Conditional quota implementation with default valu...

nagashree_b · 12-27-2018 11:54 AM

I was going through the 4mv4d on conditional quota policy using the allow class definitions. The allow class is using a reference variable for eg. The query parameter appteam. Is it possible to restrict the quota to 2/minute if no query parameter is passed?

I observed that if you pass a query parameter value that's not defined in the allow class, a 429 error is thrown, which is valid by design I guess.

Anyway around to handle this with some default quota counts when queryparam is not passed or passed with a value that's not configured?

dknezic

You could implement a javascript policy that sets a count value for you based on other variables/query parameters etc. You could then use this variable within your quota policy.

nagashree_b

@dane knezic Thank you, that will work.

sidd-harth

Yeah by default it is going to give 429 when we pass an undefined queryParam.

Maybe we can use multiple Quota policies with Conditions to check the queryParams,

<Step>
    <Name>Conditional-Quota-1</Name>
    <Condition>request.queryparam.appTeam = "partner" or request.queryparam.appTeam = "public"</Condition>
</Step>
<Step>
    <Name>Regular-Quota-2</Name>
    <Condition>NOT (request.queryparam.appTeam = "partner" or request.queryparam.appTeam = "public")</Condition>
</Step>

nagashree_b

Thanks Siddharth, this is a good workaround.

sidd-harth

Hi @dane knezic , can you provide some sample code for your answer, I am not able to use JS variables in Quota count as it is not accepting String and countRef is not working inside <Allow>/<Class>/<Allow> element.

Apart from that, I used classRef and it works as expected,

var var_appTeam = context.proxyRequest.queryParams['appTeam'];

if(var_appTeam == "partner"){
    context.setVariable("partner_count",4);
    context.setVariable("request.queryparam.appTeam",var_appTeam);
}else if(var_appTeam == "public"){
    context.setVariable("public_count",2);
    context.setVariable("request.queryparam.appTeam",var_appTeam);
}else{
    var undefinedQueryParam = "undefinedQueryParam_"+var_appTeam;
    context.setVariable("undefined_count",1);
    context.setVariable("request.queryparam.appTeam",undefinedQueryParam);
    context.setVariable("undefinedQueryParam",undefinedQueryParam);
}

Quota Policy -

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<Quota async="false" continueOnError="false" enabled="true" name="Quota-1">
    <DisplayName>Quota-1</DisplayName>
    <Properties/>
    <Interval>1</Interval>
    <Distributed>true</Distributed>
    <Synchronous>true</Synchronous>
    <TimeUnit>minute</TimeUnit>
    <Allow>
        <Class ref="request.queryparam.appTeam">
            <Allow class="partner" count="1"/>
            <Allow class="public" count="2"/>
            <Allow count="1" classRef="undefinedQueryParam"/>
        </Class>
    </Allow>
</Quota>

Sample request - http://org-env.apige.com/base/resource?appTeam=sid

JS - undefinedQueryParam = undefinedQueryParam_sidddddddd

Quota - request.queryparam.appTeam = undefinedQueryParam_sidddddddd will match the classRef in Quota and only allow 1 request.

dknezic

Hi @Siddharth Barahalikar

My approach would avoid needing to use the class based approach as you would have your logic in the javascript policy instead to determine the appropriate quota.

While the regular allow quota works with countRef, you're right - class based quota doesn't support countRef.

Conditional quota implementation with default values