forked from TrueCloudLab/frostfs-rest-gw
[#68] Check basic ACL size
Signed-off-by: Denis Kirillov <denis@nspcc.ru>
This commit is contained in:
parent
47691727d4
commit
09e8196ed4
2 changed files with 41 additions and 2 deletions
|
@ -355,8 +355,8 @@ func createContainer(ctx context.Context, p *pool.Pool, stoken session.Container
|
|||
request.BasicACL = defaultBasicACL
|
||||
}
|
||||
|
||||
var basicACL acl.Basic
|
||||
if err = basicACL.DecodeString(request.BasicACL); err != nil {
|
||||
basicACL, err := decodeBasicACL(request.BasicACL)
|
||||
if err != nil {
|
||||
return cid.ID{}, fmt.Errorf("couldn't parse basic acl: %w", err)
|
||||
}
|
||||
|
||||
|
|
|
@ -6,11 +6,13 @@ import (
|
|||
"fmt"
|
||||
"math"
|
||||
"strconv"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
objectv2 "github.com/nspcc-dev/neofs-api-go/v2/object"
|
||||
sessionv2 "github.com/nspcc-dev/neofs-api-go/v2/session"
|
||||
"github.com/nspcc-dev/neofs-rest-gw/gen/models"
|
||||
"github.com/nspcc-dev/neofs-sdk-go/container/acl"
|
||||
"github.com/nspcc-dev/neofs-sdk-go/object"
|
||||
"github.com/nspcc-dev/neofs-sdk-go/pool"
|
||||
)
|
||||
|
@ -219,3 +221,40 @@ func formSessionTokenFromHeaders(principal *models.Principal, signature, key *st
|
|||
Verb: verb,
|
||||
}, nil
|
||||
}
|
||||
|
||||
// decodeBasicACL is the same as DecodeString on acl.Basic but
|
||||
// it also checks length for hex formatted acl.
|
||||
func decodeBasicACL(input string) (acl.Basic, error) {
|
||||
switch input {
|
||||
case acl.NamePrivate:
|
||||
return acl.Private, nil
|
||||
case acl.NamePrivateExtended:
|
||||
return acl.PrivateExtended, nil
|
||||
case acl.NamePublicRO:
|
||||
return acl.PublicRO, nil
|
||||
case acl.NamePublicROExtended:
|
||||
return acl.PublicROExtended, nil
|
||||
case acl.NamePublicRW:
|
||||
return acl.PublicRW, nil
|
||||
case acl.NamePublicRWExtended:
|
||||
return acl.PublicRWExtended, nil
|
||||
case acl.NamePublicAppend:
|
||||
return acl.PublicAppend, nil
|
||||
case acl.NamePublicAppendExtended:
|
||||
return acl.PublicAppendExtended, nil
|
||||
default:
|
||||
trimmedInput := strings.TrimPrefix(strings.ToLower(input), "0x")
|
||||
if len(trimmedInput) != 8 {
|
||||
return 0, fmt.Errorf("invalid basic ACL size: %s", input)
|
||||
}
|
||||
|
||||
v, err := strconv.ParseUint(trimmedInput, 16, 32)
|
||||
if err != nil {
|
||||
return 0, fmt.Errorf("parse hex: %w", err)
|
||||
}
|
||||
|
||||
var res acl.Basic
|
||||
res.FromBits(uint32(v))
|
||||
return res, nil
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue