ape

package
v0.46.5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 12, 2025 License: GPL-3.0 Imports: 40 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Checker

type Checker interface {
	CheckAPE(context.Context, Prm) error
}

Checker provides methods to check requests and responses with access policy engine.

func NewChecker

func NewChecker(logger *logger.Logger, localOverrideStorage policyengine.LocalOverrideStorage, morphChainStorage policyengine.MorphRuleChainStorageReader, headerProvider HeaderProvider, frostFSIDClient frostfsidcore.Source, nm netmap.Source, st netmap.State, cnrSource container.Source, nodePK []byte) Checker

type HeaderProvider

type HeaderProvider interface {
	GetHeader(ctx context.Context, cnr cid.ID, oid oid.ID, local bool) (*objectSDK.Object, error)
}

func NewStorageEngineHeaderProvider

func NewStorageEngineHeaderProvider(e *engine.StorageEngine, s *getsvc.Service) HeaderProvider

type InnerRingFetcher added in v0.45.0

type InnerRingFetcher interface {
	// InnerRingKeys must return list of public keys of
	// the actual inner ring.
	InnerRingKeys(ctx context.Context) ([][]byte, error)
}

InnerRingFetcher is an interface that must provide Inner Ring information.

type Metadata added in v0.45.0

type Metadata struct {
	Container          cid.ID
	Object             *oid.ID
	MetaHeader         *session.RequestMetaHeader
	VerificationHeader *session.RequestVerificationHeader
	SessionToken       *sessionSDK.Object
	BearerToken        *bearer.Token
}

func (Metadata) RequestOwner added in v0.45.0

func (m Metadata) RequestOwner() (*user.ID, *keys.PublicKey, error)

type Prm

type Prm struct {
	Namespace string

	Container cid.ID

	// Object ID is omitted for some methods.
	Object *oid.ID

	// If Header is set, then object attributes and properties will be parsed from
	// a request/response's header.
	Header *objectV2.Header

	// Method must be represented only as a constant represented in native schema.
	Method string

	// Role must be representedonly as a constant represented in native schema.
	Role string

	// An encoded sender's public key string.
	SenderKey string

	// An encoded container's owner user ID.
	ContainerOwner user.ID

	// Attributes defined for the container.
	ContainerAttributes map[string]string

	// The request's bearer token. It is used in order to check APE overrides with the token.
	BearerToken *bearer.Token

	// XHeaders from the request.
	XHeaders []session.XHeader
}

type RequestInfo added in v0.45.0

type RequestInfo struct {
	// Role defines under which role this request is executed.
	// It must be represented only as a constant represented in native schema.
	Role string

	ContainerOwner user.ID

	ContainerAttributes map[string]string

	// Namespace defines to which namespace a container is belonged.
	Namespace string

	// HEX-encoded sender key.
	SenderKey string
}

RequestInfo contains request information extracted by request metadata.

type RequestInfoExtractor added in v0.45.0

type RequestInfoExtractor interface {
	GetRequestInfo(context.Context, Metadata, string) (RequestInfo, error)
}

func NewRequestInfoExtractor added in v0.45.0

func NewRequestInfoExtractor(log *logger.Logger, containers container.Source, irFetcher InnerRingFetcher, nm netmap.Source, ncs netmap.ConfigSource) RequestInfoExtractor

type Service

type Service struct {
	// contains filtered or unexported fields
}

func NewService

func NewService(apeChecker Checker, extractor RequestInfoExtractor, next objectSvc.ServiceServer) *Service

func (*Service) Delete

func (*Service) Get

func (c *Service) Get(request *objectV2.GetRequest, stream objectSvc.GetObjectStream) error

func (*Service) GetRange

func (c *Service) GetRange(request *objectV2.GetRangeRequest, stream objectSvc.GetObjectRangeStream) error

func (*Service) GetRangeHash

func (*Service) Head

func (*Service) Patch added in v0.43.0

func (*Service) Put

func (*Service) PutSingle

func (*Service) Search

func (c *Service) Search(request *objectV2.SearchRequest, stream objectSvc.SearchStream) error

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL