3scale · davidor · Jul 8, 2019 · Jul 3, 2019 · Jul 5, 2019 · Jul 5, 2019
@@ -9,6 +9,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/).
 ### Added
 
 - Extended variables in Liquid template operations [PR #1081](https://github.com/3scale/APIcast/pull/1081) 
+- Introduce possibility of specifying policy order restrictions in their schemas. APIcast now shows a warning when those restrictions are not respected [#1088](https://github.com/3scale/APIcast/pull/1088), [THREESCALE-2896](https://issues.jboss.org/browse/THREESCALE-2896)
 
 ## [3.6.0-beta1] - 2019-06-18
 

@@ -77,7 +77,9 @@ local function build_policy_chain(policies)
       end
   end
 
-  return policy_chain.new(chain)
+  local built_chain = policy_chain.new(chain)
+  built_chain:check_order()
+  return built_chain
 end
 
 function _M.parse_service(service)

@@ -17,7 +17,7 @@ local ipairs = ipairs
 local default_auths_ttl = 10
 local default_batch_reports_seconds = 10
 
-local _M, mt = policy.new('3scale Batcher policy')
+local _M, mt = policy.new('3scale Batcher policy', 'builtin')
 
 local new = _M.new
 

@@ -1,5 +1,5 @@
 {
-  "$schema": "http://apicast.io/policy-v1/schema#manifest#",
+  "$schema": "http://apicast.io/policy-v1.1/schema#manifest#",
   "name": "3scale batcher",
   "summary": "Caches auths from 3scale backend and batches reports.",
   "description":

@@ -1,5 +1,5 @@
 local policy = require('apicast.policy')
-local _M = policy.new('3scale Referrer policy')
+local _M = policy.new('3scale Referrer policy', 'builtin')
 
 function _M.rewrite(_, context)
   local referrer = ngx.var.http_referer

@@ -1,5 +1,5 @@
 {
-  "$schema": "http://apicast.io/policy-v1/schema#manifest#",
+  "$schema": "http://apicast.io/policy-v1.1/schema#manifest#",
   "name": "3scale Referrer",
   "summary": "Sends the 'Referer' to 3scale backend so it can be validated.",
   "description": "Sends the 'Referer' to 3scale backend for validation.",

@@ -1,5 +1,5 @@
 {
-  "$schema": "http://apicast.io/policy-v1/schema#manifest#",
+  "$schema": "http://apicast.io/policy-v1.1/schema#manifest#",
   "name": "3scale APIcast",
   "summary": "Main functionality of APIcast to work with the 3scale API manager.",
   "description":

@@ -6,7 +6,7 @@ local assert = assert
 
 local user_agent = require('apicast.user_agent')
 
-local _M = require('apicast.policy').new('APIcast', require('apicast.version'))
+local _M = require('apicast.policy').new('APIcast', 'builtin')
 
 local mt = {
   __index = _M

@@ -1,5 +1,5 @@
 {
-  "$schema": "http://apicast.io/policy-v1/schema#manifest#",
+  "$schema": "http://apicast.io/policy-v1.1/schema#manifest#",
   "name": "3scale auth caching",
   "summary": "Controls how to cache authorizations returned by the 3scale backend.",
   "description":

@@ -18,7 +18,7 @@
 --   - None: disables caching.
 
 local policy = require('apicast.policy')
-local _M = policy.new('Caching policy')
+local _M = policy.new('Caching policy', 'builtin')
 
 local new = _M.new
 

@@ -1,5 +1,5 @@
 {
-  "$schema": "http://apicast.io/policy-v1/schema#manifest#",
+  "$schema": "http://apicast.io/policy-v1.1/schema#manifest#",
   "name": "Conditional policy [Tech preview]",
   "summary": "Executes a policy chain conditionally.",
   "description": [

@@ -8,7 +8,7 @@ local Condition = require('apicast.conditions.condition')
 local Operation = require('apicast.conditions.operation')
 local ngx_variable = require('apicast.policy.ngx_variable')
 
-local _M = policy.new('Conditional policy')
+local _M = policy.new('Conditional policy', 'builtin')
 
 local new = _M.new
 

@@ -1,5 +1,5 @@
 {
-  "$schema": "http://apicast.io/policy-v1/schema#manifest#",
+  "$schema": "http://apicast.io/policy-v1.1/schema#manifest#",
   "name": "CORS",
   "summary": "Enables CORS (Cross Origin Resource Sharing) request handling.",
   "description":
@@ -9,6 +9,14 @@
      "When combined with the APIcast policy, the CORS policy should be ",
      "placed before it in the chain."],
   "version": "builtin",
+  "order": {
+    "before": [
+      {
+        "name": "apicast",
+        "version": "builtin"
+      }
+    ]
+  },
   "configuration": {
     "type": "object",
     "properties": {

@@ -14,7 +14,7 @@
 -- 'example.com' too.
 
 local policy = require('apicast.policy')
-local _M = policy.new('CORS Policy')
+local _M = policy.new('CORS Policy', 'builtin')
 
 local new = _M.new
 

@@ -1,5 +1,5 @@
 {
-  "$schema": "http://apicast.io/policy-v1/schema#manifest#",
+  "$schema": "http://apicast.io/policy-v1.1/schema#manifest#",
   "name": "Anonymous access",
   "summary": "Provides default credentials for unauthenticated requests.",
   "description":
@@ -11,6 +11,14 @@
      "You need to configure a user_key; or, the combination of app_id + app_key. \n",
      "Note: this policy should be placed before the APIcast policy in the chain."],
   "version": "builtin",
+  "order": {
+    "before": [
+      {
+        "name": "apicast",
+        "version": "builtin"
+      }
+    ]
+  },
   "configuration": {
     "type":"object",
     "properties":{

@@ -3,7 +3,7 @@
 local tostring = tostring
 
 local policy = require('apicast.policy')
-local _M = policy.new('Default credentials policy')
+local _M = policy.new('Default credentials policy', 'builtin')
 
 local new = _M.new
 

@@ -1,5 +1,5 @@
 {
-  "$schema": "http://apicast.io/policy-v1/schema#manifest#",
+  "$schema": "http://apicast.io/policy-v1.1/schema#manifest#",
   "name": "Echo",
   "summary": "Prints the request back to the client and optionally sets a status code.",
   "description":

@@ -3,7 +3,7 @@
 -- Also can interrupt the execution and skip the current phase or
 -- the whole processing of the request.
 
-local _M  = require('apicast.policy').new('Echo Policy')
+local _M  = require('apicast.policy').new('Echo Policy', 'builtin')
 local cjson = require('cjson')
 
 local tonumber = tonumber

@@ -1,5 +1,5 @@
 {
-  "$schema": "http://apicast.io/policy-v1/schema#manifest#",
+  "$schema": "http://apicast.io/policy-v1.1/schema#manifest#",
   "name": "Header modification",
   "summary": "Allows to include custom headers.",
   "description":

@@ -14,7 +14,7 @@ local TemplateString = require 'apicast.template_string'
 local default_value_type = 'plain'
 
 local policy = require('apicast.policy')
-local _M = policy.new('Headers policy')
+local _M = policy.new('Headers policy', 'builtin')
 
 local new = _M.new
 

@@ -1,5 +1,5 @@
 {
-  "$schema": "http://apicast.io/policy-v1/schema#manifest#",
+  "$schema": "http://apicast.io/policy-v1.1/schema#manifest#",
   "name": "IP check",
   "summary": "Accepts or denies a request based on the IP.",
   "description": [

@@ -2,7 +2,7 @@ local iputils = require("resty.iputils")
 local ClientIP = require('apicast.policy.ip_check.client_ip')
 
 local policy = require('apicast.policy')
-local _M = policy.new('IP check policy')
+local _M = policy.new('IP check policy', 'builtin')
 
 local new = _M.new
 

@@ -1,5 +1,5 @@
 {
-  "$schema": "http://apicast.io/policy-v1/schema#manifest#",
+  "$schema": "http://apicast.io/policy-v1.1/schema#manifest#",
   "name": "JWT Claim Check",
   "summary": "Allow or deny traffic based on a JWT claim",
   "description": [

@@ -1,5 +1,5 @@
 local policy = require('apicast.policy')
-local _M = policy.new('JWT check policy')
+local _M = policy.new('JWT check policy', 'builtin')
 
 local Condition = require('apicast.conditions.condition')
 local MappingRule = require('apicast.mapping_rule')

@@ -1,5 +1,5 @@
 {
-  "$schema": "http://apicast.io/policy-v1/schema#manifest#",
+  "$schema": "http://apicast.io/policy-v1.1/schema#manifest#",
   "name": "RH-SSO/Keycloak role check",
   "summary": "Adds role check with Keycloak.",
   "description": [

@@ -50,7 +50,7 @@
 -- ]
 
 local policy = require('apicast.policy')
-local _M = policy.new('Keycloak Role Check Policy')
+local _M = policy.new('Keycloak Role Check Policy', 'builtin')
 
 local ipairs = ipairs
 local MappingRule = require('apicast.mapping_rule')

@@ -1,5 +1,5 @@
 {
-  "$schema": "http://apicast.io/policy-v1/schema#manifest#",
+  "$schema": "http://apicast.io/policy-v1.1/schema#manifest#",
   "name": "Liquid context debug",
   "summary": "Inspects the available liquid context.",
   "description": [
@@ -16,6 +16,22 @@
     "references."
   ],
   "version": "builtin",
+  "order": {
+    "before": [
+      {
+        "name": "apicast",
+        "version": "builtin"
+      },
+      {
+        "name": "upstream",
+        "version": "builtin"
+      },
+      {
+        "name": "routing",
+        "version": "builtin"
+      }
+    ]
+  },
   "configuration": {
     "type": "object",
     "properties": {

@@ -2,7 +2,7 @@ local context_content = require('context_content')
 local cjson = require('cjson')
 local policy = require('apicast.policy')
 local ngx_variable = require('apicast.policy.ngx_variable')
-local _M = policy.new('Liquid context debug')
+local _M = policy.new('Liquid context debug', 'builtin')
 
 local new = _M.new
 

@@ -2,7 +2,7 @@ local _M = require('apicast.policy').new('Load Configuration')
 local ssl = require('ngx.ssl')
 
 local configuration_loader = require('apicast.configuration_loader').new()
-local configuration_store = require('apicast.configuration_store')
+local configuration_store = require('apicast.configuration_store', 'builtin')
 
 local new = _M.new
 

@@ -1,5 +1,5 @@
 {
-  "$schema": "http://apicast.io/policy-v1/schema#manifest#",
+  "$schema": "http://apicast.io/policy-v1.1/schema#manifest#",
   "name": "Logging",
   "summary": "Controls logging.",
   "description": [

@@ -1,6 +1,6 @@
 --- Logging policy
 
-local _M  = require('apicast.policy').new('Logging Policy')
+local _M  = require('apicast.policy').new('Logging Policy', 'builtin')
 
 local new = _M.new
 

@@ -1,5 +1,5 @@
 {
-  "$id": "http://apicast.io/policy-v1/schema#manifest",
+  "$id": "http://apicast.io/policy-v1.1/schema#manifest",
   "type": "object",
   "$schema": "http://json-schema.org/draft-07/schema#",
   "definitions": {
@@ -57,6 +57,52 @@
         [ "Redirect request to different upstream: ", " - based on path", "- set different Host header"]
       ]
     },
+    "order": {
+      "$id": "/properties/order",
+      "type": "object",
+      "title": "Order restrictions of the policy",
+      "description": "Specifies before or after which policies the policy should be placed in the chain.",
+      "properties": {
+        "before": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "properties": {
+              "name": {
+                "type": "string"
+              },
+              "version": {
+                "type": "string"
+              }
+            },
+            "required": [
+              "name",
+              "version"
+            ]
+          },
+          "description": "The policy should be placed before these ones in the chain."
+        },
+        "after": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "properties": {
+              "name": {
+                "type": "string"
+              },
+              "version": {
+                "type": "string"
+              }
+            },
+            "required": [
+              "name",
+              "version"
+            ]
+          },
+          "description": "The policy should be placed after these ones in the chain."
+        }
+      }
+    },
     "version": {
       "$ref": "#/definitions/version"
     },

@@ -1,4 +1,4 @@
-local _M = require('apicast.policy').new('Metrics')
+local _M = require('apicast.policy').new('Metrics', 'builtin')
 
 local resty_env = require('resty.env')
 local errlog = require('ngx.errlog')

@@ -8,7 +8,7 @@ local oidc_discovery = require('resty.oidc.discovery')
 local http_authorization = require('resty.http_authorization')
 local resty_url = require('resty.url')
 local policy = require('apicast.policy')
-local _M = policy.new('oidc_authentication')
+local _M = policy.new('oidc_authentication', 'builtin')
 
 local tostring = tostring
 

@@ -1,5 +1,5 @@
 {
-  "$schema": "http://apicast.io/policy-v1/schema#manifest#",
+  "$schema": "http://apicast.io/policy-v1.1/schema#manifest#",
   "name": "Edge limiting",
   "summary": "Adds rate limit.",
   "description": ["This policy adds rate limit."],

@@ -1,5 +1,5 @@
 {
-  "$schema": "http://apicast.io/policy-v1/schema#manifest#",
+  "$schema": "http://apicast.io/policy-v1.1/schema#manifest#",
   "name": "Retry",
   "summary": "Allows to retry requests to the upstream",
   "description": "Allows to retry requests to the upstream",

@@ -2,7 +2,7 @@
 
 local tonumber = tonumber
 
-local _M = require('apicast.policy').new('Retry Policy')
+local _M = require('apicast.policy').new('Retry Policy', 'builtin')
 
 local new = _M.new