diff --git a/packages/flask-aserto/src/flask_aserto/aio/check.py b/packages/flask-aserto/src/flask_aserto/aio/check.py index 8599585..cb9fd76 100644 --- a/packages/flask-aserto/src/flask_aserto/aio/check.py +++ b/packages/flask-aserto/src/flask_aserto/aio/check.py @@ -31,6 +31,7 @@ class CheckOptions: subjType: Optional[str] = "" subjMapper: Optional[IdentityMapper] = None policyPath: Optional[str] = "" + policyRoot: Optional[str] = "" policyPathMapper: Optional[StringMapper] = None @@ -110,6 +111,7 @@ def _with_overrides(self, **kwargs: Any) -> "CheckMiddleware": relationName=kwargs.get("relation_name", self._options.relationName), relationMapper=kwargs.get("relation_mapper", self._options.relationMapper), policyPath=kwargs.get("policy_path", self._options.policyPath), + policyRoot=kwargs.get("policy_root", self._options.policyRoot), subjMapper=kwargs.get("identity_provider", self._identity_provider), objId=kwargs.get("object_id", self._options.objId), objType=kwargs.get("object_type", self._options.objType), @@ -128,8 +130,9 @@ async def mapper() -> str: policy_path = await self._options.policyPathMapper() if policy_path == "": policy_path = "check" - if self._aserto_middleware._policy_path_root != "": - policy_path = self._aserto_middleware._policy_path_root + "." + policy_path + policy_root = self._options.policyRoot or self._aserto_middleware._policy_path_root + if policy_root: + policy_path = f"{policy_root}.{policy_path}" return policy_path return mapper @@ -179,7 +182,7 @@ async def decorated(*args: Any, **kwargs: Any) -> Response: identity_provider=self._identity_provider, policy_instance_name=self._aserto_middleware._policy_instance_name or "", policy_instance_label=self._aserto_middleware._policy_instance_label or "", - policy_path_root=self._aserto_middleware._policy_path_root, + policy_path_root=self._options.policyRoot or self._aserto_middleware._policy_path_root, policy_path_resolver=policy_mapper, resource_context_provider=resource_context, ) diff --git a/packages/flask-aserto/src/flask_aserto/aio/middleware.py b/packages/flask-aserto/src/flask_aserto/aio/middleware.py index 9adbfeb..b32a3aa 100644 --- a/packages/flask-aserto/src/flask_aserto/aio/middleware.py +++ b/packages/flask-aserto/src/flask_aserto/aio/middleware.py @@ -203,12 +203,14 @@ def check( subjType: Optional[str] = "", subjMapper: Optional[IdentityMapper] = None, policyPath: Optional[str] = "", + policyRoot: Optional[str] = "", policyPathMapper: Optional[StringMapper] = None, ) -> CheckMiddleware: opts = CheckOptions( objId=objId, objType=objType,objIdMapper=objIdMapper, objMapper=objMapper, relationName=relationName, relationMapper=relationMapper, - subjType=subjType, subjMapper=subjMapper, policyPath=policyPath, policyPathMapper=policyPathMapper) + subjType=subjType, subjMapper=subjMapper, policyRoot=policyRoot, + policyPath=policyPath, policyPathMapper=policyPathMapper) return CheckMiddleware(options=opts, aserto_middleware=self) def register_display_state_map( diff --git a/packages/flask-aserto/src/flask_aserto/check.py b/packages/flask-aserto/src/flask_aserto/check.py index 1c15cd1..45a70cb 100644 --- a/packages/flask-aserto/src/flask_aserto/check.py +++ b/packages/flask-aserto/src/flask_aserto/check.py @@ -31,6 +31,7 @@ class CheckOptions: subjType: Optional[str] = "" subjMapper: Optional[IdentityMapper] = None policyPath: Optional[str] = "" + policyRoot: Optional[str] = "" policyPathMapper: Optional[StringMapper] = None @@ -110,6 +111,7 @@ def _with_overrides(self, **kwargs: Any) -> "CheckMiddleware": relationName=kwargs.get("relation_name", self._options.relationName), relationMapper=kwargs.get("relation_mapper", self._options.relationMapper), policyPath=kwargs.get("policy_path", self._options.policyPath), + policyRoot=kwargs.get("policy_root", self._options.policyRoot), subjMapper=kwargs.get("identity_provider", self._identity_provider), objId=kwargs.get("object_id", self._options.objId), objType=kwargs.get("object_type", self._options.objType), @@ -128,8 +130,9 @@ def mapper() -> str: policy_path = self._options.policyPathMapper() if policy_path == "": policy_path = "check" - if self._aserto_middleware._policy_path_root != "": - policy_path = self._aserto_middleware._policy_path_root + "." + policy_path + policy_root = self._options.policyRoot or self._aserto_middleware._policy_path_root + if policy_root: + policy_path = f"{policy_root}.{policy_path}" return policy_path return mapper @@ -178,7 +181,7 @@ def decorated(*args: Any, **kwargs: Any) -> Response: identity_provider=self._identity_provider, policy_instance_name=self._aserto_middleware._policy_instance_name or "", policy_instance_label=self._aserto_middleware._policy_instance_label or "", - policy_path_root=self._aserto_middleware._policy_path_root, + policy_path_root=self._options.policyRoot or self._aserto_middleware._policy_path_root, policy_path_resolver=policy_mapper, resource_context_provider=self._resource_context_provider, ) diff --git a/packages/flask-aserto/src/flask_aserto/middleware.py b/packages/flask-aserto/src/flask_aserto/middleware.py index eebff1b..ad7197b 100644 --- a/packages/flask-aserto/src/flask_aserto/middleware.py +++ b/packages/flask-aserto/src/flask_aserto/middleware.py @@ -195,12 +195,14 @@ def check( subjType: Optional[str] = "", subjMapper: Optional[IdentityMapper] = None, policyPath: Optional[str] = "", + policyRoot: Optional[str] = "", policyPathMapper: Optional[StringMapper] = None, ) -> CheckMiddleware: opts = CheckOptions( objId=objId, objType=objType,objIdMapper=objIdMapper, objMapper=objMapper, relationName=relationName, relationMapper=relationMapper, - subjType=subjType, subjMapper=subjMapper, policyPath=policyPath, policyPathMapper=policyPathMapper) + subjType=subjType, subjMapper=subjMapper, policyRoot=policyRoot, + policyPath=policyPath, policyPathMapper=policyPathMapper) return CheckMiddleware(options=opts, aserto_middleware=self) def register_display_state_map(