From d5659c20829a75c306190c049255d8b02c282c4f Mon Sep 17 00:00:00 2001
From: Luca Moretto <l.moretto88@gmail.com>
Date: Mon, 26 Mar 2018 16:53:33 +0200
Subject: [PATCH] Update documentation for global 'ALLOWED_FILTERS' and
 resource-specific 'allowed_filters' settings

---
 docs/config.rst | 16 ++++++++++++++++
 eve/utils.py    | 10 ----------
 2 files changed, 16 insertions(+), 10 deletions(-)

diff --git a/docs/config.rst b/docs/config.rst
index 504090fb8..b4df3b984 100644
--- a/docs/config.rst
+++ b/docs/config.rst
@@ -114,6 +114,14 @@ uppercase.
                                     ``/v1/<endpoint>``). Defaults to ``''``.
 
 ``ALLOWED_FILTERS``                 List of fields on which filtering is allowed.
+                                    Entries in this list work in a hierarchical
+                                    way. This means that, for instance, filtering
+                                    on ``'dict.sub_dict.foo'`` is allowed if
+                                    ``ALLOWED_FILTERS`` contains any of
+                                    ``'dict.sub_dict.foo``, ``'dict.sub_dict'``
+                                    or ``'dict'``. Instead filtering on
+                                    ``'dict'`` is allowed if ``ALLOWED_FILTERS``
+                                    contains ``'dict'``.
                                     Can be set to ``[]`` (no filters allowed)
                                     or ``['*']`` (filters allowed on every
                                     field). Unless your API is comprised of
@@ -798,6 +806,14 @@ always lowercase.
                                 :ref:`subresources`.
 
 ``allowed_filters``             List of fields on which filtering is allowed.
+                                Entries in this list work in a hierarchical
+                                way. This means that, for instance, filtering
+                                on ``'dict.sub_dict.foo'`` is allowed if
+                                ``allowed_filters`` contains any of
+                                ``'dict.sub_dict.foo``, ``'dict.sub_dict'``
+                                or ``'dict'``. Instead filtering on
+                                ``'dict'`` is allowed if ``allowed_filters``
+                                contains ``'dict'``.
                                 Can be set to ``[]`` (no filters allowed), or
                                 ``['*']`` (fields allowed on every field).
                                 Defaults to ``['*']``.
diff --git a/eve/utils.py b/eve/utils.py
index 8e4843872..215f808f7 100644
--- a/eve/utils.py
+++ b/eve/utils.py
@@ -388,16 +388,6 @@ def validate_filter(filter):
         for key, value in filter.items():
             if '*' not in allowed:
                 def recursive_check_allowed(filter_key, allowed_filters):
-                    # Filter key can be a plain key (e.g. "foo") or a dotted
-                    # key (e.g. "dict.sub_dict.bar").
-                    # Starting from a dotted key, this function recursively
-                    # checks `allowed_filters` for the key itself and for all
-                    # its parent keys.
-                    # This means that, for instance, "dict.sub_dict.bar" is
-                    # an allowed filter key if `allowed_filters` contains any
-                    # of "dict.sub_dict.bar", "dict.sub_dict" or "dict".
-                    # Instead "dict" is an allowed filter key IFF
-                    # `allowed_filters` contains "dict".
                     if filter_key not in allowed_filters:
                         base_composed_key, _, _ = filter_key.rpartition('.')
                         return base_composed_key and recursive_check_allowed(