What I want is this:
How can I do it?
Thanks,
Anton.
Solved! Go to Solution.
Great Question once again @Anton+Bar ,
It's very much possible to implement above scenario in Apigee Edge leveraging the developer attributes concept in Apigee Drupal Developer Portal & Edge. Find out how to do same below.
Part 1 : Enable Developer Attributes in Developer Portal
Step 1 : Login as administrator in Developer Portal
Step 2 : Go to "admin/config/people/accounts/fields"
Step 3 : Add a field called "Developer Quota" , field_user_developer_quota, Integer, Text
Step 4 : Save Settings -> Save Settings
Step 5 : Set default value to default Quota , Let's say 1000
Step 6 : Save Settings
Step 7 : Navigate to "admin/config/devconnect/user-attributes"
Step 8 : Select "Persist this field as an attribute in Edge"
Step 9 : Save Settings
Part 2 : Secure above field & Allow Administrators to Edit / View above field.
Let's make above field accessible only to Drupal Administrator, so that developers can't decide quota.
Step 1 : Download drupal 7.x module called field_permissions , Unzip & place the folder inside sites/all/modules/contrib in the portal source code base.
Step 2 : git add . , git commit -m "field permissions module", git push - Push the code to pantheon
Step 3 : Go to "admin/modules" , Enable above field permissions module.
Step 4 : Go to "admin/config/people/accounts/fields/field_user_developer_quota" , See Field Permission at bottom , Select "Custom Permissions" where only admin can edit & view. Save Settings.
When you create a new developer, You will now see a custom attribute associated with developer in Edge. As administrator, Only you can set the quota in Developer Portal which will be saved as developer attribute in edge.
Part 3 : Let's create some sample proxies & products to demonstrate quota working with developer attributes.
Step 1 :
Let's create two sample proxies called foo & bar with http://mocktarget.apigee.net/json as target end point.
Step 2 :
Create an API Product called Foo Bar APIs & Add both the API Proxies (Foo, Bar) under the API Product.
Step 3 :
Secure the APIs using verify API Key Policy, Add verify api key policy to proxies foo, bar in request preflow.
Quota policy,
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <VerifyAPIKey async="false" continueOnError="false" enabled="true" name="Verify-API-Key-1"> <DisplayName>Verify API Key-1</DisplayName> <Properties/> <APIKey ref="request.queryparam.apikey"/> </VerifyAPIKey>
Step 4 : Retrieve Developer Attribute information using Access Entity Policy after API Key verification. Attach Access Entity Policy after above key verification policy.
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <AccessEntity async="false" continueOnError="false" enabled="true" name="Access-Entity-1"> <DisplayName>Access Entity-1</DisplayName> <Properties/> <EntityIdentifier ref="developer.id" type="developerid"/> <EntityType value="developer"/> </AccessEntity>
Step 5 : Extract Custom Developer Quota Attribute using Extract Variables Policy,
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <ExtractVariables name="Extract-DeveloperInfo"> <Source>AccessEntity.Access-Entity-1</Source> <VariablePrefix>dev</VariablePrefix> <XMLPayload> <Variable name="quota" type="integer"> <XPath>/Developer/Attributes/Attribute[Name='user_developer_quota']/Value/text()</XPath> </Variable> </XMLPayload> </ExtractVariables>
Step 6 :
Implement Quota using above value, See CountRef & Identifier ...
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <Quota async="false" continueOnError="false" enabled="true" name="Quota-1"> <DisplayName>Quota-1</DisplayName> <Properties/> <Allow count="1000" countRef="dev.quota"/> <Identifier ref="developer.id"/> <Interval ref="request.header.quota_count">1</Interval> <Distributed>true</Distributed> <Synchronous>true</Synchronous> <TimeUnit>minute</TimeUnit> </Quota>
You can implement above set of policies as shared flow so that you can reuse across the proxies. You can also ignore developer portal part if you set the attributes directly in Apigee Edge. It will become easy to manage / filter users / set quota in developer portal if you follow first 2 parts.
To test it out,
PS : Quota counters are maintained at proxy level. For global counter see solution here.
Hope it helps. Keep us posted if any.
Great Question once again @Anton+Bar ,
It's very much possible to implement above scenario in Apigee Edge leveraging the developer attributes concept in Apigee Drupal Developer Portal & Edge. Find out how to do same below.
Part 1 : Enable Developer Attributes in Developer Portal
Step 1 : Login as administrator in Developer Portal
Step 2 : Go to "admin/config/people/accounts/fields"
Step 3 : Add a field called "Developer Quota" , field_user_developer_quota, Integer, Text
Step 4 : Save Settings -> Save Settings
Step 5 : Set default value to default Quota , Let's say 1000
Step 6 : Save Settings
Step 7 : Navigate to "admin/config/devconnect/user-attributes"
Step 8 : Select "Persist this field as an attribute in Edge"
Step 9 : Save Settings
Part 2 : Secure above field & Allow Administrators to Edit / View above field.
Let's make above field accessible only to Drupal Administrator, so that developers can't decide quota.
Step 1 : Download drupal 7.x module called field_permissions , Unzip & place the folder inside sites/all/modules/contrib in the portal source code base.
Step 2 : git add . , git commit -m "field permissions module", git push - Push the code to pantheon
Step 3 : Go to "admin/modules" , Enable above field permissions module.
Step 4 : Go to "admin/config/people/accounts/fields/field_user_developer_quota" , See Field Permission at bottom , Select "Custom Permissions" where only admin can edit & view. Save Settings.
When you create a new developer, You will now see a custom attribute associated with developer in Edge. As administrator, Only you can set the quota in Developer Portal which will be saved as developer attribute in edge.
Part 3 : Let's create some sample proxies & products to demonstrate quota working with developer attributes.
Step 1 :
Let's create two sample proxies called foo & bar with http://mocktarget.apigee.net/json as target end point.
Step 2 :
Create an API Product called Foo Bar APIs & Add both the API Proxies (Foo, Bar) under the API Product.
Step 3 :
Secure the APIs using verify API Key Policy, Add verify api key policy to proxies foo, bar in request preflow.
Quota policy,
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <VerifyAPIKey async="false" continueOnError="false" enabled="true" name="Verify-API-Key-1"> <DisplayName>Verify API Key-1</DisplayName> <Properties/> <APIKey ref="request.queryparam.apikey"/> </VerifyAPIKey>
Step 4 : Retrieve Developer Attribute information using Access Entity Policy after API Key verification. Attach Access Entity Policy after above key verification policy.
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <AccessEntity async="false" continueOnError="false" enabled="true" name="Access-Entity-1"> <DisplayName>Access Entity-1</DisplayName> <Properties/> <EntityIdentifier ref="developer.id" type="developerid"/> <EntityType value="developer"/> </AccessEntity>
Step 5 : Extract Custom Developer Quota Attribute using Extract Variables Policy,
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <ExtractVariables name="Extract-DeveloperInfo"> <Source>AccessEntity.Access-Entity-1</Source> <VariablePrefix>dev</VariablePrefix> <XMLPayload> <Variable name="quota" type="integer"> <XPath>/Developer/Attributes/Attribute[Name='user_developer_quota']/Value/text()</XPath> </Variable> </XMLPayload> </ExtractVariables>
Step 6 :
Implement Quota using above value, See CountRef & Identifier ...
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <Quota async="false" continueOnError="false" enabled="true" name="Quota-1"> <DisplayName>Quota-1</DisplayName> <Properties/> <Allow count="1000" countRef="dev.quota"/> <Identifier ref="developer.id"/> <Interval ref="request.header.quota_count">1</Interval> <Distributed>true</Distributed> <Synchronous>true</Synchronous> <TimeUnit>minute</TimeUnit> </Quota>
You can implement above set of policies as shared flow so that you can reuse across the proxies. You can also ignore developer portal part if you set the attributes directly in Apigee Edge. It will become easy to manage / filter users / set quota in developer portal if you follow first 2 parts.
To test it out,
PS : Quota counters are maintained at proxy level. For global counter see solution here.
Hope it helps. Keep us posted if any.
@Anil Sagar Don't you think we should consider the performance when using Access Entity policy. I thought of using this policy but when I saw the time it takes to execute I dropped the plan. It is really a time consuming policy.
See the following policy
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <AccessEntity async="false" continueOnError="false" enabled="true" name="Access-Entity-1"> <DisplayName>Access Entity-1</DisplayName> <Properties/> <EntityIdentifier ref="request.queryparam.apikey" type="consumerkey"/> <EntityType value="apiproduct"/> </AccessEntity>
Execution time of this policy is approx 190ms which is quite a lot. So I will give it a thought whenever I am using it in the proxy.
What are your thoughts??
@Vipul Agarwal , Are you checking on trial org ? I see on an average 50 - 80 ms . Are you sure it's consistently 190 ms ?
Hmm.. Looks like its the issue in tria org 🙂
My bad 🙂
Once again many thanks, beyond expectations!
What does this line mean: <Allow count="1000" countRef="dev.quota"/>
The count is defined per developer, so why use it in this tag?
Yes, Count is defined per developer. We are reading the developer count attribute using dev.quota variable which is extracted from Entity Developer using Access Entity Policy response.
countRef is value from developer attribute, i.e dev.quota , See extract variables policy above,
<VariablePrefix>dev</VariablePrefix> <XMLPayload> <Variable name="quota"type="integer"><XPath>/Developer/Attributes/Attribute[Name='user_developer_quota']/Value/text()</XPath> </Variable> </XMLPayload>
If dev.quota if not resolved, it takes the default value count=1000 , hope it helps.
@Anil Sagar - yes, that bit is clear now. Last question on this - why the intervalref below mentions quota count in the request's header?
- <Intervalref="request.header.quota_count">1</Interval>
Ref is not needed , You can remove it, It was it in the default template, I forgot to remove it.
<Interval>1</Interval><br>
-------------------------------
Anil Sagar
Thanks a bunch @Anil Sagar!
Anytime !
Keep us posted moving forward if any.