Commit 0dff91c8 authored by Claudia Carballo Gonzalez's avatar Claudia Carballo Gonzalez
Browse files

Adding some comments to improve the logic in visibility_control_core.py

parent fe9999a6
Loading
Loading
Loading
Loading
Loading
+18 −3
Original line number Diff line number Diff line
@@ -297,6 +297,7 @@ def get_discoverable_apis(api_invoker_id, all_apis):
        # No rules = default ALLOW (all APIs visible)
        return all_apis

    # Note: The rule can have ALLOW or DENY as default access. The point is to check the exceptions for the final decision (filtered APIs)
    has_allow_rules = any(
        rule.get('default_access', rule.get('defaultAccess', 'ALLOW')) == 'ALLOW'
        for rule in active_rules
@@ -318,6 +319,12 @@ def get_discoverable_apis(api_invoker_id, all_apis):

def _invoker_allowed_by_rule(api_invoker_id, api, rules, default_allow_no_match=True):
    """
    Note_CCG: Here we should only call the _rule_specificity (the list 
    with the API and the winner rule). Before (out of this method) execute the logic to match rules 
    with APIs and with the invoker. Then, we should check if the invoker is allowed or denied to discover 
    each API based on the default access of the winner rule and the invoker exception. Note than even 
    if a rule doesn´t explicitly mention invoker_id, it can affect the Invoker.

    Check if an invoker is allowed to see an API based on the rules.
    
    :param api_invoker_id: The invoker ID
@@ -339,6 +346,8 @@ def _invoker_allowed_by_rule(api_invoker_id, api, rules, default_allow_no_match=

def _rule_matches_api(rule, api):
    """
    Note_CCG: here we should have as result, for each API, the corresponding rules (zero, one or more)
    
    Check if a rule matches an API based on provider selector.

    :param rule: The visibility rule
@@ -395,7 +404,9 @@ def _rule_matches_api(rule, api):

def _rule_matches_invoker(rule, api_invoker_id):
    """
    Check if a rule matches an invoker based on invoker selector.
    Note_CCG: Here we should call _rule_matches_api and filter, before choosing the winner rule, 
    the rules that match with the Invoker.
    Consider that a rule can apply to an invoker even if the id is not explictly mentioned. 

    :param rule: The visibility rule
    :param api_invoker_id: The invoker ID
@@ -419,6 +430,10 @@ def _rule_matches_invoker(rule, api_invoker_id):

def _rule_specificity(rule):
    """
    Note_CCG: to call here _rule_matches_invoker and use the result as an output to execute the specificity 
    function. For each API, select the winner rule 
    (the one with higher specificity).
    ----
    Calculate rule specificity for ordering.
    Higher specificity = more specific selectors = higher priority.