2023-10-31 15:36:42 +00:00
|
|
|
package control
|
|
|
|
|
|
|
|
import (
|
|
|
|
"context"
|
2023-11-16 07:58:55 +00:00
|
|
|
"errors"
|
2023-10-31 15:36:42 +00:00
|
|
|
"fmt"
|
2023-12-05 09:11:28 +00:00
|
|
|
"strings"
|
2023-10-31 15:36:42 +00:00
|
|
|
|
|
|
|
"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/control"
|
2023-10-31 08:55:42 +00:00
|
|
|
cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
|
2023-11-16 07:58:55 +00:00
|
|
|
apechain "git.frostfs.info/TrueCloudLab/policy-engine/pkg/chain"
|
|
|
|
engine "git.frostfs.info/TrueCloudLab/policy-engine/pkg/engine"
|
|
|
|
nativeschema "git.frostfs.info/TrueCloudLab/policy-engine/schema/native"
|
2023-10-31 08:55:42 +00:00
|
|
|
"google.golang.org/grpc/codes"
|
|
|
|
"google.golang.org/grpc/status"
|
2023-10-31 15:36:42 +00:00
|
|
|
)
|
|
|
|
|
2023-12-05 09:11:28 +00:00
|
|
|
// extractCID extracts CID from the schema's pattern.
|
|
|
|
// TODO (aarifullin): This is temporary solution should be replaced by
|
|
|
|
// resource name validation.
|
|
|
|
func extractCID(resource string) (cid.ID, error) {
|
|
|
|
var cidStr string
|
|
|
|
|
|
|
|
// Sscanf requires to make tokens delimited by spaces.
|
|
|
|
pattern := strings.Replace(nativeschema.ResourceFormatRootContainerObjects, "/", " ", -1)
|
|
|
|
resource = strings.Replace(resource, "/", " ", -1)
|
|
|
|
|
|
|
|
if _, err := fmt.Sscanf(resource, pattern, &cidStr); err != nil {
|
|
|
|
err = fmt.Errorf("could not parse the target name '%s' to CID: %w", resource, err)
|
|
|
|
return cid.ID{}, err
|
|
|
|
}
|
|
|
|
var cid cid.ID
|
|
|
|
err := cid.DecodeString(cidStr)
|
|
|
|
return cid, err
|
|
|
|
}
|
|
|
|
|
2023-10-31 08:55:42 +00:00
|
|
|
func (s *Server) AddChainLocalOverride(_ context.Context, req *control.AddChainLocalOverrideRequest) (*control.AddChainLocalOverrideResponse, error) {
|
|
|
|
if err := s.isValidRequest(req); err != nil {
|
|
|
|
return nil, status.Error(codes.PermissionDenied, err.Error())
|
|
|
|
}
|
|
|
|
|
2023-12-05 09:11:28 +00:00
|
|
|
target := req.GetBody().GetTarget()
|
|
|
|
if target.Type != control.ChainTarget_CONTAINER {
|
|
|
|
return nil, status.Error(codes.Internal, fmt.Errorf("target type is not supported: %s", target.Type.String()).Error())
|
|
|
|
}
|
|
|
|
|
|
|
|
cid, err := extractCID(target.GetName())
|
2023-10-31 08:55:42 +00:00
|
|
|
if err != nil {
|
|
|
|
return nil, status.Error(codes.InvalidArgument, err.Error())
|
|
|
|
}
|
|
|
|
|
2023-11-16 07:58:55 +00:00
|
|
|
var chain apechain.Chain
|
2023-10-31 08:55:42 +00:00
|
|
|
if err = chain.DecodeBytes(req.GetBody().GetChain()); err != nil {
|
|
|
|
return nil, status.Error(codes.InvalidArgument, err.Error())
|
|
|
|
}
|
|
|
|
|
|
|
|
src, err := s.apeChainSrc.GetChainSource(cid)
|
|
|
|
if err != nil {
|
|
|
|
return nil, status.Error(codes.Internal, err.Error())
|
|
|
|
}
|
|
|
|
|
|
|
|
s.apeChainCounter.Add(1)
|
|
|
|
// TODO (aarifullin): the such chain id is not well-designed yet.
|
2023-12-05 09:11:28 +00:00
|
|
|
if chain.ID == "" {
|
|
|
|
chain.ID = apechain.ID(fmt.Sprintf("%s:%d", apechain.Ingress, s.apeChainCounter.Load()))
|
|
|
|
}
|
2023-10-31 08:55:42 +00:00
|
|
|
|
2023-11-16 07:58:55 +00:00
|
|
|
resource := fmt.Sprintf(nativeschema.ResourceFormatRootContainerObjects, cid.EncodeToString())
|
|
|
|
if _, err = src.LocalStorage().AddOverride(apechain.Ingress, resource, &chain); err != nil {
|
|
|
|
return nil, status.Error(getCodeByLocalStorageErr(err), err.Error())
|
|
|
|
}
|
2023-10-31 08:55:42 +00:00
|
|
|
|
|
|
|
resp := &control.AddChainLocalOverrideResponse{
|
|
|
|
Body: &control.AddChainLocalOverrideResponse_Body{
|
|
|
|
ChainId: string(chain.ID),
|
|
|
|
},
|
|
|
|
}
|
|
|
|
err = SignMessage(s.key, resp)
|
|
|
|
if err != nil {
|
|
|
|
return nil, status.Error(codes.Internal, err.Error())
|
|
|
|
}
|
|
|
|
return resp, nil
|
2023-10-31 15:36:42 +00:00
|
|
|
}
|
|
|
|
|
2023-10-31 08:55:42 +00:00
|
|
|
func (s *Server) GetChainLocalOverride(_ context.Context, req *control.GetChainLocalOverrideRequest) (*control.GetChainLocalOverrideResponse, error) {
|
|
|
|
if err := s.isValidRequest(req); err != nil {
|
|
|
|
return nil, status.Error(codes.PermissionDenied, err.Error())
|
|
|
|
}
|
|
|
|
|
2023-12-05 09:11:28 +00:00
|
|
|
target := req.GetBody().GetTarget()
|
|
|
|
if target.Type != control.ChainTarget_CONTAINER {
|
|
|
|
return nil, status.Error(codes.Internal, fmt.Errorf("target type is not supported: %s", target.Type.String()).Error())
|
|
|
|
}
|
|
|
|
|
|
|
|
cid, err := extractCID(target.GetName())
|
2023-10-31 08:55:42 +00:00
|
|
|
if err != nil {
|
|
|
|
return nil, status.Error(codes.InvalidArgument, err.Error())
|
|
|
|
}
|
|
|
|
|
|
|
|
src, err := s.apeChainSrc.GetChainSource(cid)
|
|
|
|
if err != nil {
|
|
|
|
return nil, status.Error(codes.Internal, err.Error())
|
|
|
|
}
|
|
|
|
|
2023-11-16 07:58:55 +00:00
|
|
|
resource := fmt.Sprintf(nativeschema.ResourceFormatRootContainerObjects, cid.EncodeToString())
|
|
|
|
chain, err := src.LocalStorage().GetOverride(apechain.Ingress, resource, apechain.ID(req.GetBody().GetChainId()))
|
|
|
|
if err != nil {
|
|
|
|
return nil, status.Error(getCodeByLocalStorageErr(err), err.Error())
|
2023-10-31 08:55:42 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
resp := &control.GetChainLocalOverrideResponse{
|
|
|
|
Body: &control.GetChainLocalOverrideResponse_Body{
|
|
|
|
Chain: chain.Bytes(),
|
|
|
|
},
|
|
|
|
}
|
|
|
|
err = SignMessage(s.key, resp)
|
|
|
|
if err != nil {
|
|
|
|
return nil, status.Error(codes.Internal, err.Error())
|
|
|
|
}
|
|
|
|
return resp, nil
|
2023-10-31 15:36:42 +00:00
|
|
|
}
|
|
|
|
|
2023-10-31 08:55:42 +00:00
|
|
|
func (s *Server) ListChainLocalOverrides(_ context.Context, req *control.ListChainLocalOverridesRequest) (*control.ListChainLocalOverridesResponse, error) {
|
|
|
|
if err := s.isValidRequest(req); err != nil {
|
|
|
|
return nil, status.Error(codes.PermissionDenied, err.Error())
|
|
|
|
}
|
|
|
|
|
2023-12-05 09:11:28 +00:00
|
|
|
target := req.GetBody().GetTarget()
|
|
|
|
if target.Type != control.ChainTarget_CONTAINER {
|
|
|
|
return nil, status.Error(codes.Internal, fmt.Errorf("target type is not supported: %s", target.Type.String()).Error())
|
|
|
|
}
|
|
|
|
|
|
|
|
cid, err := extractCID(target.GetName())
|
2023-10-31 08:55:42 +00:00
|
|
|
if err != nil {
|
|
|
|
return nil, status.Error(codes.InvalidArgument, err.Error())
|
|
|
|
}
|
|
|
|
|
|
|
|
src, err := s.apeChainSrc.GetChainSource(cid)
|
|
|
|
if err != nil {
|
|
|
|
return nil, status.Error(codes.Internal, err.Error())
|
|
|
|
}
|
|
|
|
|
2023-11-16 07:58:55 +00:00
|
|
|
resource := fmt.Sprintf(nativeschema.ResourceFormatRootContainerObjects, cid.EncodeToString())
|
|
|
|
chains, err := src.LocalStorage().ListOverrides(apechain.Ingress, resource)
|
|
|
|
if err != nil {
|
|
|
|
return nil, status.Error(getCodeByLocalStorageErr(err), err.Error())
|
|
|
|
}
|
2023-10-31 08:55:42 +00:00
|
|
|
serializedChains := make([][]byte, 0, len(chains))
|
|
|
|
for _, chain := range chains {
|
|
|
|
serializedChains = append(serializedChains, chain.Bytes())
|
|
|
|
}
|
|
|
|
|
|
|
|
resp := &control.ListChainLocalOverridesResponse{
|
|
|
|
Body: &control.ListChainLocalOverridesResponse_Body{
|
|
|
|
Chains: serializedChains,
|
|
|
|
},
|
|
|
|
}
|
|
|
|
err = SignMessage(s.key, resp)
|
|
|
|
if err != nil {
|
|
|
|
return nil, status.Error(codes.Internal, err.Error())
|
|
|
|
}
|
|
|
|
return resp, nil
|
2023-10-31 15:36:42 +00:00
|
|
|
}
|
|
|
|
|
2023-10-31 08:55:42 +00:00
|
|
|
func (s *Server) RemoveChainLocalOverride(_ context.Context, req *control.RemoveChainLocalOverrideRequest) (*control.RemoveChainLocalOverrideResponse, error) {
|
|
|
|
if err := s.isValidRequest(req); err != nil {
|
|
|
|
return nil, status.Error(codes.PermissionDenied, err.Error())
|
|
|
|
}
|
|
|
|
|
2023-12-05 09:11:28 +00:00
|
|
|
target := req.GetBody().GetTarget()
|
|
|
|
if target.Type != control.ChainTarget_CONTAINER {
|
|
|
|
return nil, status.Error(codes.Internal, fmt.Errorf("target type is not supported: %s", target.Type.String()).Error())
|
|
|
|
}
|
|
|
|
|
|
|
|
cid, err := extractCID(target.GetName())
|
2023-10-31 08:55:42 +00:00
|
|
|
if err != nil {
|
|
|
|
return nil, status.Error(codes.InvalidArgument, err.Error())
|
|
|
|
}
|
|
|
|
|
|
|
|
src, err := s.apeChainSrc.GetChainSource(cid)
|
|
|
|
if err != nil {
|
|
|
|
return nil, status.Error(codes.Internal, err.Error())
|
|
|
|
}
|
|
|
|
|
2023-11-16 07:58:55 +00:00
|
|
|
resource := fmt.Sprintf(nativeschema.ResourceFormatRootContainerObjects, cid.EncodeToString())
|
|
|
|
if err = src.LocalStorage().RemoveOverride(apechain.Ingress, resource, apechain.ID(req.GetBody().GetChainId())); err != nil {
|
|
|
|
return nil, status.Error(getCodeByLocalStorageErr(err), err.Error())
|
|
|
|
}
|
2023-10-31 08:55:42 +00:00
|
|
|
resp := &control.RemoveChainLocalOverrideResponse{
|
|
|
|
Body: &control.RemoveChainLocalOverrideResponse_Body{
|
2023-11-16 07:58:55 +00:00
|
|
|
Removed: true,
|
2023-10-31 08:55:42 +00:00
|
|
|
},
|
|
|
|
}
|
|
|
|
err = SignMessage(s.key, resp)
|
|
|
|
if err != nil {
|
|
|
|
return nil, status.Error(codes.Internal, err.Error())
|
|
|
|
}
|
|
|
|
return resp, nil
|
2023-10-31 15:36:42 +00:00
|
|
|
}
|
2023-11-16 07:58:55 +00:00
|
|
|
|
|
|
|
func getCodeByLocalStorageErr(err error) codes.Code {
|
|
|
|
if errors.Is(err, engine.ErrChainNotFound) {
|
|
|
|
return codes.NotFound
|
|
|
|
}
|
|
|
|
return codes.Internal
|
|
|
|
}
|