Revert "Merging to release-5.2: [TT-10109] Fix policy lookup map dist… (#5755)

furkansenharputlu · web-flow · commit 9416376f8d9f · 2023-11-08T09:16:58.000Z
…ortion (#5730)" This reverts commit c6dc825.  ## Description  ## Related Issue     ## Motivation and Context  ## How This Has Been Tested     ## Screenshots (if appropriate) ## Types of changes  - [ ] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [ ] Breaking change (fix or feature that would cause existing functionality to change) - [ ] Refactoring or add test (improvements in base code or adds test coverage to functionality) ## Checklist    - [ ] I ensured that the documentation is up to date - [ ] I explained why this PR updates go.mod in detail with reasoning why it's required - [ ] I would like a code coverage CI quality gate exception and have explained why
diff --git a/gateway/middleware.go b/gateway/middleware.go
@@ -492,8 +492,6 @@ func (t BaseMiddleware) ApplyPolicies(session *user.SessionState) error {
 				if !usePartitions || policy.Partitions.Acl {
 					didACL[k] = true
 
-					ar.AllowedURLs = copyAllowedURLs(v.AllowedURLs)
-
 					// Merge ACLs for the same API
 					if r, ok := rights[k]; ok {
 						// If GQL introspection is disabled, keep that configuration.
@@ -762,26 +760,6 @@ func (t BaseMiddleware) ApplyPolicies(session *user.SessionState) error {
 	return nil
 }
 
-func copyAllowedURLs(input []user.AccessSpec) []user.AccessSpec {
-	if input == nil {
-		return nil
-	}
-
-	copied := make([]user.AccessSpec, len(input))
-
-	for i, as := range input {
-		copied[i] = user.AccessSpec{
-			URL: as.URL,
-		}
-		if as.Methods != nil {
-			copied[i].Methods = make([]string, len(as.Methods))
-			copy(copied[i].Methods, as.Methods)
-		}
-	}
-
-	return copied
-}
-
 // CheckSessionAndIdentityForValidKey will check first the Session store for a valid key, if not found, it will try
 // the Auth Handler, if not found it will fail
 func (t BaseMiddleware) CheckSessionAndIdentityForValidKey(originalKey string, r *http.Request) (user.SessionState, bool) {
diff --git a/gateway/middleware_test.go b/gateway/middleware_test.go
@@ -343,65 +343,3 @@ func TestSessionLimiter_RedisQuotaExceeded_PerAPI(t *testing.T) {
 	sendReqAndCheckQuota(t, apis[2].APIID, 24, false)
 	sendReqAndCheckQuota(t, apis[2].APIID, 23, false)
 }
-
-func TestCopyAllowedURLs(t *testing.T) {
-	testCases := []struct {
-		name  string
-		input []user.AccessSpec
-	}{
-		{
-			name: "Copy non-empty slice of AccessSpec with non-empty Methods",
-			input: []user.AccessSpec{
-				{
-					URL:     "http://example.com",
-					Methods: []string{"GET", "POST"},
-				},
-				{
-					URL:     "http://example.org",
-					Methods: []string{"GET"},
-				},
-			},
-		},
-		{
-			name: "Copy non-empty slice of AccessSpec with empty Methods",
-			input: []user.AccessSpec{
-				{
-					URL:     "http://example.com",
-					Methods: []string{},
-				},
-				{
-					URL:     "http://example.org",
-					Methods: []string{},
-				},
-			},
-		},
-		{
-			name: "Copy non-empty slice of AccessSpec with nil Methods",
-			input: []user.AccessSpec{
-				{
-					URL:     "http://example.com",
-					Methods: nil,
-				},
-				{
-					URL:     "http://example.org",
-					Methods: nil,
-				},
-			},
-		},
-		{
-			name:  "Copy empty slice of AccessSpec",
-			input: []user.AccessSpec{},
-		},
-		{
-			name:  "Copy nil slice of AccessSpec",
-			input: []user.AccessSpec(nil),
-		},
-	}
-
-	for _, tc := range testCases {
-		t.Run(tc.name, func(t *testing.T) {
-			copied := copyAllowedURLs(tc.input)
-			assert.Equal(t, tc.input, copied)
-		})
-	}
-}
diff --git a/gateway/policy_test.go b/gateway/policy_test.go
@@ -304,7 +304,7 @@ func (s *Test) TestPrepareApplyPolicies() (*BaseMiddleware, []testApplyPoliciesD
 			ID: "per_path_1",
 			AccessRights: map[string]user.AccessDefinition{"a": {
 				AllowedURLs: []user.AccessSpec{
-					{URL: "/user", Methods: []string{"GET", "POST"}},
+					{URL: "/user", Methods: []string{"GET"}},
 				},
 			}, "b": {
 				AllowedURLs: []user.AccessSpec{
@@ -316,7 +316,7 @@ func (s *Test) TestPrepareApplyPolicies() (*BaseMiddleware, []testApplyPoliciesD
 			ID: "per_path_2",
 			AccessRights: map[string]user.AccessDefinition{"a": {
 				AllowedURLs: []user.AccessSpec{
-					{URL: "/user", Methods: []string{"GET"}},
+					{URL: "/user", Methods: []string{"GET", "POST"}},
 					{URL: "/companies", Methods: []string{"GET", "POST"}},
 				},
 			}},
@@ -752,7 +752,7 @@ func (s *Test) TestPrepareApplyPolicies() (*BaseMiddleware, []testApplyPoliciesD
 		{
 			name:     "Merge per path rules for the same API",
 			policies: []string{"per-path2", "per-path1"},
-			sessMatch: func(t *testing.T, sess *user.SessionState) {
+			sessMatch: func(t *testing.T, s *user.SessionState) {
 				want := map[string]user.AccessDefinition{
 					"a": {
 						AllowedURLs: []user.AccessSpec{
@@ -769,11 +769,7 @@ func (s *Test) TestPrepareApplyPolicies() (*BaseMiddleware, []testApplyPoliciesD
 					},
 				}
 
-				assert.Equal(t, user.AccessSpec{
-					URL: "/user", Methods: []string{"GET"},
-				}, s.Gw.getPolicy("per-path2").AccessRights["a"].AllowedURLs[0])
-
-				assert.Equal(t, want, sess.AccessRights)
+				assert.Equal(t, want, s.AccessRights)
 			},
 		},
 		{
