Doc updates

docs/user/lib_use_cases_acl.md

@@ -1,28 +1,28 @@
 # ACL
 
-The ACL classes are intended to help guide the ACL conversation. It is not intended to solve every ACL challenge you may have. In essence, it provides sane defaults and welcomes you extend the logic via supported extension mechanisms. Three patterns that heavily make up the capabilities are:
+The ACL classes are intended to help guide the ACL conversation. It is not intended to solve every ACL challenge you may have. In essence, it provides sane defaults and welcomes you to extend the logic via supported extension mechanisms. Three patterns that heavily make up the capabilities are:
 
 - Expanding data to the ["Cartesian product"](#cartesian-product) (or combination) of each rule, so that each product can be easily evaluated.
-- Providing a `f"{type}_*` method pattern, to dynamically find any `validate_` or `enforce_` method you provide.
-- Providing a `f"{type}_{attr}` method pattern, to dynamically find any `process_` or `match_` method you provide for the given attrs.
+- Providing a `f"{type}_*` method pattern, to dynamically find any `validate_*` or `enforce_*` method you provide.
+- Providing a `f"{type}_{attr}` method pattern, to dynamically find any `process_{attr}` or `match_{attr}` method you provide for the given attrs.
 
-Each of these are covered in more details below in the [core concepts](#core-concepts) section below.
+Each of these are covered in detail, below in the [core concepts](#core-concepts) section.
 
-Here you can see how the Python classes work together. There is a lot going on, so I encourage you to review the diagram briefly, and refer back to it ofen while reviewing the detailed information below.
+Here you can see how the Python classes work together. There is a lot going on, so I encourage you to review the diagram briefly, and refer back to it often while reviewing the detailed information below.
 
 ![ACL Classes](../images/acl-workflow.png)
 
 > It may be helpful to open the diagram in a new tab to view the full size, as an example, in Chrome you can right-click on the image and select "Open Image on New Tab".
 
-The intention of this page is not to cover every attribute and it's behavior but a more human (although highly technical) understanding of what is going on. For more detailed information, please see the [test](https://github.com/networktocode/netutils/blob/develop/tests/unit/test_acl.py) and [code docs](../../dev/code_reference/acl/).
+The intention of this page is not to cover every attribute and it's behavior, but a more human (although highly technical) understanding of what is going on. For more detailed information, please see the [test](https://github.com/networktocode/netutils/blob/develop/tests/unit/test_acl.py) and [code docs](../../dev/code_reference/acl/).
 
 > In the future the intention is to add features such as better de-duplication, partial match, and path analysis.
 
 ## Core Concepts
 
 ### Cartesian Product
 
-This ["Cartesian product"](https://en.wikipedia.org/wiki/Cartesian_product) concept is used throughout the page, so I thought it would be good to review. In this example, we have a single rule `rule`, and like many rules, it has multiple sources, destinations, and protocols. The `_cartesian_product` function creates the combinations, each of which is technically called a product.
+This ["Cartesian product"](https://en.wikipedia.org/wiki/Cartesian_product) concept is used throughout the page, so I thought it would be good to review. In this example, we have a single `rule`, and like many rules, it has multiple sources, destinations, and protocols. The `_cartesian_product` function creates the combinations, each of which is technically called a product.
 
 
 ```python
@@ -48,9 +48,9 @@ This ["Cartesian product"](https://en.wikipedia.org/wiki/Cartesian_product) conc
 >>> 
 ```
 
-Now that you have the Cartesian products, you can evaluate each one individually. In this example perhaps '192.168.0.0/24' -> '172.16.0.0/16' is allowed, but '192.168.0.0/24' -> '192.168.250.10-192.168.250.20' is denied. Even still, the access could be allowed on both sources and destinations, but not for udp/53 (DNS).
+Now that you have the Cartesian products, you can evaluate each one individually. In this example perhaps '192.168.0.0/24' -> '172.16.0.0/16' is allowed, but '192.168.0.0/24' -> '192.168.250.10-192.168.250.20' is denied. Yet another example is the access could be allowed on both sources and destinations IPs, but not for udp/53 (DNS).
 
-Having the ability to look at each product individually allows you to only have to worry about the check you wish to create versus custom logic that attempts to understand the combinations. Building a `is_pci_to_non_pci` becomes trivial when looking at each product. This idea applies to validating, enforcing, matching, etc.. 
+Having the ability to look at each product individually allows you to only have to worry about the check you wish to create, versus custom logic that attempts to understand the combinations. Building a `is_pci_to_non_pci` becomes trivial when looking at each product. This idea applies to validating, enforcing, matching, etc.. 
 
 
 ### Dynamic Method - Attrs 
@@ -61,8 +61,7 @@ The methods `process` and `match` both follow this pattern. As an example, the `
 
 The methods `validate` and `enforce` both follow this pattern. As an example, the `validate` method will dynamically find any method that follows `f"process_*` pattern. This allows a Python class that inherits from `ACLRule` to simply add a `validate_ip_in_network` method and that method would be called.
 
-In both cases, you can effect the order `order_validate` and `order_enforce` if ordering matters. If it does not, it will be based on what the Python `dir` function returns, which is in alphabetical.
-
+In both methods, ordering can be controlled with `order_validate` and `order_enforce` respectively. The default ordering will be what the Python `dir` function returns, which is in alphabetical.
 
 ## ACLRule
 
@@ -81,7 +80,7 @@ The `ACLRule` class at a high level:
 
 ### Initialization & Loading Data
 
-The initialization process calls on the `load_data` method. This on a high level veryfies schema of inital data, allows you to process data (e.g. convert tcp/https -> 80/443), expand data, determine Cartesian product (or combinations) of the firewall rule (traditionally 5-tuple), and verifies schema of result data.
+The initialization process calls on the `load_data` method. This on a high level verifies schema of initial data, allows you to process data (e.g. convert tcp/https -> 80/443), expand data, determine Cartesian product (or combinations) of the firewall rule (traditionally 5-tuple), and verifies schema of result data.
 
 The Cartesian product (or combination) is key to the functionality of other steps, this allows you to evaluate each rule based on the smallest view of the data, so pay close attention to those steps, as it is important to other methods as well.
 
@@ -118,7 +117,7 @@ Here you will find a written understanding of what is happening in the code:
 
 ### Enforce
 
-Enforce is generally used for security controls. An `enfoce_matrix` is provided but not used by default. You can think of the matrix as an Excel sheet, in which you have source as the rows and destination as the column. You would identify the source/destination IP and find which x & y coordinates in your Excel document, and perform whatever action it states, such as deny, review, approve, etc.
+Enforce is generally used for security controls. An `enforce_matrix` is provided but not used by default. You can think of the matrix as an Excel sheet, in which you have source as the rows and destination as the column. You would identify the source/destination IP and find which x & y coordinates in your Excel document, and perform whatever action it states, such as deny, review, approve, etc.
 
 To provide some ideas on what you may enforce:
 
@@ -138,33 +137,32 @@ Here you will find a written understanding of what is happening in the code:
         - This matrix definition is very simple and not likely ready to be be used in a production environment, instead used for simple demonstrations and communicating potential ideas.
     - Each method should return a dictionary or list of dictionaries as both of these are handled
         - In the example there is the `obj` and `action` key.
-        - This could and should be extended, such as providing obj, action, detail_msg, notification_team, and whatever metadata that the tooling using this system would require.
+        - This could and should be extended, such as providing obj, action, detail_msg, notification_team, and any other metadata that the tooling using this system would require.
         - Catastrophic errors will raise an error.
 
 While not accurate in all use cases it would be best practice to run any of your custom `enforce_` against `self.expanded_rules`. 
 
 ### Match & Match Details
 
-The `match_details` method provides a verbose way of verifying match details between two ACL rule's, the `match` method uses `match_details` and provides a boolean if there are any rules `rules_unmatched` which would tell you if you had a full match or not. We will only review in detail the `match_details`.
+The `match_details` method provides a verbose way of verifying match details between two ACL rule's, the `match` method uses `match_details` and provides a boolean if there are any rules in `rules_unmatched` which would tell you if you had a full match or not. We will only review in detail the `match_details`.
 
 Here you will find a written understanding of what is happening in the code:
 
-- The `self.expanded_rules` is ran for every combination.
+- The `self.expanded_rules` is looped over for every combination.
     - For each `self.attrs`, a method name matching `f"match_{attr}"`, (e.g. `match_src_ip()`) is called.
         - This allows you to inherit from and provide your own custom equality check or verify with your business logic.
         - You do not need to have a `f"match_{attr}"` method for every attr, description as example would not be a good candidate to match on.
-        - Equality checks are done on source zone, destination zone, action, and port.
-        - An `is_ip_within` check is done with for source IP and destination IP by default.
+        - Equality checks are done on `src_zone`, `dst_zone`, `action`, and `port` by default.
+        - An `is_ip_within` check is done with for `src_ip` and `dst_ip` by default.
 - In the process, details are provided for and returned:
-    - `rules_matched` - root key that is a list of dictionaries of rules that matched.
-    - `rules_unmatched` - root key that is a list of dictionaries of rules that did not match.
+    - `rules_matched` - Root key that is a list of dictionaries of rules that matched.
+    - `rules_unmatched` - Root key that is a list of dictionaries of rules that did not match.
     - `existing_rule_product` - The original expanded_rule that existed in this item.
     - `existing_rule` - The full original rule (not expanded_rule) that existed.
     - `match_rule` - The full original rule that tested against, only shown in `rules_matched` root key.
 
 This data could help you to understand what matched, why it matched, and other metadata. This detail data can be used to in `ACLRules` to aggregate and ask more interesting questions.
 
-
 ## ACLRules
 
 The `ACLRules` class at a high level:
@@ -176,7 +174,6 @@ The `ACLRules` class at a high level:
 
 Using the `match_details` method, you could as an example, build logic if every product of the rule is matched, just not against a single rule. This is one of many different ways you could use the data. 
 
-
 ## Example Usage
 
 ```python
@@ -252,7 +249,6 @@ Using the above object, we can test with:
 
 In that example you can see how we expanded `red` -> 10.1.1.1", "10.2.2.2", "10.3.3.3" as an example.
 
-
 Here we can test if a rule is matched via the existing ruleset. We can leverage the permit or deny to understand if this exists already or not.
 
 ```python