:
|
||||
// - GroupUser;
|
||||
// - GroupSystem;
|
||||
// - GroupOthers.
|
||||
func (s TargetWrapper) SetGroup(g Group) {
|
||||
if s.target != nil {
|
||||
switch g {
|
||||
case GroupUser:
|
||||
s.target.SetTarget(acl.Target_User)
|
||||
case GroupSystem:
|
||||
s.target.SetTarget(acl.Target_System)
|
||||
case GroupOthers:
|
||||
s.target.SetTarget(acl.Target_Others)
|
||||
default:
|
||||
s.target.SetTarget(acl.Target_Unknown)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// KeyList returns the key list of the target.
|
||||
//
|
||||
// If target is not initialized, nil returns.
|
||||
func (s TargetWrapper) KeyList() [][]byte {
|
||||
if s.target == nil {
|
||||
return nil
|
||||
}
|
||||
|
||||
return s.target.GetKeyList()
|
||||
}
|
||||
|
||||
// SetKeyList sets the key list of the target.
|
||||
//
|
||||
// If target is not initialized, nothing changes.
|
||||
func (s TargetWrapper) SetKeyList(v [][]byte) {
|
||||
if s.target != nil {
|
||||
s.target.SetKeyList(v)
|
||||
}
|
||||
}
|
||||
|
||||
// OperationType returns the operation type of the record.
|
||||
//
|
||||
// If record is not initialized, OpTypeUnknown returns.
|
||||
//
|
||||
// Returns OpTypeUnknown if Operation is not one of:
|
||||
// - EACLRecord_HEAD;
|
||||
// - EACLRecord_PUT;
|
||||
// - EACLRecord_SEARCH;
|
||||
// - EACLRecord_GET;
|
||||
// - EACLRecord_GETRANGE;
|
||||
// - EACLRecord_GETRANGEHASH;
|
||||
// - EACLRecord_DELETE.
|
||||
func (s RecordWrapper) OperationType() (res OperationType) {
|
||||
res = OpTypeUnknown
|
||||
|
||||
if s.record != nil {
|
||||
switch s.record.GetOperation() {
|
||||
case acl.EACLRecord_HEAD:
|
||||
res = OpTypeHead
|
||||
case acl.EACLRecord_PUT:
|
||||
res = OpTypePut
|
||||
case acl.EACLRecord_SEARCH:
|
||||
res = OpTypeSearch
|
||||
case acl.EACLRecord_GET:
|
||||
res = OpTypeGet
|
||||
case acl.EACLRecord_GETRANGE:
|
||||
res = OpTypeRange
|
||||
case acl.EACLRecord_GETRANGEHASH:
|
||||
res = OpTypeRangeHash
|
||||
case acl.EACLRecord_DELETE:
|
||||
res = OpTypeDelete
|
||||
}
|
||||
}
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
// SetOperationType sets the operation type of the record.
|
||||
//
|
||||
// If record is not initialized, nothing changes.
|
||||
//
|
||||
// Operation is set to EACLRecord_OPERATION_UNKNOWN if argument is not one of:
|
||||
// - OpTypeHead;
|
||||
// - OpTypePut;
|
||||
// - OpTypeSearch;
|
||||
// - OpTypeGet;
|
||||
// - OpTypeRange;
|
||||
// - OpTypeRangeHash;
|
||||
// - OpTypeDelete.
|
||||
func (s RecordWrapper) SetOperationType(v OperationType) {
|
||||
if s.record != nil {
|
||||
switch v {
|
||||
case OpTypeHead:
|
||||
s.record.SetOperation(acl.EACLRecord_HEAD)
|
||||
case OpTypePut:
|
||||
s.record.SetOperation(acl.EACLRecord_PUT)
|
||||
case OpTypeSearch:
|
||||
s.record.SetOperation(acl.EACLRecord_SEARCH)
|
||||
case OpTypeGet:
|
||||
s.record.SetOperation(acl.EACLRecord_GET)
|
||||
case OpTypeRange:
|
||||
s.record.SetOperation(acl.EACLRecord_GETRANGE)
|
||||
case OpTypeRangeHash:
|
||||
s.record.SetOperation(acl.EACLRecord_GETRANGEHASH)
|
||||
case OpTypeDelete:
|
||||
s.record.SetOperation(acl.EACLRecord_DELETE)
|
||||
default:
|
||||
s.record.SetOperation(acl.EACLRecord_OPERATION_UNKNOWN)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Action returns the action of the record.
|
||||
//
|
||||
// If record is not initialized, ActionUnknown returns.
|
||||
//
|
||||
// Returns ActionUnknown if Action is not one of:
|
||||
// - EACLRecord_Deny;
|
||||
// - EACLRecord_Allow.
|
||||
func (s RecordWrapper) Action() (res Action) {
|
||||
res = ActionUnknown
|
||||
|
||||
if s.record != nil {
|
||||
switch s.record.GetAction() {
|
||||
case acl.EACLRecord_Deny:
|
||||
res = ActionDeny
|
||||
case acl.EACLRecord_Allow:
|
||||
res = ActionAllow
|
||||
}
|
||||
}
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
// SetAction sets the action of the record.
|
||||
//
|
||||
// If record is not initialized, nothing changes.
|
||||
//
|
||||
// Action is set to EACLRecord_ActionUnknown if argument is not one of:
|
||||
// - ActionDeny;
|
||||
// - ActionAllow.
|
||||
func (s RecordWrapper) SetAction(v Action) {
|
||||
if s.record != nil {
|
||||
switch v {
|
||||
case ActionDeny:
|
||||
s.record.SetAction(acl.EACLRecord_Deny)
|
||||
case ActionAllow:
|
||||
s.record.SetAction(acl.EACLRecord_Allow)
|
||||
default:
|
||||
s.record.SetAction(acl.EACLRecord_ActionUnknown)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// HeaderFilters returns the header filter list of the record.
|
||||
//
|
||||
// If record is not initialized, nil returns.
|
||||
func (s RecordWrapper) HeaderFilters() []HeaderFilter {
|
||||
if s.record == nil {
|
||||
return nil
|
||||
}
|
||||
|
||||
filters := s.record.GetFilters()
|
||||
|
||||
res := make([]HeaderFilter, 0, len(filters))
|
||||
|
||||
for i := range filters {
|
||||
res = append(res, WrapFilterInfo(filters[i]))
|
||||
}
|
||||
|
||||
return res
|
||||
}
|
||||
|
||||
// SetHeaderFilters sets the header filter list of the record.
|
||||
//
|
||||
// Ignores nil elements of argument.
|
||||
// If record is not initialized, nothing changes.
|
||||
func (s RecordWrapper) SetHeaderFilters(v []HeaderFilter) {
|
||||
if s.record == nil {
|
||||
return
|
||||
}
|
||||
|
||||
filters := make([]*acl.EACLRecord_FilterInfo, 0, len(v))
|
||||
|
||||
for i := range v {
|
||||
if v[i] == nil {
|
||||
continue
|
||||
}
|
||||
|
||||
w := WrapFilterInfo(nil)
|
||||
w.SetMatchType(v[i].MatchType())
|
||||
w.SetHeaderType(v[i].HeaderType())
|
||||
w.SetName(v[i].Name())
|
||||
w.SetValue(v[i].Value())
|
||||
|
||||
filters = append(filters, w.filter)
|
||||
}
|
||||
|
||||
s.record.SetFilters(filters)
|
||||
}
|
||||
|
||||
// TargetList returns the target list of the record.
|
||||
//
|
||||
// If record is not initialized, nil returns.
|
||||
func (s RecordWrapper) TargetList() []Target {
|
||||
if s.record == nil {
|
||||
return nil
|
||||
}
|
||||
|
||||
targets := s.record.GetTargets()
|
||||
|
||||
res := make([]Target, 0, len(targets))
|
||||
|
||||
for i := range targets {
|
||||
res = append(res, WrapTarget(targets[i]))
|
||||
}
|
||||
|
||||
return res
|
||||
}
|
||||
|
||||
// SetTargetList sets the target list of the record.
|
||||
//
|
||||
// Ignores nil elements of argument.
|
||||
// If record is not initialized, nothing changes.
|
||||
func (s RecordWrapper) SetTargetList(v []Target) {
|
||||
if s.record == nil {
|
||||
return
|
||||
}
|
||||
|
||||
targets := make([]*acl.EACLRecord_TargetInfo, 0, len(v))
|
||||
|
||||
for i := range v {
|
||||
if v[i] == nil {
|
||||
continue
|
||||
}
|
||||
|
||||
w := WrapTarget(nil)
|
||||
w.SetGroup(v[i].Group())
|
||||
w.SetKeyList(v[i].KeyList())
|
||||
|
||||
targets = append(targets, w.target)
|
||||
}
|
||||
|
||||
s.record.SetTargets(targets)
|
||||
}
|
||||
|
||||
// Records returns the record list of the table.
|
||||
//
|
||||
// If table is not initialized, nil returns.
|
||||
func (s TableWrapper) Records() []Record {
|
||||
if s.table == nil {
|
||||
return nil
|
||||
}
|
||||
|
||||
records := s.table.GetRecords()
|
||||
|
||||
res := make([]Record, 0, len(records))
|
||||
|
||||
for i := range records {
|
||||
res = append(res, WrapRecord(records[i]))
|
||||
}
|
||||
|
||||
return res
|
||||
}
|
||||
|
||||
// SetRecords sets the record list of the table.
|
||||
//
|
||||
// Ignores nil elements of argument.
|
||||
// If table is not initialized, nothing changes.
|
||||
func (s TableWrapper) SetRecords(v []Record) {
|
||||
if s.table == nil {
|
||||
return
|
||||
}
|
||||
|
||||
records := make([]*acl.EACLRecord, 0, len(v))
|
||||
|
||||
for i := range v {
|
||||
if v[i] == nil {
|
||||
continue
|
||||
}
|
||||
|
||||
w := WrapRecord(nil)
|
||||
w.SetOperationType(v[i].OperationType())
|
||||
w.SetAction(v[i].Action())
|
||||
w.SetHeaderFilters(v[i].HeaderFilters())
|
||||
w.SetTargetList(v[i].TargetList())
|
||||
|
||||
records = append(records, w.record)
|
||||
}
|
||||
|
||||
s.table.SetRecords(records)
|
||||
}
|
||||
|
||||
|
136
acl/extended/wrappers_test.go
Normal file
136
acl/extended/wrappers_test.go
Normal file
|
@ -0,0 +1,136 @@
|
|||
package eacl
|
||||
|
||||
import (
|
||||
"testing"
|
||||
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
func TestEACLFilterWrapper(t *testing.T) {
|
||||
s := WrapFilterInfo(nil)
|
||||
|
||||
mt := StringEqual
|
||||
s.SetMatchType(mt)
|
||||
require.Equal(t, mt, s.MatchType())
|
||||
|
||||
ht := HdrTypeObjUsr
|
||||
s.SetHeaderType(ht)
|
||||
require.Equal(t, ht, s.HeaderType())
|
||||
|
||||
n := "name"
|
||||
s.SetName(n)
|
||||
require.Equal(t, n, s.Name())
|
||||
|
||||
v := "value"
|
||||
s.SetValue(v)
|
||||
require.Equal(t, v, s.Value())
|
||||
}
|
||||
|
||||
func TestEACLTargetWrapper(t *testing.T) {
|
||||
s := WrapTarget(nil)
|
||||
|
||||
group := Group(3)
|
||||
s.SetGroup(group)
|
||||
require.Equal(t, group, s.Group())
|
||||
|
||||
keys := [][]byte{
|
||||
{1, 2, 3},
|
||||
{4, 5, 6},
|
||||
}
|
||||
s.SetKeyList(keys)
|
||||
require.Equal(t, keys, s.KeyList())
|
||||
}
|
||||
|
||||
func TestEACLRecordWrapper(t *testing.T) {
|
||||
s := WrapRecord(nil)
|
||||
|
||||
action := ActionAllow
|
||||
s.SetAction(action)
|
||||
require.Equal(t, action, s.Action())
|
||||
|
||||
opType := OperationType(5)
|
||||
s.SetOperationType(opType)
|
||||
require.Equal(t, opType, s.OperationType())
|
||||
|
||||
f1Name := "name1"
|
||||
f1 := WrapFilterInfo(nil)
|
||||
f1.SetName(f1Name)
|
||||
|
||||
f2Name := "name2"
|
||||
f2 := WrapFilterInfo(nil)
|
||||
f2.SetName(f2Name)
|
||||
|
||||
s.SetHeaderFilters([]HeaderFilter{f1, f2})
|
||||
|
||||
filters := s.HeaderFilters()
|
||||
require.Len(t, filters, 2)
|
||||
require.Equal(t, f1Name, filters[0].Name())
|
||||
require.Equal(t, f2Name, filters[1].Name())
|
||||
|
||||
group1 := Group(1)
|
||||
t1 := WrapTarget(nil)
|
||||
t1.SetGroup(group1)
|
||||
|
||||
group2 := Group(2)
|
||||
t2 := WrapTarget(nil)
|
||||
t2.SetGroup(group2)
|
||||
|
||||
s.SetTargetList([]Target{t1, t2})
|
||||
|
||||
targets := s.TargetList()
|
||||
require.Len(t, targets, 2)
|
||||
require.Equal(t, group1, targets[0].Group())
|
||||
require.Equal(t, group2, targets[1].Group())
|
||||
}
|
||||
|
||||
func TestEACLTableWrapper(t *testing.T) {
|
||||
s := WrapTable(nil)
|
||||
|
||||
action1 := Action(1)
|
||||
r1 := WrapRecord(nil)
|
||||
r1.SetAction(action1)
|
||||
|
||||
action2 := Action(2)
|
||||
r2 := WrapRecord(nil)
|
||||
r2.SetAction(action2)
|
||||
|
||||
s.SetRecords([]Record{r1, r2})
|
||||
|
||||
records := s.Records()
|
||||
require.Len(t, records, 2)
|
||||
require.Equal(t, action1, records[0].Action())
|
||||
require.Equal(t, action2, records[1].Action())
|
||||
|
||||
s2, err := UnmarshalTable(MarshalTable(s))
|
||||
require.NoError(t, err)
|
||||
|
||||
records1 := s.Records()
|
||||
records2 := s2.Records()
|
||||
require.Len(t, records1, len(records2))
|
||||
|
||||
for i := range records1 {
|
||||
require.Equal(t, records1[i].Action(), records2[i].Action())
|
||||
require.Equal(t, records1[i].OperationType(), records2[i].OperationType())
|
||||
|
||||
targets1 := records1[i].TargetList()
|
||||
targets2 := records2[i].TargetList()
|
||||
require.Len(t, targets1, len(targets2))
|
||||
|
||||
for j := range targets1 {
|
||||
require.Equal(t, targets1[j].Group(), targets2[j].Group())
|
||||
require.Equal(t, targets1[j].KeyList(), targets2[j].KeyList())
|
||||
}
|
||||
|
||||
filters1 := records1[i].HeaderFilters()
|
||||
filters2 := records2[i].HeaderFilters()
|
||||
require.Len(t, filters1, len(filters2))
|
||||
|
||||
for j := range filters1 {
|
||||
require.Equal(t, filters1[j].MatchType(), filters2[j].MatchType())
|
||||
require.Equal(t, filters1[j].HeaderType(), filters2[j].HeaderType())
|
||||
require.Equal(t, filters1[j].Name(), filters2[j].Name())
|
||||
require.Equal(t, filters1[j].Value(), filters2[j].Value())
|
||||
require.Equal(t, filters1[j].Value(), filters2[j].Value())
|
||||
}
|
||||
}
|
||||
}
|
Loading…
Add table
Add a link
Reference in a new issue