#901

- Added check in access_control_list.py which sets implicit permission to NA if boolean is False - Changed the defaults in training_config.py so that each scenario has an EXPLICIT ALLOW rule as default implicit rule - Updated the test_seeding_and_deterministic_session.py because of change no2 adds an extra rule to that scenario
2023-07-17 10:27:56 +01:00
parent ab45c7e3f9
commit 3e7f6cc98d
3 changed files with 21 additions and 17 deletions
--- a/src/primaite/acl/access_control_list.py
+++ b/src/primaite/acl/access_control_list.py
@@ -17,12 +17,11 @@ class AccessControlList:
        # Bool option in main_config to decide to use implicit rule or not
        self.apply_implicit_rule: bool = apply_implicit_rule
        # Implicit ALLOW or DENY firewall spec
+        if self.apply_implicit_rule:
+            self.acl_implicit_permission = implicit_permission
+        else:
+            self.acl_implicit_permission = "NA"
        # Last rule in the ACL list
-        self.acl_implicit_permission = implicit_permission
-        # Maximum number of ACL Rules in ACL
-        self.max_acl_rules: int = max_acl_rules
-        # A list of ACL Rules
-        self._acl: List[Union[ACLRule, None]] = [None] * (self.max_acl_rules - 1)
        # Implicit rule
        self.acl_implicit_rule = None
        if self.apply_implicit_rule:
@@ -31,6 +30,11 @@ class AccessControlList:
            elif self.acl_implicit_permission == RulePermissionType.ALLOW:
                self.acl_implicit_rule = ACLRule("ALLOW", "ANY", "ANY", "ANY", "ANY")

+        # Maximum number of ACL Rules in ACL
+        self.max_acl_rules: int = max_acl_rules
+        # A list of ACL Rules
+        self._acl: List[Union[ACLRule, None]] = [None] * (self.max_acl_rules - 1)
+
    @property
    def acl(self):
        """Public access method for private _acl.
--- a/src/primaite/config/training_config.py
+++ b/src/primaite/config/training_config.py
@@ -100,10 +100,10 @@ class TrainingConfig:
    "Stable Baselines3 learn/eval output verbosity level"

    # Access Control List/Rules
-    apply_implicit_rule: str = False
+    apply_implicit_rule: str = True
    "User choice to have Implicit ALLOW or DENY."

-    implicit_acl_rule: RulePermissionType = RulePermissionType.DENY
+    implicit_acl_rule: RulePermissionType = RulePermissionType.ALLOW
    "ALLOW or DENY implicit firewall rule to go at the end of list of ACL list."

    max_number_acl_rules: int = 30