From 7f018e9fe7f08e2c3e448817352d691f9e190cb6 Mon Sep 17 00:00:00 2001
From: David <9059044+Tansito@users.noreply.github.com>
Date: Wed, 23 Oct 2024 12:46:09 +0200
Subject: [PATCH 1/3] Filter by access in the catalog list

---
 gateway/api/views/programs.py        | 40 +++++++++++++---------------
 gateway/tests/fixtures/fixtures.json |  5 +++-
 2 files changed, 22 insertions(+), 23 deletions(-)

diff --git a/gateway/api/views/programs.py b/gateway/api/views/programs.py
index ac3bb847d..04c904200 100644
--- a/gateway/api/views/programs.py
+++ b/gateway/api/views/programs.py
@@ -319,27 +319,6 @@ def _get_program_queryset_for_title_and_provider(
             codename=VIEW_PROGRAM_PERMISSION
         )
 
-        # Groups logic
-        if type_filter:
-            if type_filter == "catalog":
-                view_permission_criteria = Q(permissions=view_program_permission)
-                groups_with_view_permissions = Group.objects.filter(
-                    view_permission_criteria
-                )
-                groups_with_view_permissions_criteria = Q(
-                    instances__in=groups_with_view_permissions
-                )
-                provider_exists_criteria = ~Q(provider=None)
-                result_queryset = Program.objects.filter(
-                    groups_with_view_permissions_criteria & provider_exists_criteria
-                )
-                return result_queryset
-            if type_filter == "serverless":
-                result_queryset = Program.objects.filter(
-                    Q(author=author) & Q(provider=None)
-                )
-                return result_queryset
-
         user_criteria = Q(user=author)
         view_permission_criteria = Q(permissions=view_program_permission)
         author_groups_with_view_permissions = Group.objects.filter(
@@ -354,11 +333,28 @@ def _get_program_queryset_for_title_and_provider(
             author_groups_with_view_permissions_count,
         )
 
-        # Programs logic
         author_criteria = Q(author=author)
         author_groups_with_view_permissions_criteria = Q(
             instances__in=author_groups_with_view_permissions
         )
+
+        # Serverless filter only returns functions created by the user
+        if type_filter == "serverless":
+            provider_criteria = Q(provider=None)
+            result_queryset = Program.objects.filter(
+                author_criteria & provider_criteria
+            )
+            return result_queryset
+
+        # Catalog filter only returns providers functions that user has access
+        if type_filter == "catalog":
+            provider_exists_criteria = ~Q(provider=None)
+            result_queryset = Program.objects.filter(
+                author_groups_with_view_permissions_criteria & provider_exists_criteria
+            )
+            return result_queryset
+
+        # If filter is not applied we return author and providers functions together
         title = sanitize_name(title)
         provider_name = sanitize_name(provider_name)
         if title:
diff --git a/gateway/tests/fixtures/fixtures.json b/gateway/tests/fixtures/fixtures.json
index 8f56c8f1e..feff33b4d 100644
--- a/gateway/tests/fixtures/fixtures.json
+++ b/gateway/tests/fixtures/fixtures.json
@@ -79,7 +79,10 @@
       "image": "icr.io/awesome-namespace/awesome-title",
       "author": 2,
       "env_vars": "{\"PROGRAM_ENV1\": \"VALUE1\", \"PROGRAM_ENV2\": \"VALUE2\"}",
-      "provider": "bfe8aa6a-2127-4123-bf57-5b547293cbea"
+      "provider": "bfe8aa6a-2127-4123-bf57-5b547293cbea",
+      "instances": [
+        100
+      ]
     }
   },
   {

From f7b37f84854df61e3a6876efa22b8d3d3868372d Mon Sep 17 00:00:00 2001
From: David <9059044+Tansito@users.noreply.github.com>
Date: Wed, 23 Oct 2024 15:31:28 +0200
Subject: [PATCH 2/3] Improved fixtures configuration

---
 gateway/tests/api/test_v1_program.py |  2 +-
 gateway/tests/fixtures/fixtures.json | 18 +++++++++++++++---
 2 files changed, 16 insertions(+), 4 deletions(-)

diff --git a/gateway/tests/api/test_v1_program.py b/gateway/tests/api/test_v1_program.py
index 4163ce41d..4676cd9f2 100644
--- a/gateway/tests/api/test_v1_program.py
+++ b/gateway/tests/api/test_v1_program.py
@@ -75,7 +75,7 @@ def test_provider_programs_catalog_list(self):
         )
         self.assertEqual(
             programs_response.data[0].get("title"),
-            "Docker-Image-Program-2",
+            "Docker-Image-Program-3",
         )
 
     def test_provider_programs_serverless_list(self):
diff --git a/gateway/tests/fixtures/fixtures.json b/gateway/tests/fixtures/fixtures.json
index feff33b4d..0aea2f7d1 100644
--- a/gateway/tests/fixtures/fixtures.json
+++ b/gateway/tests/fixtures/fixtures.json
@@ -79,7 +79,19 @@
       "image": "icr.io/awesome-namespace/awesome-title",
       "author": 2,
       "env_vars": "{\"PROGRAM_ENV1\": \"VALUE1\", \"PROGRAM_ENV2\": \"VALUE2\"}",
-      "provider": "bfe8aa6a-2127-4123-bf57-5b547293cbea",
+      "provider": "bfe8aa6a-2127-4123-bf57-5b547293cbea"
+    }
+  },
+  {
+    "model": "api.program",
+    "pk": "6160a2ff-e482-443d-af23-15110b646ae3",
+    "fields": {
+      "created": "2023-02-01T15:30:43.281796Z",
+      "title": "Docker-Image-Program-2",
+      "image": "icr.io/awesome-namespace/awesome-title",
+      "author": 3,
+      "env_vars": "{\"PROGRAM_ENV1\": \"VALUE1\", \"PROGRAM_ENV2\": \"VALUE2\"}",
+      "provider": "bfe8aa6a-2127-4123-bf57-5b547293cbeb",
       "instances": [
         100
       ]
@@ -87,10 +99,10 @@
   },
   {
     "model": "api.program",
-    "pk": "6160a2ff-e482-443d-af23-15110b646ae3",
+    "pk": "74d300c1-f3f2-4c79-9b3e-2faab5f76d76",
     "fields": {
       "created": "2023-02-01T15:30:43.281796Z",
-      "title": "Docker-Image-Program-2",
+      "title": "Docker-Image-Program-3",
       "image": "icr.io/awesome-namespace/awesome-title",
       "author": 3,
       "env_vars": "{\"PROGRAM_ENV1\": \"VALUE1\", \"PROGRAM_ENV2\": \"VALUE2\"}",

From 012ac0fa2a5742e8b9d6dd522dbbfbc2c0ae75b9 Mon Sep 17 00:00:00 2001
From: David <9059044+Tansito@users.noreply.github.com>
Date: Wed, 23 Oct 2024 15:37:19 +0200
Subject: [PATCH 3/3] Improved comments around the filters

---
 gateway/api/views/programs.py | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/gateway/api/views/programs.py b/gateway/api/views/programs.py
index 04c904200..21cb5e6c1 100644
--- a/gateway/api/views/programs.py
+++ b/gateway/api/views/programs.py
@@ -338,7 +338,8 @@ def _get_program_queryset_for_title_and_provider(
             instances__in=author_groups_with_view_permissions
         )
 
-        # Serverless filter only returns functions created by the user
+        # Serverless filter only returns functions created by the author with the next criterias:
+        # user is the author of the function and there is no provider
         if type_filter == "serverless":
             provider_criteria = Q(provider=None)
             result_queryset = Program.objects.filter(
@@ -346,7 +347,8 @@ def _get_program_queryset_for_title_and_provider(
             )
             return result_queryset
 
-        # Catalog filter only returns providers functions that user has access
+        # Catalog filter only returns providers functions that user has access:
+        # author has view permissions and the function has a provider assigned
         if type_filter == "catalog":
             provider_exists_criteria = ~Q(provider=None)
             result_queryset = Program.objects.filter(