Merge pull request #163 from ecmwf-projects/COPDS-1389-remove-accepte…

…dLicences Remove job submission with acceptedLicences
ecmwf-projects · Nov 17, 2023 · 55d9ec0 · 55d9ec0
2 parents 7563e0b + 523134f
commit 55d9ec0
Show file tree

Hide file tree

Showing 5 changed files with 13 additions and 102 deletions.
diff --git a/cads_processing_api_service/auth.py b/cads_processing_api_service/auth.py
@@ -147,36 +147,14 @@ def verify_permission(user_uid: str, job: cads_broker.SystemRequest) -> None:
         raise exceptions.PermissionDenied()
 
 
-def get_contextual_accepted_licences(
-    execution_content: dict[str, Any]
-) -> set[tuple[str, int]]:
-    """Get licences accepted in the context of a process execution request.
-
-    Parameters
-    ----------
-    execution_content : dict[str, Any]
-        Process execution request's payload.
-
-    Returns
-    -------
-    set[tuple[str, int]]
-        Accepted licences.
-    """
-    licences = execution_content.get("acceptedLicences")
-    if not licences:
-        licences = []
-    accepted_licences = {(licence["id"], licence["revision"]) for licence in licences}
-    return accepted_licences
-
-
 @cachetools.cached(
     cache=cachetools.TTLCache(
         maxsize=config.ensure_settings().cache_users_maxsize,
         ttl=config.ensure_settings().cache_users_ttl,
     ),
     info=True,
 )
-def get_stored_accepted_licences(auth_header: tuple[str, str]) -> set[tuple[str, int]]:
+def get_accepted_licences(auth_header: tuple[str, str]) -> set[tuple[str, int]]:
     """Get licences accepted by a user stored in the Extended Profiles database.
 
     The user is identified by the provided authentication header.
@@ -246,22 +224,17 @@ def check_licences(
 
 
 def validate_licences(
-    execution_content: dict[str, Any],
-    stored_accepted_licences: set[tuple[str, str]],
+    accepted_licences: set[tuple[str, str]],
     licences: list[tuple[str, int]],
 ) -> None:
     """Validate process execution request's payload in terms of required licences.
 
     Parameters
     ----------
-    execution_content : dict[str, Any]
-        Process execution request's payload.
     stored_accepted_licences : set[tuple[str, str]]
         Licences accepted by a user stored in the Extended Profiles database.
     licences : list[tuple[str, int]]
         Licences bound to the required process/dataset.
     """
     required_licences = set(licences)
-    contextual_accepted_licences = get_contextual_accepted_licences(execution_content)
-    accepted_licences = contextual_accepted_licences.union(stored_accepted_licences)
     check_licences(required_licences, accepted_licences)  # type: ignore
diff --git a/cads_processing_api_service/clients.py b/cads_processing_api_service/clients.py
@@ -166,7 +166,7 @@ def get_process(
     def post_process_execution(
         self,
         process_id: str = fastapi.Path(...),
-        execution_content: models.Execute = fastapi.Body(...),
+        execution_content: ogc_api_processes_fastapi.models.Execute = fastapi.Body(...),
         auth_header: tuple[str, str] = fastapi.Depends(auth.get_auth_header),
         portal_header: str | None = fastapi.Header(
             None, alias=config.PORTAL_HEADER_NAME
@@ -192,7 +192,7 @@ def post_process_execution(
         """
         user_uid = auth.authenticate_user(auth_header, portal_header)
         structlog.contextvars.bind_contextvars(user_uid=user_uid)
-        stored_accepted_licences = auth.get_stored_accepted_licences(auth_header)
+        accepted_licences = auth.get_accepted_licences(auth_header)
         execution_content = execution_content.model_dump()
         catalogue_sessionmaker = db_utils.get_catalogue_sessionmaker(
             db_utils.ConnectionMode.read
@@ -205,7 +205,7 @@ def post_process_execution(
             )
         adaptor = adaptors.instantiate_adaptor(resource)
         licences = adaptor.get_licences(execution_content)
-        auth.validate_licences(execution_content, stored_accepted_licences, licences)
+        auth.validate_licences(accepted_licences, licences)
         job_id = str(uuid.uuid4())
         structlog.contextvars.bind_contextvars(job_id=job_id)
         job_kwargs = adaptors.make_system_job_kwargs(

diff --git a/cads_processing_api_service/models.py b/cads_processing_api_service/models.py
@@ -20,24 +20,6 @@
 import pydantic
 
 
-class Licence(pydantic.BaseModel):
-    id: str
-    revision: int
-
-
-class Request(pydantic.BaseModel):
-    ids: dict[
-        str,
-        ogc_api_processes_fastapi.models.InlineOrRefData
-        | list[ogc_api_processes_fastapi.models.InlineOrRefData],
-    ] | None = None
-    labels: dict[str, str | list[str]] | None = None
-
-
-class Execute(ogc_api_processes_fastapi.models.Execute):
-    acceptedLicences: list[Licence] | None = None
-
-
 class StatusInfo(ogc_api_processes_fastapi.models.StatusInfo):
     request: dict[str, Any] | None = None
     results: dict[str, Any] | None = None

diff --git a/tests/integration_test_10_clients.py b/tests/integration_test_10_clients.py
@@ -37,19 +37,6 @@
         "time": ["06:00"],
     }
 }
-POST_PROCESS_REQUEST_BODY_SUCCESS_W_LICENCES = {
-    "inputs": {
-        "product_type": ["reanalysis"],
-        "format": ["grib"],
-        "variable": ["temperature"],
-        "pressure_level": ["1"],
-        "year": ["1971"],
-        "month": ["01"],
-        "day": ["25"],
-        "time": ["06:00"],
-    },
-    "acceptedLicences": [{"id": "licence-to-use-copernicus-products", "revision": 12}],
-}
 POST_PROCESS_REQUEST_BODY_FAIL = {
     "inputs": {
         "product_type": ["reanalysis"],
@@ -263,25 +250,7 @@ def test_post_process_execution_stored_accepted_licences(
     )
 
 
-def test_post_process_execution_context_accepted_licences(
-    dev_env_proc_api_url: str,
-) -> None:
-    response = submit_job(
-        dev_env_proc_api_url,
-        request_body=POST_PROCESS_REQUEST_BODY_SUCCESS_W_LICENCES,
-        auth_headers=AUTH_HEADERS_VALID_2,
-    )
-    response_status_code = response.status_code
-    exp_status_code = 201
-    assert response_status_code == exp_status_code
-
-    response = delete_job(
-        dev_env_proc_api_url,
-        response.json()["jobID"],
-        auth_headers=AUTH_HEADERS_VALID_2,
-    )
-
-
+@pytest.mark.skip(reason="Submission of jobs with accepted licences is no more allowed")
 def test_post_process_execution_anon_user(
     dev_env_proc_api_url: str,
 ) -> None:
@@ -292,7 +261,7 @@ def test_post_process_execution_anon_user(
 
     response = submit_job(
         dev_env_proc_api_url,
-        request_body=POST_PROCESS_REQUEST_BODY_SUCCESS_W_LICENCES,
+        request_body=POST_PROCESS_REQUEST_BODY_SUCCESS,
         auth_headers=AUTH_HEADERS_VALID_ANON,
     )
     response_status_code = response.status_code
@@ -318,6 +287,7 @@ def test_post_process_execution_not_authorized(
     assert response.status_code == exp_status_code
 
 
+@pytest.mark.skip(reason="Test is not valid anymore")
 def test_post_process_execution_missing_licences(
     dev_env_proc_api_url: str,
 ) -> None:
@@ -591,13 +561,16 @@ def test_get_jobs(dev_env_proc_api_url: str) -> None:
     assert all([key in response_body for key in exp_keys])
 
 
-def test_get_jobs_different_user(dev_env_proc_api_url: str) -> None:
+def test_get_jobs_different_user(
+    dev_env_prof_api_url: str, dev_env_proc_api_url: str
+) -> None:
+    response = accept_licence(dev_env_prof_api_url, auth_headers=AUTH_HEADERS_VALID_2)
     number_of_new_jobs = 1
     job_ids: list[str] = []
     for _ in range(number_of_new_jobs):
         response = submit_job(
             dev_env_proc_api_url,
-            request_body=POST_PROCESS_REQUEST_BODY_SUCCESS_W_LICENCES,
+            request_body=POST_PROCESS_REQUEST_BODY_SUCCESS,
             auth_headers=AUTH_HEADERS_VALID_2,
         )
         job_ids.append(response.json()["jobID"])

diff --git a/tests/test_30_auth.py b/tests/test_30_auth.py
@@ -18,23 +18,6 @@
 from cads_processing_api_service import auth, exceptions
 
 
-def test_get_contextual_accepted_licences() -> None:
-    execution_content: dict[str, list[dict[str, str | int]] | None] = {
-        "acceptedLicences": [
-            {"id": "licence", "revision": 0},
-            {"id": "licence", "revision": 0},
-        ]
-    }
-    licences = auth.get_contextual_accepted_licences(execution_content)
-    exp_licences = {("licence", 0)}
-    assert licences == exp_licences
-
-    execution_content = {"acceptedLicences": None}
-    licences = auth.get_contextual_accepted_licences(execution_content)
-    exp_licences = set()
-    assert licences == exp_licences
-
-
 def test_check_licences() -> None:
     required_licences = {("licence_1", 1), ("licence_2", 2)}
     accepted_licences = {("licence_1", 1), ("licence_2", 2), ("licence_3", 3)}