frostfs-node

Author	SHA1	Message	Date
Evgenii Stratonikov	300654b045	[#1083 ] objsvc/v2: Properly check response status after forwarding Previously we had cryptic error: ``` debug get/remote.go:38 remote call failed {"component": "Object.Get service", "request": "HEAD", "address": "9sTxoVrhJ7WBtXQfK2NJ7zDV5yCF7BPLKK1XTxYPdGsP/BbHV4KZZ8y2BPqAT5kyjdHRLkfbtY2xf5uYoMVqxACn1", "raw": false, "local": false, "with session": false, "with bearer": false, "error": "unexpected header type <nil>"} ``` Now we have and expected error: ``` debug get/remote.go:38 remote call failed {"component": "Object.Get service", "request": "HEAD", "address": "D2rqaMG4D2VHdv3HKky8UYSYmwQFH2v9oXXqtyRZPTMy/BbHV4KZZ8y2BPqAT5kyjdHRLkfbtY2xf5uYoMVqxACn1", "raw": false, "local": false, "with session": false, "with bearer": false, "error": "status: code = 2049 message = object not found"} ``` Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>	2024-05-15 12:04:06 +03:00
Airat Arifullin	952d13cd2b	[#1124 ] cli: Improve APE rule parsing * Make APE rule parser to read condition's kind in unambiguous using lexemes `ResourceCondition`, `RequestCondition` instead confusing `Object.Request`, `Object.Resource`. * Fix unit-tests. Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>	2024-05-14 12:23:26 +03:00
Dmitrii Stepanov	0144117cc9	[#1125 ] objectSvc: Add EC header APE check Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2024-05-08 16:25:55 +03:00
Dmitrii Stepanov	ada1b9f737	[#1120 ] objectSvc: Fix EC put placement Use parent object ID to compute placement. Fix too many copies saving. Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2024-05-08 15:23:57 +03:00
Anton Nikiforov	fe2c1c926f	[#1112 ] node: Fix race warning for `GetObjectAndWritePayload` Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com>	2024-05-07 14:47:21 +03:00
Anton Nikiforov	3e782527b8	[#1112 ] node: Add test for `Range` request for EC object Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com>	2024-05-07 14:47:21 +03:00
Anton Nikiforov	21a490da8f	[#1112 ] Fix issue from `gofumpt` Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com>	2024-05-07 14:47:21 +03:00
Evgenii Stratonikov	93c0ccad4f	[#1077 ] objectsvc: Fix possible panic in GetRange() Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>	2024-05-07 14:47:21 +03:00
Anton Nikiforov	00b2b77b26	[#1112 ] node: Implement `Range\RangeHash` requests for EC object Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com>	2024-05-07 14:47:21 +03:00
aarifullin	b60a51b862	[#1117 ] ape: Introduce `FormFrostfsIDRequestProperties` method * `FormFrostfsIDRequestProperties` gets user claim tags and group id and sets them as ape request properties. * Make tree, container and object service use the method. * Fix unit-tests. Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>	2024-05-07 10:01:21 +00:00
aarifullin	6c76c9b457	[#1117 ] core: Introduce SubjectProvider interface for FrostfsID * Make tree, object and container services use SubjectProvider interface. * Fix unit-tests. Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>	2024-05-07 10:01:21 +00:00
Ekaterina Lebedeva	e07869a8cf	[#1100 ] Remove unused fields Signed-off-by: Ekaterina Lebedeva <ekaterina.lebedeva@yadro.com>	2024-05-06 10:14:36 +03:00
Evgenii Stratonikov	71789676d5	[#1114 ] aclsvc: Add tests for request ownership Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>	2024-05-02 11:57:39 +03:00
Anton Nikiforov	112a7c690f	[#1103 ] node: Implement `Get\Head` requests for EC object Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com>	2024-04-24 18:15:53 +03:00
Airat Arifullin	c21d72ac23	[#1096 ] object: Make ape middleware fill request with user claim tags Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>	2024-04-16 15:12:44 +03:00
Evgenii Stratonikov	91e79c98ba	[#1089 ] ape: Provide request actor as an additional target Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>	2024-04-16 11:03:50 +00:00
aarifullin	f4dcb418f2	[#1090 ] ape: Move ape request and resource implementations to common package Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>	2024-04-15 07:45:45 +00:00
Evgenii Stratonikov	3dc81cb4fc	Reapply "[#972 ] Use min/max builtins" This reverts commit `dad56d2e98`. Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>	2024-04-10 12:09:34 +00:00
Dmitrii Stepanov	e74bdaa5d5	[#1080 ] ape: Use value for APE request Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2024-04-09 18:42:03 +03:00
Dmitrii Stepanov	338d8cbebd	[#1080 ] ape: Do not read object headers before Head/Get Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2024-04-09 15:27:40 +03:00
Anton Nikiforov	2b88361849	[#1062 ] object: Fix buffer allocation for `PayloadRange` Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com>	2024-04-09 11:59:07 +03:00
Dmitrii Stepanov	1c5e0f90aa	[#1064 ] putsvc: Add EC put Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2024-04-09 07:08:53 +00:00
Dmitrii Stepanov	39da643354	[#1064 ] putsvc: Refactor distributed target Extract object builder. Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2024-04-09 07:08:53 +00:00
aarifullin	6959e617c4	[#1047 ] object: Set container owner ID property to ape request * Introduce ContainerOwner field in RequestContext. * Set ContainerOwner in aclv2 middleware. * Set PropertyKeyContainerOwnerID for object ape request. Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>	2024-03-18 15:39:50 +00:00
aarifullin	d7be70e93f	[#1040 ] object: Wrap CheckAPE errors to status errors * All methods should wrap CheckAPE error, if it occurs, to status error. Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>	2024-03-14 07:34:03 +00:00
Airat Arifullin	5c252c9193	[#1039 ] object: Skip APE check for certain request roles * Skip APE check if a role is Container. * Skip APE check if a role is IR and methods are get-like. Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>	2024-03-12 16:15:20 +03:00
Dmitrii Stepanov	d433b49265	[#973 ] node: Resolve perfsprint linter `fmt.Errorf can be replaced with errors.New` and `fmt.Sprintf can be replaced with string addition` Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2024-03-11 17:55:50 +03:00
Dmitrii Stepanov	d6534fd755	[#1016 ] frostfs-node: Fix gopls issues Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2024-03-01 12:13:43 +03:00
Airat Arifullin	7cc368e188	[#986 ] object: Introduce soft ape checks * Soft APE check means that APE should allow request even it gets status NoRuleFound for a request. Otherwise, it is interpreted as Deny. * Soft APE check is performed if basic ACL mask is not set. Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>	2024-02-28 19:05:57 +00:00
Evgenii Stratonikov	dad56d2e98	Revert "[#972 ] Use min/max builtins" This reverts commit `89784b2e0a`. Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>	2024-02-19 15:36:01 +00:00
Evgenii Stratonikov	89784b2e0a	[#972 ] Use min/max builtins Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>	2024-02-19 13:13:09 +00:00
Dmitrii Stepanov	2680192ba0	[#988 ] objectSvc: Fix `SetMarshalData` for PutSingle After api-go update it is required to pass marshal data to `SetMarshalData`. Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2024-02-15 17:21:08 +03:00
Airat Arifullin	a5446bc17d	[#952 ] object: Pass namespace within context in ACL service Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>	2024-02-02 14:48:11 +03:00
Airat Arifullin	5be2af881a	[#934 ] container: Make container APE middleware read namespaces * Those methods that can access already existing containers and thus can get container properties should read namespace from Zone property. If Zone is not set, take a namespace for root. * Otherwise, define namespaces by owner ID via frostfs-id contract. * Improve unit-tests, consider more cases. Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>	2024-02-01 17:38:24 +00:00
Evgenii Stratonikov	6e2cc32768	[#681 ] objsvc: Validate session token owner for local sessions Previously, the check was in place only when session token was missing. Format validator checks are applied only to fully-prepared object, so this lead to the following situation: 1. Object is put locally with malformed token, because there are no checks. 2. Object cannot be replicated, because the token is malformed. This is now fixed and token check is done before any payload receival. Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>	2024-01-26 08:52:29 +00:00
Anton Nikiforov	b6fc3321c5	[#876 ] Fix linters Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com>	2024-01-25 20:26:13 +03:00
Airat Arifullin	f2f3294fc3	[#919 ] ape: Improve error messages in ape service * Wrap all APE middleware errors in apeErr that makes errors more explicit with status AccessDenied. * Use denyingRuleErr for denying status from chain router. Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>	2024-01-23 08:11:24 +00:00
Airat Arifullin	96b020626f	[#915 ] ape: Fix method name in getStreamBasicChecker * Replace incorrect MethodGetContainer by MethodGetObject constant. Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>	2024-01-16 23:52:37 +03:00
Airat Arifullin	c8baf76fae	[#872 ] object: Introduce APE middlewar for object service Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>	2024-01-12 18:41:35 +03:00
Dmitrii Stepanov	52ffa9f164	[#891 ] getSvc: Refactor Get service V2 creation Use arguments for mandatory fields. Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2024-01-12 13:35:38 +03:00
Dmitrii Stepanov	394f086fe2	[#891 ] getSvc: Fix get range hash implementation Get range can perform GET request, so this request must be done from container node to not to get access denied error. Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2024-01-12 13:35:38 +03:00
Dmitrii Stepanov	f1b2b8bffa	[#895 ] test: Fix NewLogger arguments list `debug` is always true. Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2024-01-11 12:32:09 +00:00
Dmitrii Stepanov	b118734909	[#890 ] getsvc: Log node PK Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2023-12-29 14:24:13 +03:00
Airat Arifullin	bdd43f6211	[#869 ] object: Pass just CID to chain router * Do not convert CID from request to native-schema resource format - this step is unneccessary for APE. Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>	2023-12-14 11:01:20 +00:00
aarifullin	0f45e3d344	[#804 ] ape: Implement boltdb storage for local overrides Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>	2023-12-07 19:08:41 +03:00
aarifullin	e361e017f3	[#842 ] control: Pass target instead resource name * Update policy-engine package version in go.mod, go.sum. * Refactor CheckIfRequestPermitted: pass container target instead container ID. Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>	2023-12-07 14:21:55 +00:00
Dmitrii Stepanov	c516c7c5f4	[#821 ] node: Pass user.ID by value Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2023-11-23 10:21:07 +03:00
aarifullin	4d5be5ccb5	[#811 ] ape: Update policy-engine module version and rebase Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>	2023-11-16 11:31:37 +03:00
Dmitrii Stepanov	9133b4389e	[#788 ] objectsvc: Fix formatting (gofumpt) Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2023-11-09 10:27:32 +03:00
aarifullin	3534d6d05b	[#794 ] objectsvc: Return accidentally removed acl checks for Head Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>	2023-11-08 17:13:58 +03:00

1 2 3 4 5 ...

577 commits