[#259] Support contract based policies

Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2023-12-05 12:12:35 +03:00 · 2023-12-05 12:12:35 +03:00 · 9272f4e108
commit 9272f4e108
parent be6a37ada5
18 changed files with 428 additions and 43 deletions
--- a/api/middleware/policy.go
+++ b/api/middleware/policy.go
@ -7,6 +7,7 @@ import (
 	"strings"

 	apiErr "git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/errors"
+	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/internal/frostfs/policy"
 	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/internal/logs"
 	"git.frostfs.info/TrueCloudLab/policy-engine/pkg/chain"
 	"git.frostfs.info/TrueCloudLab/policy-engine/pkg/engine"
@ -51,7 +52,7 @@ func policyCheck(storage engine.ChainRouter, settings PolicySettings, domains []

 	reqInfo := GetReqInfo(r.Context())
 	target := engine.NewRequestTargetWithNamespace(settings.ResolveNamespaceAlias(reqInfo.Namespace))
-	st, found, err := storage.IsAllowed(chain.Ingress, target, req)
+	st, found, err := storage.IsAllowed(policy.S3ChainName, target, req)
 	if err != nil {
 		return 0, err
 	}