Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Accounts in eacl #976

Merged
merged 3 commits into from
Aug 14, 2024
Merged

Accounts in eacl #976

merged 3 commits into from
Aug 14, 2024

Conversation

smallhive
Copy link
Contributor

Refs nspcc-dev/neofs-api#278

The changes require test changes as well.

ACL owner will be changed from

{
    "Owner": {
        "DisplayName": "Nj9FF9jYTsyX2XniTw5Kqy3Zf91nbhdYiM",
        "ID": "033845e8ebc78251029261cbc0e9bae104d2b7cc9fee5c79720a30332d5b3d1aa0"
    },
    "Grants": [
        {
            "Grantee": {
                "DisplayName": "Nj9FF9jYTsyX2XniTw5Kqy3Zf91nbhdYiM",
                "ID": "033845e8ebc78251029261cbc0e9bae104d2b7cc9fee5c79720a30332d5b3d1aa0",
                "Type": "CanonicalUser"
            },
            "Permission": "FULL_CONTROL"
        }
    ]
}

to

{
    "Owner": {
        "DisplayName": "Nj9FF9jYTsyX2XniTw5Kqy3Zf91nbhdYiM",
        "ID": "Nj9FF9jYTsyX2XniTw5Kqy3Zf91nbhdYiM"
    },
    "Grants": [
        {
            "Grantee": {
                "DisplayName": "Nj9FF9jYTsyX2XniTw5Kqy3Zf91nbhdYiM",
                "ID": "Nj9FF9jYTsyX2XniTw5Kqy3Zf91nbhdYiM",
                "Type": "CanonicalUser"
            },
            "Permission": "FULL_CONTROL"
        }
    ]
}

@smallhive
go.mod: Use latest SDK
72dae9d 
Signed-off-by: Evgenii Baidakov <[email protected]>
roman-khimov
roman-khimov reviewed Aug 12, 2024
View reviewed changes
api/handler/acl.go Outdated
@@ -493,14 +493,18 @@ func (h *handler) PutBucketPolicyHandler(w http.ResponseWriter, r *http.Request)
}

func parseACLHeaders(header http.Header, key *keys.PublicKey) (*AccessControlPolicy, error) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why keeping the key here?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why not? We don't have a goal of completely removing pub keys support

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

But I think the only thing you do now with this key is getting an account. In which case the key is irrelevant and as S3 never sets any keys into ACLs, why should it care about them during parsing? I do want to make this easier to use in the end, we only have keys in NeoFS itself for compatibility and that can be reconsidered after some transition period.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I agree with this point of view. Replaced with user.ID

api/handler/acl.go Outdated Show resolved Hide resolved
api/handler/acl.go Outdated Show resolved Hide resolved
api/handler/acl.go Outdated Show resolved Hide resolved
api/handler/acl.go Outdated Show resolved Hide resolved
@roman-khimov roman-khimov added this to the v0.31.0 milestone Aug 12, 2024
@roman-khimov roman-khimov merged commit 37b5fb8 into master Aug 14, 2024
15 of 17 checks passed
@roman-khimov roman-khimov deleted the accounts-in-eacl branch August 14, 2024 06:20
This was referenced Aug 14, 2024
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@roman-khimov roman-khimov roman-khimov approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v0.31.0
Development

Successfully merging this pull request may close these issues.
2 participants
@smallhive @roman-khimov