[ACCESS-CHANGE]: Prioritize sequence access level permission

amadolid · amadolid · commit 41bc12a66a98 · 2025-01-17T21:07:46.000+08:00
1. roots access config of target node
2. roots access config of target node's root
3. public (all) access config of target node's root
4. public (all) access config of target node
diff --git a/jac-cloud/jac_cloud/plugin/jaseci.py b/jac-cloud/jac_cloud/plugin/jaseci.py
@@ -361,7 +361,7 @@ def allow_root(
         if (
             isinstance(anchor, BaseAnchor)
             and (ref_id := root_id.ref_id)
-            and level != access.anchors.get(ref_id, AccessLevel.NO_ACCESS)
+            and level != access.anchors.get(ref_id)
         ):
             access.anchors[ref_id] = level
             anchor._set.update({f"access.roots.anchors.{ref_id}": level.name})
@@ -456,14 +456,12 @@ def check_access_level(to: Anchor) -> AccessLevel:
             if to_root.access.all > access_level:
                 access_level = to_root.access.all
 
-            level = to_root.access.roots.check(jroot.ref_id)
-            if level > AccessLevel.NO_ACCESS and access_level == AccessLevel.NO_ACCESS:
+            if (level := to_root.access.roots.check(jroot.ref_id)) is not None:
                 access_level = level
 
         # if target anchor have set allowed roots
         # if current root is allowed to target anchor
-        level = to_access.roots.check(jroot.ref_id)
-        if level > AccessLevel.NO_ACCESS and access_level == AccessLevel.NO_ACCESS:
+        if (level := to_access.roots.check(jroot.ref_id)) is not None:
             access_level = level
 
         return access_level
diff --git a/jac/jaclang/plugin/default.py b/jac/jaclang/plugin/default.py
@@ -179,14 +179,12 @@ def check_access_level(to: Anchor) -> AccessLevel:
             if to_root.access.all > access_level:
                 access_level = to_root.access.all
 
-            level = to_root.access.roots.check(str(jroot.id))
-            if level > AccessLevel.NO_ACCESS and access_level == AccessLevel.NO_ACCESS:
+            if (level := to_root.access.roots.check(str(jroot.id))) is not None:
                 access_level = level
 
         # if target anchor have set allowed roots
         # if current root is allowed to target anchor
-        level = to_access.roots.check(str(jroot.id))
-        if level > AccessLevel.NO_ACCESS and access_level == AccessLevel.NO_ACCESS:
+        if (level := to_access.roots.check(str(jroot.id))) is not None:
             access_level = level
 
         return access_level
diff --git a/jac/jaclang/runtimelib/architype.py b/jac/jaclang/runtimelib/architype.py
@@ -44,9 +44,9 @@ class Access:
 
     anchors: dict[str, AccessLevel] = field(default_factory=dict)
 
-    def check(self, anchor: str) -> AccessLevel:
+    def check(self, anchor: str) -> AccessLevel | None:
         """Validate access."""
-        return self.anchors.get(anchor, AccessLevel.NO_ACCESS)
+        return self.anchors.get(anchor)
 
 
 @dataclass
