From 7fa8bd342020a08f82dc287c503b3c727ae0cec0 Mon Sep 17 00:00:00 2001
From: Michal Cichra <michal@cichra.cz>
Date: Tue, 7 Nov 2017 15:32:27 +0100
Subject: [PATCH] policies are loaded and initialized with service config

---
 apicast/src/configuration.lua      | 14 ++++++++++++++
 apicast/src/policy/echo.lua        |  9 +++++++++
 apicast/src/policy/local_chain.lua | 20 ++++++++++----------
 apicast/src/policy_chain.lua       |  1 +
 examples/configuration/echo.json   |  3 +++
 5 files changed, 37 insertions(+), 10 deletions(-)
 create mode 100644 apicast/src/policy/echo.lua

diff --git a/apicast/src/configuration.lua b/apicast/src/configuration.lua
index 1bd061ee1..b0f55d0bb 100644
--- a/apicast/src/configuration.lua
+++ b/apicast/src/configuration.lua
@@ -20,6 +20,7 @@ local re = require 'ngx.re'
 local env = require 'resty.env'
 local resty_url = require 'resty.url'
 local util = require 'util'
+local policy_chain = require 'policy_chain'
 
 local mt = { __index = _M, __tostring = function() return 'Configuration' end }
 
@@ -152,6 +153,18 @@ local function backend_endpoint(proxy)
     end
 end
 
+local function build_policy_chain(policies)
+  if not policies then return nil, 'no policy chain' end
+
+  local chain = {}
+
+  for i=1, #policies do
+    chain[i] = policy_chain.load(policies[i].name, policies[i].configuration)
+  end
+
+  return policy_chain.new(chain)
+end
+
 function _M.parse_service(service)
   local backend_version = tostring(service.backend_version)
   local proxy = service.proxy or empty_t
@@ -164,6 +177,7 @@ function _M.parse_service(service)
       authentication_method = proxy.authentication_method or backend_version,
       hosts = proxy.hosts or { 'localhost' }, -- TODO: verify localhost is good default
       api_backend = proxy.api_backend,
+      policy_chain = build_policy_chain(proxy.policy_chain),
       error_auth_failed = proxy.error_auth_failed or 'Authentication failed',
       error_limits_exceeded = proxy.error_limits_exceeded or 'Limits exceeded',
       error_auth_missing = proxy.error_auth_missing or 'Authentication parameters missing',
diff --git a/apicast/src/policy/echo.lua b/apicast/src/policy/echo.lua
new file mode 100644
index 000000000..76c48876e
--- /dev/null
+++ b/apicast/src/policy/echo.lua
@@ -0,0 +1,9 @@
+local policy = require('policy')
+local _M = policy.new('Echo Policy')
+
+function _M:access()
+  ngx.say(ngx.var.request)
+  ngx.exit(0)
+end
+
+return _M
diff --git a/apicast/src/policy/local_chain.lua b/apicast/src/policy/local_chain.lua
index 81da5b707..cafa4aa6b 100644
--- a/apicast/src/policy/local_chain.lua
+++ b/apicast/src/policy/local_chain.lua
@@ -2,27 +2,27 @@ local policy = require('policy')
 local Proxy = require('proxy')
 local _M = policy.new('Local Policy Chain')
 
-local policy_chain = require('policy_chain')
+local default_chain = require('policy_chain').build()
 
-local new = _M.new
-
-function _M.new(...)
-  local self = new(...)
-  self.policy_chain = policy_chain.build()
-  return self
+local function find_policy_chain(context)
+  return context.policy_chain or (context.service and context.service.policy_chain) or default_chain
 end
 
 local function build_chain(context)
   local proxy = Proxy.new(context.configuration)
 
   context.proxy = context.proxy or proxy
-  context.policy_chain = policy_chain.build({})
+  context.policy_chain = find_policy_chain(context)
 end
 
 -- forward all policy methods to the policy chain
 for _, phase in policy.phases() do
-  _M[phase] = function(self, ...)
-    return self.policy_chain[phase](self.policy_chain, ...)
+  _M[phase] = function(_, context, ...)
+    local policy_chain = find_policy_chain(context)
+
+    if policy_chain then
+      return policy_chain[phase](policy_chain, context, ...)
+    end
   end
 end
 
diff --git a/apicast/src/policy_chain.lua b/apicast/src/policy_chain.lua
index 10dce43b8..e90a9a54e 100644
--- a/apicast/src/policy_chain.lua
+++ b/apicast/src/policy_chain.lua
@@ -47,6 +47,7 @@ end
 
 function _M.load(module, ...)
     if type(module) == 'string' then
+        ngx.log(ngx.DEBUG, 'loading policy module: ', module)
         return require(module).new(...)
     else
         return module
diff --git a/examples/configuration/echo.json b/examples/configuration/echo.json
index 74b8a26c4..1316c57ce 100644
--- a/examples/configuration/echo.json
+++ b/examples/configuration/echo.json
@@ -14,6 +14,9 @@
           "endpoint": "http://127.0.0.1:8081",
           "host": "echo"
         },
+        "policy_chain": [
+          { "name": "policy.echo" }
+        ],
         "proxy_rules": [
           {
             "http_method": "GET",