[#360] Use 'c' prefix for bucket policies instead of 'n'

With 'c' prefix, acl chains become shorter, thus gateway receives shorter results and avoids sessions to neo-go. There is still issue with many IAM rules. Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2024-04-10 15:53:36 +03:00 · 2024-04-10 15:53:36 +03:00 · 6da1acc554
commit 6da1acc554
parent 3ea3f971e1
8 changed files with 49 additions and 43 deletions
--- a/api/handler/acl_test.go
+++ b/api/handler/acl_test.go
@ -1325,7 +1325,7 @@ func TestPutBucketAPE(t *testing.T) {
 	_, err := hc.tp.ContainerEACL(hc.Context(), layer.PrmContainerEACL{ContainerID: info.BktInfo.CID})
 	require.ErrorContains(t, err, "not found")

-	chains, err := hc.h.ape.(*apeMock).ListChains(engine.NamespaceTarget(""))
+	chains, err := hc.h.ape.(*apeMock).ListChains(engine.ContainerTarget(info.BktInfo.CID.EncodeToString()))
 	require.NoError(t, err)
 	require.Len(t, chains, 2)
 }
@ -1509,7 +1509,7 @@ func TestDeleteBucketWithPolicy(t *testing.T) {
 	hc := prepareHandlerContext(t)

 	bktName := "bucket-for-policy"
-	createTestBucket(hc, bktName)
+	bi := createTestBucket(hc, bktName)

 	newPolicy := engineiam.Policy{
 		Version: "2012-10-17",
@ -1524,12 +1524,12 @@ func TestDeleteBucketWithPolicy(t *testing.T) {
 	putBucketPolicy(hc, bktName, newPolicy)

 	require.Len(t, hc.h.ape.(*apeMock).policyMap, 1)
-	require.Len(t, hc.h.ape.(*apeMock).chainMap[engine.NamespaceTarget("")], 4)
+	require.Len(t, hc.h.ape.(*apeMock).chainMap[engine.ContainerTarget(bi.CID.EncodeToString())], 4)

 	deleteBucket(t, hc, bktName, http.StatusNoContent)

 	require.Empty(t, hc.h.ape.(*apeMock).policyMap)
-	chains, err := hc.h.ape.(*apeMock).ListChains(engine.NamespaceTarget(""))
+	chains, err := hc.h.ape.(*apeMock).ListChains(engine.ContainerTarget(bi.CID.EncodeToString()))
 	require.NoError(t, err)
 	require.Empty(t, chains)
 }