Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Test attribute-based eACL for big objects #786

Closed
carpawell opened this issue Apr 23, 2024 · 0 comments
Closed

Test attribute-based eACL for big objects #786

carpawell opened this issue Apr 23, 2024 · 0 comments
Assignees
@carpawell
Labels
enhancement Improving existing functionality I3 Minimal impact S4 Routine U2 Seriously planned

Comments

@carpawell
Copy link
Member

carpawell commented Apr 23, 2024
edited
Loading

Context

We did a huge work to make it real: nspcc-dev/neofs-api#283, nspcc-dev/neofs-node#2716. Basically: restrict some operation by some attribute, make this operation with the attribute and big payload, make sure it was accepted and every child part (that does not have any attributes) is also accepted.

Solution Example

  1. Create a container with PUT available for OTHER roles and eACL flag should be set (the test should be able to set eACL tables)
  2. Create and set eACL for this container that restricts PUT operations for OTHER role
  3. Create a bearer token that allows OTHER role to PUT objects with test=test attribute and sign it
  4. Create another wallet
  5. Try to PUT big object with test=test attribute to the container using another wallet and attaching the bearer
  6. Try to GET it (just to be sure that parts were accepted OK and are available)

5. should be OK since the bearer overwrites eACL rules for such objects.
@roman-khimov roman-khimov added enhancement Improving existing functionality U2 Seriously planned S4 Routine I3 Minimal impact labels Apr 24, 2024
@roman-khimov roman-khimov changed the title [NEW TEST] Attributes eACL for big objects Test attribute-based eACL for big objects Apr 24, 2024
@carpawell carpawell self-assigned this Apr 27, 2024
carpawell added a commit that referenced this issue May 3, 2024
@carpawell
tests/object: Add attribute-based ACL test
18e6fd2 
This is an important case since this is the key functionality for
https://send.fs.neo.org. Closes #786.

Signed-off-by: Pavel Karpy <[email protected]>
carpawell added a commit that referenced this issue May 3, 2024
@carpawell
tests/object: Add attribute-based ACL test
22647ce 
This is an important case since this is the key functionality for
https://send.fs.neo.org. Closes #786.

Signed-off-by: Pavel Karpy <[email protected]>
carpawell added a commit that referenced this issue May 3, 2024
@carpawell
tests/object: Add attribute-based ACL test
0a308bf 
This is an important case since this is the key functionality for
https://send.fs.neo.org. Closes #786.

Signed-off-by: Pavel Karpy <[email protected]>
carpawell added a commit that referenced this issue May 3, 2024
@carpawell
tests/object: Add attribute-based ACL test
3973ab6 
This is an important case since this is the key functionality for
https://send.fs.neo.org. Closes #786.

Signed-off-by: Pavel Karpy <[email protected]>
carpawell added a commit that referenced this issue May 3, 2024
@carpawell
tests/object: Add attribute-based ACL test
70c2c06 
This is an important case since this is the key functionality for
https://send.fs.neo.org. Closes #786.

Signed-off-by: Pavel Karpy <[email protected]>
@roman-khimov roman-khimov mentioned this issue Sep 17, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@carpawell carpawell

Labels
enhancement Improving existing functionality I3 Minimal impact S4 Routine U2 Seriously planned
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@roman-khimov @carpawell