ape

package

v0.46.5 Latest Latest Go to latest Published: Aug 12, 2025 License: GPL-3.0 Imports: 40 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

git.frostfs.info/TrueCloudLab/frostfs-node

Links

Open Source Insights

Documentation ¶

Index ¶

type Checker
- func NewChecker(logger *logger.Logger, localOverrideStorage policyengine.LocalOverrideStorage, ...) Checker
type HeaderProvider
- func NewStorageEngineHeaderProvider(e *engine.StorageEngine, s *getsvc.Service) HeaderProvider
type InnerRingFetcher
type Metadata
- func (m Metadata) RequestOwner() (*user.ID, *keys.PublicKey, error)
type Prm
type RequestInfo
type RequestInfoExtractor
- func NewRequestInfoExtractor(log *logger.Logger, containers container.Source, irFetcher InnerRingFetcher, ...) RequestInfoExtractor
type Service
- func NewService(apeChecker Checker, extractor RequestInfoExtractor, ...) *Service

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Checker ¶

type Checker interface {
	CheckAPE(context.Context, Prm) error
}

Checker provides methods to check requests and responses with access policy engine.

func NewChecker ¶

func NewChecker(logger *logger.Logger, localOverrideStorage policyengine.LocalOverrideStorage, morphChainStorage policyengine.MorphRuleChainStorageReader, headerProvider HeaderProvider, frostFSIDClient frostfsidcore.Source, nm netmap.Source, st netmap.State, cnrSource container.Source, nodePK []byte) Checker

type HeaderProvider ¶

type HeaderProvider interface {
	GetHeader(ctx context.Context, cnr cid.ID, oid oid.ID, local bool) (*objectSDK.Object, error)
}

func NewStorageEngineHeaderProvider ¶

func NewStorageEngineHeaderProvider(e *engine.StorageEngine, s *getsvc.Service) HeaderProvider

type InnerRingFetcher ¶ added in v0.45.0

type InnerRingFetcher interface {
	// InnerRingKeys must return list of public keys of
	// the actual inner ring.
	InnerRingKeys(ctx context.Context) ([][]byte, error)
}

InnerRingFetcher is an interface that must provide Inner Ring information.

type Metadata ¶ added in v0.45.0

type Metadata struct {
	Container          cid.ID
	Object             *oid.ID
	MetaHeader         *session.RequestMetaHeader
	VerificationHeader *session.RequestVerificationHeader
	SessionToken       *sessionSDK.Object
	BearerToken        *bearer.Token
}

func (Metadata) RequestOwner ¶ added in v0.45.0

func (m Metadata) RequestOwner() (*user.ID, *keys.PublicKey, error)

type Prm ¶

type Prm struct {
	Namespace string

	Container cid.ID

	// Object ID is omitted for some methods.
	Object *oid.ID

	// If Header is set, then object attributes and properties will be parsed from
	// a request/response's header.
	Header *objectV2.Header

	// Method must be represented only as a constant represented in native schema.
	Method string

	// Role must be representedonly as a constant represented in native schema.
	Role string

	// An encoded sender's public key string.
	SenderKey string

	// An encoded container's owner user ID.
	ContainerOwner user.ID

	// Attributes defined for the container.
	ContainerAttributes map[string]string

	// The request's bearer token. It is used in order to check APE overrides with the token.
	BearerToken *bearer.Token

	// XHeaders from the request.
	XHeaders []session.XHeader
}

type RequestInfo ¶ added in v0.45.0

type RequestInfo struct {
	// Role defines under which role this request is executed.
	// It must be represented only as a constant represented in native schema.
	Role string

	ContainerOwner user.ID

	ContainerAttributes map[string]string

	// Namespace defines to which namespace a container is belonged.
	Namespace string

	// HEX-encoded sender key.
	SenderKey string
}

RequestInfo contains request information extracted by request metadata.

type RequestInfoExtractor ¶ added in v0.45.0

type RequestInfoExtractor interface {
	GetRequestInfo(context.Context, Metadata, string) (RequestInfo, error)
}

func NewRequestInfoExtractor ¶ added in v0.45.0

func NewRequestInfoExtractor(log *logger.Logger, containers container.Source, irFetcher InnerRingFetcher, nm netmap.Source, ncs netmap.ConfigSource) RequestInfoExtractor

type Service ¶

type Service struct {
	// contains filtered or unexported fields
}

func NewService ¶

func NewService(apeChecker Checker, extractor RequestInfoExtractor, next objectSvc.ServiceServer) *Service

func (*Service) Delete ¶

func (c *Service) Delete(ctx context.Context, request *objectV2.DeleteRequest) (*objectV2.DeleteResponse, error)

func (*Service) Get ¶

func (c *Service) Get(request *objectV2.GetRequest, stream objectSvc.GetObjectStream) error

func (*Service) GetRange ¶

func (c *Service) GetRange(request *objectV2.GetRangeRequest, stream objectSvc.GetObjectRangeStream) error

func (*Service) GetRangeHash ¶

func (c *Service) GetRangeHash(ctx context.Context, request *objectV2.GetRangeHashRequest) (*objectV2.GetRangeHashResponse, error)

func (*Service) Head ¶

func (c *Service) Head(ctx context.Context, request *objectV2.HeadRequest) (*objectV2.HeadResponse, error)

func (*Service) Patch ¶ added in v0.43.0

func (c *Service) Patch(ctx context.Context) (objectSvc.PatchObjectStream, error)

func (*Service) Put ¶

func (c *Service) Put(ctx context.Context) (objectSvc.PutObjectStream, error)

func (*Service) PutSingle ¶

func (c *Service) PutSingle(ctx context.Context, request *objectV2.PutSingleRequest) (*objectV2.PutSingleResponse, error)

func (*Service) Search ¶

func (c *Service) Search(request *objectV2.SearchRequest, stream objectSvc.SearchStream) error

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL