From 46102c19421fc6aa2283b6dce4bb0dd1c12aa1dd Mon Sep 17 00:00:00 2001
From: Michal Niewrzal <michal@storj.io>
Date: Tue, 24 Nov 2020 17:23:47 +0100
Subject: [PATCH] satellite/metainfo: change ListSegments required permission
 to Read/Download

We should treat listing segments as a part of download process, not
listing.

Change-Id: Iae72c97c77976c427f668a96486af613d58da3b9
---
 go.mod                              |  2 +-
 go.sum                              |  6 ++----
 satellite/metainfo/metainfo.go      |  2 +-
 satellite/metainfo/metainfo_test.go | 26 ++++++++++++++++----------
 4 files changed, 20 insertions(+), 16 deletions(-)

diff --git a/go.mod b/go.mod
index 73c409b04..9d820c2f9 100644
--- a/go.mod
+++ b/go.mod
@@ -46,5 +46,5 @@ require (
 	storj.io/drpc v0.0.16
 	storj.io/monkit-jaeger v0.0.0-20200518165323-80778fc3f91b
 	storj.io/private v0.0.0-20201026143115-bc926bfa3bca
-	storj.io/uplink v1.3.2-0.20201109124414-ccb0c91f4a8c
+	storj.io/uplink v1.3.2-0.20201124092040-5a7d9fd28037
 )
diff --git a/go.sum b/go.sum
index 8fc2bbd11..fc2b700c2 100644
--- a/go.sum
+++ b/go.sum
@@ -904,8 +904,6 @@ sourcegraph.com/sourcegraph/go-diff v0.5.0/go.mod h1:kuch7UrkMzY0X+p9CRK03kfuPQ2
 sourcegraph.com/sqs/pbtypes v0.0.0-20180604144634-d3ebe8f20ae4/go.mod h1:ketZ/q3QxT9HOBeFhu6RdvsftgpsbFHBF5Cas6cDKZ0=
 storj.io/common v0.0.0-20200424175742-65ac59022f4f/go.mod h1:pZyXiIE7bGETIRXtfs0nICqMwp7PM8HqnDuyUeldNA0=
 storj.io/common v0.0.0-20201026135900-1aaeec90670b/go.mod h1:GqdmNf3fLm2UZX/7Zr0BLFCJ4gFjgm6eHrk/fnmr5jQ=
-storj.io/common v0.0.0-20201106104920-372a344bdd45 h1:pv552R7MiRA8VLQC4qXczLjbl2Qb/MNyus2E9NBSXgI=
-storj.io/common v0.0.0-20201106104920-372a344bdd45/go.mod h1:ZkQZup2jpFZvvTgz+yPc7K4Vr4bBHM8AA66P57MZkjk=
 storj.io/common v0.0.0-20201119173627-1cdb53f04fad h1:DTQYc1yH+XwOFx8Dy6CBhLG9eCmYJ5YuK/eRIOxX03A=
 storj.io/common v0.0.0-20201119173627-1cdb53f04fad/go.mod h1:Cl1rpX3ZfVpOLw0Al6nRGwPbw2DwwXFF5J/63Nf4Sd8=
 storj.io/drpc v0.0.11/go.mod h1:TiFc2obNjL9/3isMW1Rpxjy8V9uE0B2HMeMFGiiI7Iw=
@@ -918,5 +916,5 @@ storj.io/monkit-jaeger v0.0.0-20200518165323-80778fc3f91b h1:Bbg9JCtY6l3HrDxs3BX
 storj.io/monkit-jaeger v0.0.0-20200518165323-80778fc3f91b/go.mod h1:gj4vuCeyCRjRmH8LIrgoyU9Dc9uR6H+/GcDUXmTbf80=
 storj.io/private v0.0.0-20201026143115-bc926bfa3bca h1:ekR7vtUYC5+cDyim0ZJaSZeXidyzQqDYsnFPYXgTozc=
 storj.io/private v0.0.0-20201026143115-bc926bfa3bca/go.mod h1:EaLnIyNyqWQUJB+7+KWVez0In9czl0nHHlm2WobebuA=
-storj.io/uplink v1.3.2-0.20201109124414-ccb0c91f4a8c h1:o+bxDRF7QvNCOM7lZI8EBV6xridymSt6Lljy/kmmPeA=
-storj.io/uplink v1.3.2-0.20201109124414-ccb0c91f4a8c/go.mod h1:mrdt4I4EhPRC7cnvCD5490IBm423pgKrVoUiC9a5Srg=
+storj.io/uplink v1.3.2-0.20201124092040-5a7d9fd28037 h1:eLghzivdM7EL9hCbu8/67j8DPQRMCo05Ip1uxFqSQC4=
+storj.io/uplink v1.3.2-0.20201124092040-5a7d9fd28037/go.mod h1:Q1fZcoghFLoCFYa/E9gyhezTVRwXFNVVfMysExQokVY=
diff --git a/satellite/metainfo/metainfo.go b/satellite/metainfo/metainfo.go
index 99c0d8532..7613125d5 100644
--- a/satellite/metainfo/metainfo.go
+++ b/satellite/metainfo/metainfo.go
@@ -1587,7 +1587,7 @@ func (endpoint *Endpoint) ListSegments(ctx context.Context, req *pb.SegmentListR
 	}
 
 	_, err = endpoint.validateAuth(ctx, req.Header, macaroon.Action{
-		Op:            macaroon.ActionList,
+		Op:            macaroon.ActionRead,
 		Bucket:        streamID.Bucket,
 		EncryptedPath: streamID.EncryptedPath,
 		Time:          time.Now(),
diff --git a/satellite/metainfo/metainfo_test.go b/satellite/metainfo/metainfo_test.go
index c5459b1d2..ee20969ae 100644
--- a/satellite/metainfo/metainfo_test.go
+++ b/satellite/metainfo/metainfo_test.go
@@ -179,7 +179,7 @@ func TestRevokeMacaroon(t *testing.T) {
 		err = client.CommitObject(ctx, metainfo.CommitObjectParams{StreamID: encodedStreamID})
 		assert.True(t, errs2.IsRPC(err, rpcstatus.PermissionDenied))
 
-		_, _, _, err = client.BeginSegment(ctx, metainfo.BeginSegmentParams{StreamID: encodedStreamID})
+		_, err = client.BeginSegment(ctx, metainfo.BeginSegmentParams{StreamID: encodedStreamID})
 		assert.True(t, errs2.IsRPC(err, rpcstatus.PermissionDenied))
 
 		err = client.MakeInlineSegment(ctx, metainfo.MakeInlineSegmentParams{StreamID: encodedStreamID})
@@ -188,6 +188,9 @@ func TestRevokeMacaroon(t *testing.T) {
 		_, _, err = client.DownloadSegment(ctx, metainfo.DownloadSegmentParams{StreamID: encodedStreamID})
 		assert.True(t, errs2.IsRPC(err, rpcstatus.PermissionDenied))
 
+		_, err = client.ListSegments(ctx, metainfo.ListSegmentsParams{StreamID: encodedStreamID})
+		assert.True(t, errs2.IsRPC(err, rpcstatus.PermissionDenied))
+
 		// these methods needs SegmentID
 
 		signedSegmentID, err := satMetainfo.SignSegmentID(ctx, signer, &internalpb.SegmentID{
@@ -270,7 +273,7 @@ func TestInvalidAPIKey(t *testing.T) {
 				err = client.CommitObject(ctx, metainfo.CommitObjectParams{StreamID: streamID})
 				assertInvalidArgument(t, err, false)
 
-				_, _, _, err = client.BeginSegment(ctx, metainfo.BeginSegmentParams{StreamID: streamID})
+				_, err = client.BeginSegment(ctx, metainfo.BeginSegmentParams{StreamID: streamID})
 				assertInvalidArgument(t, err, false)
 
 				err = client.MakeInlineSegment(ctx, metainfo.MakeInlineSegmentParams{StreamID: streamID})
@@ -279,6 +282,9 @@ func TestInvalidAPIKey(t *testing.T) {
 				_, _, err = client.DownloadSegment(ctx, metainfo.DownloadSegmentParams{StreamID: streamID})
 				assertInvalidArgument(t, err, false)
 
+				_, err = client.ListSegments(ctx, metainfo.ListSegmentsParams{StreamID: streamID})
+				assertInvalidArgument(t, err, false)
+
 				// these methods needs SegmentID
 
 				signedSegmentID, err := satMetainfo.SignSegmentID(ctx, signer, &internalpb.SegmentID{
@@ -639,7 +645,7 @@ func TestBeginCommit(t *testing.T) {
 		beginObjectResponse, err := metainfoClient.BeginObject(ctx, params)
 		require.NoError(t, err)
 
-		segmentID, limits, _, err := metainfoClient.BeginSegment(ctx, metainfo.BeginSegmentParams{
+		response, err := metainfoClient.BeginSegment(ctx, metainfo.BeginSegmentParams{
 			StreamID: beginObjectResponse.StreamID,
 			Position: storj.SegmentPosition{
 				Index: 0,
@@ -654,9 +660,9 @@ func TestBeginCommit(t *testing.T) {
 		}
 
 		makeResult := func(num int32) *pb.SegmentPieceUploadResult {
-			nodeID := limits[num].Limit.StorageNodeId
+			nodeID := response.Limits[num].Limit.StorageNodeId
 			hash := &pb.PieceHash{
-				PieceId:   limits[num].Limit.PieceId,
+				PieceId:   response.Limits[num].Limit.PieceId,
 				PieceSize: 1048832,
 				Timestamp: time.Now(),
 			}
@@ -674,7 +680,7 @@ func TestBeginCommit(t *testing.T) {
 			}
 		}
 		err = metainfoClient.CommitSegment(ctx, metainfo.CommitSegmentParams{
-			SegmentID: segmentID,
+			SegmentID: response.SegmentID,
 
 			SizeEncryptedData: memory.MiB.Int64(),
 			UploadResult: []*pb.SegmentPieceUploadResult{
@@ -1521,7 +1527,7 @@ func TestCommitObjectMetadataSize(t *testing.T) {
 		beginObjectResponse, err := metainfoClient.BeginObject(ctx, params)
 		require.NoError(t, err)
 
-		segmentID, limits, _, err := metainfoClient.BeginSegment(ctx, metainfo.BeginSegmentParams{
+		response, err := metainfoClient.BeginSegment(ctx, metainfo.BeginSegmentParams{
 			StreamID: beginObjectResponse.StreamID,
 			Position: storj.SegmentPosition{
 				Index: 0,
@@ -1536,9 +1542,9 @@ func TestCommitObjectMetadataSize(t *testing.T) {
 		}
 
 		makeResult := func(num int32) *pb.SegmentPieceUploadResult {
-			nodeID := limits[num].Limit.StorageNodeId
+			nodeID := response.Limits[num].Limit.StorageNodeId
 			hash := &pb.PieceHash{
-				PieceId:   limits[num].Limit.PieceId,
+				PieceId:   response.Limits[num].Limit.PieceId,
 				PieceSize: 1048832,
 				Timestamp: time.Now(),
 			}
@@ -1556,7 +1562,7 @@ func TestCommitObjectMetadataSize(t *testing.T) {
 			}
 		}
 		err = metainfoClient.CommitSegment(ctx, metainfo.CommitSegmentParams{
-			SegmentID: segmentID,
+			SegmentID: response.SegmentID,
 			Encryption: storj.SegmentEncryption{
 				EncryptedKey: []byte{1},
 			},