From 220b799e361418de35f4755bd850d3ebdba43c51 Mon Sep 17 00:00:00 2001
From: teacup-on-rockingchair
 <315160+teacup-on-rockingchair@users.noreply.github.com>
Date: Wed, 2 Oct 2024 10:31:35 +0300
Subject: [PATCH 1/4] Fix issue with ambiguity of control product and partial
 match of product names vs product specific controls

When product member is initialised during loading of yaml file it could be ambigously created as a string, when control
is specific for only one product or list when multiple products are specified in the yaml.
The problem with partial match of product names comes later in the add_references method,
 where the current product of the build is matched vs the control product, and the condition used is `product not in self.product`.
In case of list this condition will check if any of the members of the list is exact match to the product.
In case of string though, which is the more common case it will check if the string of the product name, for which we are building is
partially matched (contained) in the self.product.
The issue was found while analysing complaint from a contributor Joel Njanga(@barbarello), while he was trying to add support for al2 platform and it was conflicting with exsting platform al2023
---
 ssg/controls.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/ssg/controls.py b/ssg/controls.py
index c487d3f23ee..f7881745f65 100644
--- a/ssg/controls.py
+++ b/ssg/controls.py
@@ -349,7 +349,11 @@ def load(self):
         self.title = ssg.utils.required_key(yaml_contents, "title")
         self.source = yaml_contents.get("source", "")
         self.reference_type = yaml_contents.get("reference_type", None)
-        self.product = yaml_contents.get("product", None)
+        yaml_product = yaml_contents.get("product", None)
+        if type(yaml_product) is list:
+            self.product = yaml_product
+        else:
+            self.product = [yaml_product]
 
         default_level_dict = {"id": "default"}
         level_list = yaml_contents.get("levels", [default_level_dict])

From ab875b0146260184194b4f50b2c4e531ba4943f2 Mon Sep 17 00:00:00 2001
From: teacup-on-rockingchair
 <315160+teacup-on-rockingchair@users.noreply.github.com>
Date: Thu, 3 Oct 2024 10:00:48 +0300
Subject: [PATCH 2/4] Consider the option policy product to remain None

---
 ssg/controls.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ssg/controls.py b/ssg/controls.py
index f7881745f65..65eca7b5b68 100644
--- a/ssg/controls.py
+++ b/ssg/controls.py
@@ -352,7 +352,7 @@ def load(self):
         yaml_product = yaml_contents.get("product", None)
         if type(yaml_product) is list:
             self.product = yaml_product
-        else:
+        elif yaml_product is not None:
             self.product = [yaml_product]
 
         default_level_dict = {"id": "default"}

From 83eaa2100cbeb50ce03771cea2eb09dd505c7a87 Mon Sep 17 00:00:00 2001
From: teacup-on-rockingchair
 <315160+teacup-on-rockingchair@users.noreply.github.com>
Date: Wed, 9 Oct 2024 14:30:15 +0300
Subject: [PATCH 3/4] Replace type() with isinstance()

Thanks to @jan-cerny for the note :bow:
---
 ssg/controls.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ssg/controls.py b/ssg/controls.py
index 65eca7b5b68..9471276c79b 100644
--- a/ssg/controls.py
+++ b/ssg/controls.py
@@ -350,7 +350,7 @@ def load(self):
         self.source = yaml_contents.get("source", "")
         self.reference_type = yaml_contents.get("reference_type", None)
         yaml_product = yaml_contents.get("product", None)
-        if type(yaml_product) is list:
+        if isinstance(yaml_product, list):
             self.product = yaml_product
         elif yaml_product is not None:
             self.product = [yaml_product]

From adf59e610ade2153db93cea2dcfd325794e935f0 Mon Sep 17 00:00:00 2001
From: teacup-on-rockingchair
 <315160+teacup-on-rockingchair@users.noreply.github.com>
Date: Sun, 27 Oct 2024 17:02:26 +0200
Subject: [PATCH 4/4] Update docs to reflect correct usage of the product field

Thanks to @jan-cerny for the reminder :bow:
---
 docs/manual/developer/03_creating_content.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/manual/developer/03_creating_content.md b/docs/manual/developer/03_creating_content.md
index 646e6371287..488240181f2 100644
--- a/docs/manual/developer/03_creating_content.md
+++ b/docs/manual/developer/03_creating_content.md
@@ -977,7 +977,7 @@ original_title: used as a reference for policies not yet available in English
 source: a link to the original policy, eg. a URL of a PDF document
 controls_dir: a directory containing files representing controls that will be imported into this policy
 reference_type: Reference type represented by control IDs in this policy.
-product: product ID, set if the policy is specific to a single product.
+product: list of product IDs, set if the policy is specific to a single or number of products.
 levels: a list of levels, the first one is default
   - id: level ID (required key)
     inherits_from: a list of IDs of levels inheriting from