oubiwann · May 26, 2017 18:52
diff --git a/cmr.clj b/cmr.clj
 scratch
 =======

 (reset)

 (run-tests 'cmr.system-int-test.ingest.variable-ingest-test)

 =============================================================================

 (reset)

 (require '[cheshire.core :as json])
 (require '[cmr.acl.core :as acl])
 (require '[cmr.ingest.services.ingest-service :as ingest-service])
 (require '[cmr.mock-echo.client.echo-util :as e])
 (require '[cmr.mock-echo.data.acl-db :as acl-db])
 (require '[cmr.system-int-test.data2.core :as dt])
 (require '[cmr.system-int-test.data2.umm-spec-variable :as data-umm-var])
 (require '[cmr.system-int-test.system :as s])
 (require '[cmr.system-int-test.utils.dev-system-util :as dev-sys-util])
 (require '[cmr.system-int-test.utils.index-util :as index])
 (require '[cmr.system-int-test.utils.ingest-util :as ingest])
 (require '[cmr.system-int-test.utils.metadata-db-util :as mdb])
 (require '[cmr.system-int-test.utils.url-helper :as url])
 (require '[cmr.transmit.access-control :as ac])
 (require '[cmr.transmit.echo.acls :as echo-acls])

 (dev-sys-util/reset)
 ;;;==========================================================================

 (acl-db/get-acls {:system (get-in system [:apps :mock-echo])})

 (require '[cmr.transmit.echo.acls :as echo-acls])
 (echo-acls/get-acls-by-types (s/context) [:system-object])

 (require '[cmr.transmit.access-control :as ac])
 (ac/acl-root-url (s/context))
 "null://null:nullnull/acls/"

 (defn- get-acls
  "Get a token's management ACLs."
  [token]
  (-> (s/context)
      (assoc :token token)
      (acl/get-permitting-acls :system-object
                               e/ingest-management-acl
                               :update)))

 (defn- grant-permitted?
  "Check if a given grant id is in the list of provided ACLs."
  [grant-id acls]
  (contains?
    (into
      #{}
      (map :guid acls))
    grant-id))

 (defn- group-permitted?
  "Check if a given group id is in the list of provided ACLs."
  [group-id acls]
  (contains?
    (reduce
      #(into %1 (map :group-guid %2))
      #{}
      (map :aces acls))
    group-id))

 (defn- permitted?
  "Check if a the ACLs for the given token include the given grant and group
  IDs."
  [token grant-id group-id]
  (let [acls (get-acls token)]
    (and (grant-permitted? grant-id acls)
         (group-permitted? group-id acls))))

 ;;;==========================================================================

 (def update-group-id (e/get-or-create-group (s/context) "update-group"))
 (def update-token (e/login (s/context) "user3" [update-group-id]))
 (def update-grant-id (e/grant-group-admin 
                      (assoc (s/context) :token update-token)
                      update-group-id 
                      :update))

 (pprint (echo-acls/get-acls-by-types (s/context) [:system-object]))

 (permitted? update-token update-grant-id update-group-id)

 (ingest/ingest-variable 
  data-umm-var/simple-json-variable 
  {:accept-format :json :token update-token})

 (echo-acls/get-acls-by-types (s/context) [:system-object])

 =============================================================================

 (def identity-type (echo-acls/acl-type->acl-key :system-object))

 =============================================================================

 (def admin-group-id (e/get-or-create-group (s/context) "admin"))
 (def admin-token (e/login (s/context) "admin" [admin-group-id]))
 (def grant-id (e/grant-group-admin (s/context) admin-group-id))

 (def token-context (assoc (s/context) :token admin-token))

 (def permitted-acl (-> token-context
                       (acl/get-permitting-acls 
                        :system-object
                        e/ingest-management-acl
                        :update)
                       first))

 (= (:guid permitted-acl) grant-id)
 (= (get-in permitted-acl [:aces 0 :group-guid]) admin-group-id)

 (acl/has-ingest-management-permission?
  token-context
  :update 
  :system-object 
  nil)

 (acl/verify-ingest-management-permission
  token-context 
  :update)

 (def concept (data-umm-var/variable-concept {}))

 (ingest/ingest-variable 
  concept 
  {:accept-format :json :token admin-token})

 (def response (ingest/ingest-variable 
                token-concept 
                {:accept-format :json 
                 :token admin-token}))

 (index/wait-until-indexed)
 (mdb/concept-exists-in-mdb? (:concept-id response) 1)
 (:revision-id response)


 (ingest/create-ingest-variable concept)

 =============================================================================

 (def data {
  :Name "A name"
  :LongName "A long UMM-Var name"
  :Units "m"
  :DataType "float32"
  :DimensionsName ["H2OFunc"
                   "H2OPressureLay"
                   "MWHingeSurf"
                   "Cloud"
                   "HingeSurf"
                   "H2OPressureLev"
                   "AIRSXTrack"
                   "StdPressureLay"
                   "CH4Func"
                   "StdPressureLev"]
  :Dimensions ["11" "14" "7" "2" "100" "15" "3" "28" "10" "9"]
  :ValidRange []
  :Scale 1.0
  :Offset 0.0
  :FillValue -9999.0
  :VariableType "SCIENCE_VARIABLE"}
 )
 =============================================================================

 ;; Group definitions
 (def default-group-id (e/get-or-create-group (s/context) "ummvar-default-group"))
 (def admin-group-id (e/get-or-create-group (s/context) "ummvar-admin-group"))
 (def super-admin-group-id (e/get-or-create-group
                        (s/context) "ummvar-super-admin-group"))
 ;; Token generation
 (def guest-token (e/login-guest (s/context)))
 (def user-token (e/login (s/context) "ummvar-user" [default-group-id]))
 (def admin-token (e/login (s/context) "ummvar-admin" [admin-group-id]))
 (def super-admin-token (e/login
                        (s/context)
                        "ummvar-super-admin"
                        [super-admin-group-id]))
 ;; Permission grants for groups
 (def admin-grant-id (e/grant-group-admin 
                     (assoc (s/context) :token admin-token)
                     admin-group-id
                     [:create
                      :read
                      :update]))

 (def super-admin-grant-id (e/grant-group-admin 
                           (assoc (s/context) :token super-admin-token)
                           super-admin-group-id
                           [:create
                            :read
                            :update
                            :delete]))

 (permitted? admin-token admin-grant-id
            admin-group-id)
 (permitted? super-admin-token super-admin-grant-id
            super-admin-group-id)

 =============================================================================

 (require '[cmr.system-int-test.data2.umm-spec-collection :as data-umm-c])
 (require '[cmr.umm-spec.test.location-keywords-helper :as lkt])

 (ingest/setup-providers {"provguid1" "PROV1" "provguid2" "PROV2"})
 (def concept (data-umm-c/collection-concept {:revision-id 42}))
 (def response (ingest/ingest-concept concept {:accept-format :json :token token}))



 (index/wait-until-indexed)
 (mdb/concept-exists-in-mdb? (:concept-id response) 1)
 (:revision-id response)

 {:keys [format metadata]} concept
	scratch
	=======

	(reset)

	(run-tests 'cmr.system-int-test.ingest.variable-ingest-test)

	=============================================================================

	(reset)

	(require '[cheshire.core :as json])
	(require '[cmr.acl.core :as acl])
	(require '[cmr.ingest.services.ingest-service :as ingest-service])
	(require '[cmr.mock-echo.client.echo-util :as e])
	(require '[cmr.mock-echo.data.acl-db :as acl-db])
	(require '[cmr.system-int-test.data2.core :as dt])
	(require '[cmr.system-int-test.data2.umm-spec-variable :as data-umm-var])
	(require '[cmr.system-int-test.system :as s])
	(require '[cmr.system-int-test.utils.dev-system-util :as dev-sys-util])
	(require '[cmr.system-int-test.utils.index-util :as index])
	(require '[cmr.system-int-test.utils.ingest-util :as ingest])
	(require '[cmr.system-int-test.utils.metadata-db-util :as mdb])
	(require '[cmr.system-int-test.utils.url-helper :as url])
	(require '[cmr.transmit.access-control :as ac])
	(require '[cmr.transmit.echo.acls :as echo-acls])

	(dev-sys-util/reset)
	;;;==========================================================================

	(acl-db/get-acls {:system (get-in system [:apps :mock-echo])})

	(require '[cmr.transmit.echo.acls :as echo-acls])
	(echo-acls/get-acls-by-types (s/context) [:system-object])

	(require '[cmr.transmit.access-control :as ac])
	(ac/acl-root-url (s/context))
	"null://null:nullnull/acls/"

	(defn- get-acls
	"Get a token's management ACLs."
	[token]
	(-> (s/context)
	(assoc :token token)
	(acl/get-permitting-acls :system-object
	e/ingest-management-acl
	:update)))

	(defn- grant-permitted?
	"Check if a given grant id is in the list of provided ACLs."
	[grant-id acls]
	(contains?
	(into
	#{}
	(map :guid acls))
	grant-id))

	(defn- group-permitted?
	"Check if a given group id is in the list of provided ACLs."
	[group-id acls]
	(contains?
	(reduce
	#(into %1 (map :group-guid %2))
	#{}
	(map :aces acls))
	group-id))

	(defn- permitted?
	"Check if a the ACLs for the given token include the given grant and group
	IDs."
	[token grant-id group-id]
	(let [acls (get-acls token)]
	(and (grant-permitted? grant-id acls)
	(group-permitted? group-id acls))))

	;;;==========================================================================

	(def update-group-id (e/get-or-create-group (s/context) "update-group"))
	(def update-token (e/login (s/context) "user3" [update-group-id]))
	(def update-grant-id (e/grant-group-admin
	(assoc (s/context) :token update-token)
	update-group-id
	:update))

	(pprint (echo-acls/get-acls-by-types (s/context) [:system-object]))

	(permitted? update-token update-grant-id update-group-id)

	(ingest/ingest-variable
	data-umm-var/simple-json-variable
	{:accept-format :json :token update-token})

	(echo-acls/get-acls-by-types (s/context) [:system-object])

	=============================================================================

	(def identity-type (echo-acls/acl-type->acl-key :system-object))

	=============================================================================

	(def admin-group-id (e/get-or-create-group (s/context) "admin"))
	(def admin-token (e/login (s/context) "admin" [admin-group-id]))
	(def grant-id (e/grant-group-admin (s/context) admin-group-id))

	(def token-context (assoc (s/context) :token admin-token))

	(def permitted-acl (-> token-context
	(acl/get-permitting-acls
	:system-object
	e/ingest-management-acl
	:update)
	first))

	(= (:guid permitted-acl) grant-id)
	(= (get-in permitted-acl [:aces 0 :group-guid]) admin-group-id)

	(acl/has-ingest-management-permission?
	token-context
	:update
	:system-object
	nil)

	(acl/verify-ingest-management-permission
	token-context
	:update)

	(def concept (data-umm-var/variable-concept {}))

	(ingest/ingest-variable
	concept
	{:accept-format :json :token admin-token})

	(def response (ingest/ingest-variable
	token-concept
	{:accept-format :json
	:token admin-token}))

	(index/wait-until-indexed)
	(mdb/concept-exists-in-mdb? (:concept-id response) 1)
	(:revision-id response)


	(ingest/create-ingest-variable concept)

	=============================================================================

	(def data {
	:Name "A name"
	:LongName "A long UMM-Var name"
	:Units "m"
	:DataType "float32"
	:DimensionsName ["H2OFunc"
	"H2OPressureLay"
	"MWHingeSurf"
	"Cloud"
	"HingeSurf"
	"H2OPressureLev"
	"AIRSXTrack"
	"StdPressureLay"
	"CH4Func"
	"StdPressureLev"]
	:Dimensions ["11" "14" "7" "2" "100" "15" "3" "28" "10" "9"]
	:ValidRange []
	:Scale 1.0
	:Offset 0.0
	:FillValue -9999.0
	:VariableType "SCIENCE_VARIABLE"}
	)
	=============================================================================

	;; Group definitions
	(def default-group-id (e/get-or-create-group (s/context) "ummvar-default-group"))
	(def admin-group-id (e/get-or-create-group (s/context) "ummvar-admin-group"))
	(def super-admin-group-id (e/get-or-create-group
	(s/context) "ummvar-super-admin-group"))
	;; Token generation
	(def guest-token (e/login-guest (s/context)))
	(def user-token (e/login (s/context) "ummvar-user" [default-group-id]))
	(def admin-token (e/login (s/context) "ummvar-admin" [admin-group-id]))
	(def super-admin-token (e/login
	(s/context)
	"ummvar-super-admin"
	[super-admin-group-id]))
	;; Permission grants for groups
	(def admin-grant-id (e/grant-group-admin
	(assoc (s/context) :token admin-token)
	admin-group-id
	[:create
	:read
	:update]))

	(def super-admin-grant-id (e/grant-group-admin
	(assoc (s/context) :token super-admin-token)
	super-admin-group-id
	[:create
	:read
	:update
	:delete]))

	(permitted? admin-token admin-grant-id
	admin-group-id)
	(permitted? super-admin-token super-admin-grant-id
	super-admin-group-id)

	=============================================================================

	(require '[cmr.system-int-test.data2.umm-spec-collection :as data-umm-c])
	(require '[cmr.umm-spec.test.location-keywords-helper :as lkt])

	(ingest/setup-providers {"provguid1" "PROV1" "provguid2" "PROV2"})
	(def concept (data-umm-c/collection-concept {:revision-id 42}))
	(def response (ingest/ingest-concept concept {:accept-format :json :token token}))



	(index/wait-until-indexed)
	(mdb/concept-exists-in-mdb? (:concept-id response) 1)
	(:revision-id response)

	{:keys [format metadata]} concept