realloc/frostfs-s3-gw
1
0
Fork 0
forked from TrueCloudLab/frostfs-s3-gw
Code Issues Pull requests Projects Releases Packages Wiki Activity

[#680] Move policy engine converter to s3-gw

Browse source 
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
This commit is contained in:
Denis Kirillov 2025-04-04 18:04:58 +03:00 committed by Alexey Vanin
parent e788bb6ec9
commit 0ba6989197
21 changed files with 4325 additions and 50 deletions
Download patch file Download diff file Expand all files Collapse all files

36
api/handler/api.go
View file

@ -12,6 +12,7 @@ import (
"git.frostfs.info/TrueCloudLab/frostfs-mfa/mfa"
"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/layer"
policyengine "git.frostfs.info/TrueCloudLab/frostfs-s3-gw/pkg/policy-engine"
cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/netmap"
"git.frostfs.info/TrueCloudLab/policy-engine/pkg/chain"
@ -20,12 +21,12 @@ import (
type (
handler struct {
log *zap.Logger
obj *layer.Layer
cfg Config
ape APE
frostfsid FrostFSID
mfa *mfa.Manager
log *zap.Logger
obj *layer.Layer
cfg Config
policyEngine PolicyEngine
frostfsid FrostFSID
mfa *mfa.Manager
}
// Config contains data which handler needs to keep.
@ -54,6 +55,11 @@ type (
GetUserKey(account, name string) (string, error)
}
PolicyEngine struct {
APE APE
Converter *policyengine.Converter
}
// APE is Access Policy Engine that needs to save policy and acl info to different places.
APE interface {
PutBucketPolicy(ns string, cnrID cid.ID, policy []byte, chains []*chain.Chain) error
@ -73,14 +79,14 @@ const (
var _ api.Handler = (*handler)(nil)
// New creates new api.Handler using given logger and client.
func New(log *zap.Logger, obj *layer.Layer, cfg Config, storage APE, ffsid FrostFSID, mfaMgr *mfa.Manager) (api.Handler, error) {
func New(log *zap.Logger, obj *layer.Layer, cfg Config, policyEngine PolicyEngine, ffsid FrostFSID, mfaMgr *mfa.Manager) (api.Handler, error) {
switch {
case obj == nil:
return nil, errors.New("empty FrostFS Object Layer")
case log == nil:
return nil, errors.New("empty logger")
case storage == nil:
return nil, errors.New("empty policy storage")
case policyEngine.APE == nil || policyEngine.Converter == nil:
return nil, errors.New("empty policy engine")
case ffsid == nil:
return nil, errors.New("empty frostfsid")
case mfaMgr == nil:
@ -88,12 +94,12 @@ func New(log *zap.Logger, obj *layer.Layer, cfg Config, storage APE, ffsid Frost
}
return &handler{
log: log,
obj: obj,
cfg: cfg,
ape: storage,
frostfsid: ffsid,
mfa: mfaMgr,
log: log,
obj: obj,
cfg: cfg,
policyEngine: policyEngine,
frostfsid: ffsid,
mfa: mfaMgr,
}, nil
}