[#804] ape: Implement boltdb storage for local overrides

Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>

pkg/services/object/acl/ape.go

@@ -1,10 +1,8 @@
 package acl
 
 import (
-	"errors"
 	"fmt"
 
-	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/core/container"
 	v2 "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/object/acl/v2"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/util/logger"
 	apistatus "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/client/status"
@@ -12,34 +10,25 @@ import (
 	policyengine "git.frostfs.info/TrueCloudLab/policy-engine/pkg/engine"
 )
 
-var errAPEChainNoSource = errors.New("could not get ape chain source for the container")
-
 type apeCheckerImpl struct {
-	log    *logger.Logger
-	apeSrc container.AccessPolicyEngineChainSource
+	log         *logger.Logger
+	chainRouter policyengine.ChainRouter
 }
 
-func NewAPEChecker(log *logger.Logger, apeSrc container.AccessPolicyEngineChainSource) v2.APEChainChecker {
+func NewAPEChecker(log *logger.Logger, chainRouter policyengine.ChainRouter) v2.APEChainChecker {
 	return &apeCheckerImpl{
-		log:    log,
-		apeSrc: apeSrc,
+		log:         log,
+		chainRouter: chainRouter,
 	}
 }
 
 func (c *apeCheckerImpl) CheckIfRequestPermitted(reqInfo v2.RequestInfo) error {
-	cnr := reqInfo.ContainerID()
-
-	chainCache, err := c.apeSrc.GetChainSource(cnr)
-	if err != nil {
-		return errAPEChainNoSource
-	}
-
 	request := new(Request)
 	request.FromRequestInfo(reqInfo)
 
 	cnrTarget := getResource(reqInfo).Name()
 
-	status, ruleFound, err := chainCache.IsAllowed(apechain.Ingress, policyengine.NewRequestTargetWithContainer(cnrTarget), request)
+	status, ruleFound, err := c.chainRouter.IsAllowed(apechain.Ingress, policyengine.NewRequestTargetWithContainer(cnrTarget), request)
 	if err != nil {
 		return err
 	}