From 22b840c3649ebaed0bee942db180fb5aafbc5a5c Mon Sep 17 00:00:00 2001
From: oanatmaria <oana@aserto.com>
Date: Fri, 12 Jan 2024 16:25:34 +0200
Subject: [PATCH 1/2] Add policyRoot as option for Check middleware

---
 packages/flask-aserto/src/flask_aserto/aio/check.py      | 8 ++++++--
 packages/flask-aserto/src/flask_aserto/aio/middleware.py | 4 +++-
 packages/flask-aserto/src/flask_aserto/check.py          | 8 ++++++--
 packages/flask-aserto/src/flask_aserto/middleware.py     | 4 +++-
 4 files changed, 18 insertions(+), 6 deletions(-)

diff --git a/packages/flask-aserto/src/flask_aserto/aio/check.py b/packages/flask-aserto/src/flask_aserto/aio/check.py
index 8599585..a2d67fb 100644
--- a/packages/flask-aserto/src/flask_aserto/aio/check.py
+++ b/packages/flask-aserto/src/flask_aserto/aio/check.py
@@ -31,6 +31,7 @@ class CheckOptions:
     subjType: Optional[str] = ""
     subjMapper: Optional[IdentityMapper] = None
     policyPath: Optional[str] = ""
+    policyRoot: Optional[str] = ""
     policyPathMapper: Optional[StringMapper] = None
 
 
@@ -110,6 +111,7 @@ def _with_overrides(self, **kwargs: Any) -> "CheckMiddleware":
                     relationName=kwargs.get("relation_name", self._options.relationName),
                     relationMapper=kwargs.get("relation_mapper", self._options.relationMapper),
                     policyPath=kwargs.get("policy_path", self._options.policyPath),
+                    policyRoot=kwargs.get("policy_root", self._options.policyRoot),
                     subjMapper=kwargs.get("identity_provider", self._identity_provider),
                     objId=kwargs.get("object_id", self._options.objId),
                     objType=kwargs.get("object_type", self._options.objType),
@@ -128,7 +130,9 @@ async def mapper() -> str:
                 policy_path = await self._options.policyPathMapper()
             if policy_path == "":
                 policy_path = "check"
-                if self._aserto_middleware._policy_path_root != "":
+                if self._options.policyRoot:
+                    policy_path = self._options.policyRoot + "." + policy_path
+                elif self._aserto_middleware._policy_path_root != "":
                     policy_path = self._aserto_middleware._policy_path_root + "." + policy_path
             return policy_path
         
@@ -179,7 +183,7 @@ async def decorated(*args: Any, **kwargs: Any) -> Response:
                 identity_provider=self._identity_provider,
                 policy_instance_name=self._aserto_middleware._policy_instance_name or "",
                 policy_instance_label=self._aserto_middleware._policy_instance_label or "",
-                policy_path_root=self._aserto_middleware._policy_path_root,
+                policy_path_root=self._options.policyRoot or self._aserto_middleware._policy_path_root,
                 policy_path_resolver=policy_mapper,
                 resource_context_provider=resource_context,
             )
diff --git a/packages/flask-aserto/src/flask_aserto/aio/middleware.py b/packages/flask-aserto/src/flask_aserto/aio/middleware.py
index 9adbfeb..b32a3aa 100644
--- a/packages/flask-aserto/src/flask_aserto/aio/middleware.py
+++ b/packages/flask-aserto/src/flask_aserto/aio/middleware.py
@@ -203,12 +203,14 @@ def check(
         subjType: Optional[str] = "",
         subjMapper: Optional[IdentityMapper] = None,
         policyPath: Optional[str] = "",
+        policyRoot: Optional[str] = "",
         policyPathMapper: Optional[StringMapper] = None,
     ) -> CheckMiddleware:
         opts = CheckOptions(
             objId=objId, objType=objType,objIdMapper=objIdMapper,
             objMapper=objMapper, relationName=relationName, relationMapper=relationMapper,
-            subjType=subjType, subjMapper=subjMapper, policyPath=policyPath, policyPathMapper=policyPathMapper)
+            subjType=subjType, subjMapper=subjMapper, policyRoot=policyRoot,
+            policyPath=policyPath, policyPathMapper=policyPathMapper)
         return CheckMiddleware(options=opts, aserto_middleware=self)
 
     def register_display_state_map(
diff --git a/packages/flask-aserto/src/flask_aserto/check.py b/packages/flask-aserto/src/flask_aserto/check.py
index 1c15cd1..db8fd04 100644
--- a/packages/flask-aserto/src/flask_aserto/check.py
+++ b/packages/flask-aserto/src/flask_aserto/check.py
@@ -31,6 +31,7 @@ class CheckOptions:
     subjType: Optional[str] = ""
     subjMapper: Optional[IdentityMapper] = None
     policyPath: Optional[str] = ""
+    policyRoot: Optional[str] = ""
     policyPathMapper: Optional[StringMapper] = None
 
 
@@ -110,6 +111,7 @@ def _with_overrides(self, **kwargs: Any) -> "CheckMiddleware":
                     relationName=kwargs.get("relation_name", self._options.relationName),
                     relationMapper=kwargs.get("relation_mapper", self._options.relationMapper),
                     policyPath=kwargs.get("policy_path", self._options.policyPath),
+                    policyRoot=kwargs.get("policy_root", self._options.policyRoot),
                     subjMapper=kwargs.get("identity_provider", self._identity_provider),
                     objId=kwargs.get("object_id", self._options.objId),
                     objType=kwargs.get("object_type", self._options.objType),
@@ -128,7 +130,9 @@ def mapper() -> str:
                 policy_path = self._options.policyPathMapper()
             if policy_path == "":
                 policy_path = "check"
-                if self._aserto_middleware._policy_path_root != "":
+                if self._options.policyRoot:
+                    policy_path = self._options.policyRoot + "." + policy_path
+                elif self._aserto_middleware._policy_path_root != "":
                     policy_path = self._aserto_middleware._policy_path_root + "." + policy_path
             return policy_path
         
@@ -178,7 +182,7 @@ def decorated(*args: Any, **kwargs: Any) -> Response:
                 identity_provider=self._identity_provider,
                 policy_instance_name=self._aserto_middleware._policy_instance_name or "",
                 policy_instance_label=self._aserto_middleware._policy_instance_label or "",
-                policy_path_root=self._aserto_middleware._policy_path_root,
+                policy_path_root=self._options.policyRoot or self._aserto_middleware._policy_path_root,
                 policy_path_resolver=policy_mapper,
                 resource_context_provider=self._resource_context_provider,
             )
diff --git a/packages/flask-aserto/src/flask_aserto/middleware.py b/packages/flask-aserto/src/flask_aserto/middleware.py
index eebff1b..ad7197b 100644
--- a/packages/flask-aserto/src/flask_aserto/middleware.py
+++ b/packages/flask-aserto/src/flask_aserto/middleware.py
@@ -195,12 +195,14 @@ def check(
         subjType: Optional[str] = "",
         subjMapper: Optional[IdentityMapper] = None,
         policyPath: Optional[str] = "",
+        policyRoot: Optional[str] = "",
         policyPathMapper: Optional[StringMapper] = None,
     ) -> CheckMiddleware:
         opts = CheckOptions(
             objId=objId, objType=objType,objIdMapper=objIdMapper,
             objMapper=objMapper, relationName=relationName, relationMapper=relationMapper,
-            subjType=subjType, subjMapper=subjMapper, policyPath=policyPath, policyPathMapper=policyPathMapper)
+            subjType=subjType, subjMapper=subjMapper, policyRoot=policyRoot,
+            policyPath=policyPath, policyPathMapper=policyPathMapper)
         return CheckMiddleware(options=opts, aserto_middleware=self)
 
     def register_display_state_map(

From 7d64ec2e91f1fdf4ab25ce1237ee5a40763f0ca7 Mon Sep 17 00:00:00 2001
From: oanatmaria <oana@aserto.com>
Date: Fri, 12 Jan 2024 16:35:16 +0200
Subject: [PATCH 2/2] Fix comments

---
 packages/flask-aserto/src/flask_aserto/aio/check.py | 7 +++----
 packages/flask-aserto/src/flask_aserto/check.py     | 7 +++----
 2 files changed, 6 insertions(+), 8 deletions(-)

diff --git a/packages/flask-aserto/src/flask_aserto/aio/check.py b/packages/flask-aserto/src/flask_aserto/aio/check.py
index a2d67fb..cb9fd76 100644
--- a/packages/flask-aserto/src/flask_aserto/aio/check.py
+++ b/packages/flask-aserto/src/flask_aserto/aio/check.py
@@ -130,10 +130,9 @@ async def mapper() -> str:
                 policy_path = await self._options.policyPathMapper()
             if policy_path == "":
                 policy_path = "check"
-                if self._options.policyRoot:
-                    policy_path = self._options.policyRoot + "." + policy_path
-                elif self._aserto_middleware._policy_path_root != "":
-                    policy_path = self._aserto_middleware._policy_path_root + "." + policy_path
+                policy_root = self._options.policyRoot or self._aserto_middleware._policy_path_root
+                if policy_root:
+                    policy_path = f"{policy_root}.{policy_path}"
             return policy_path
         
         return mapper
diff --git a/packages/flask-aserto/src/flask_aserto/check.py b/packages/flask-aserto/src/flask_aserto/check.py
index db8fd04..45a70cb 100644
--- a/packages/flask-aserto/src/flask_aserto/check.py
+++ b/packages/flask-aserto/src/flask_aserto/check.py
@@ -130,10 +130,9 @@ def mapper() -> str:
                 policy_path = self._options.policyPathMapper()
             if policy_path == "":
                 policy_path = "check"
-                if self._options.policyRoot:
-                    policy_path = self._options.policyRoot + "." + policy_path
-                elif self._aserto_middleware._policy_path_root != "":
-                    policy_path = self._aserto_middleware._policy_path_root + "." + policy_path
+                policy_root = self._options.policyRoot or self._aserto_middleware._policy_path_root
+                if policy_root:
+                    policy_path = f"{policy_root}.{policy_path}"
             return policy_path
         
         return mapper