Skip to content

Commit d81bf0c

Browse files
wphyojplwphyojpl
authored
feat: Allow SNS to set external roles to publish messages (#110)
* feat: add AUDIT log level for upload * chore: update outdated tests * fix: allow empty str as RESULT_PATH_PREFIX & replace w/ default val * fix: allowing optional original stac item * feat: sns accept external role option
1 parent c2f1d35 commit d81bf0c

File tree

3 files changed

+86
-63
lines changed

3 files changed

+86
-63
lines changed

mdps_ds_lib/ds_client/ds_client_user.py

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -256,3 +256,21 @@ def delete_single_granule(self):
256256
response.raise_for_status()
257257
response = json.loads(response.text)
258258
return response
259+
260+
def archive_granule(self):
261+
if self.tenant is None or self.tenant_venue is None or self.collection is None or self.granule is None:
262+
raise ValueError(f'require to set tenant & tenant_venue & collection & granule')
263+
collection_id_for_granules = ':'.join([self.urn, self.org, self.project, self.tenant, self.tenant_venue, self.get_complete_collection()])
264+
granule_id_complete = ':'.join([collection_id_for_granules, self.granule])
265+
request_url = f'{self._uds_url}collections/'
266+
request_url = f'{request_url}{collection_id_for_granules}/archive/{granule_id_complete}/'
267+
print(request_url)
268+
s = requests.session()
269+
s.trust_env = self._trust_env
270+
response = s.put(url=request_url, headers={
271+
'Authorization': f'Bearer {self._token_retriever.get_token()}',
272+
}, verify=self._trust_env)
273+
response.raise_for_status()
274+
response = json.loads(response.text)
275+
return response
276+

mdps_ds_lib/lib/aws/aws_sns.py

Lines changed: 24 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -5,16 +5,38 @@ class AwsSns(AwsCred):
55
def __init__(self):
66
super().__init__()
77
self.__sns_client = self.get_client('sns')
8+
self.__special_sns_client = None
89
self.__topic_arn = ''
910

1011
def set_topic_arn(self, topic_arn):
1112
self.__topic_arn = topic_arn
1213
return self
1314

14-
def publish_message(self, msg_str: str):
15+
def set_external_role(self, external_role_arn: str, external_role_session_name: str, external_role_duration: int =900):
16+
sts_client = self.get_client('sts')
17+
assumed_role = sts_client.assume_role(
18+
RoleArn=external_role_arn,
19+
RoleSessionName=external_role_session_name,
20+
DurationSeconds=external_role_duration # 12 hours max
21+
)
22+
23+
credentials = assumed_role['Credentials']
24+
25+
self.__special_sns_client = self.get_session().client(
26+
"sns",
27+
aws_access_key_id=credentials['AccessKeyId'],
28+
aws_secret_access_key=credentials['SecretAccessKey'],
29+
aws_session_token=credentials['SessionToken'],
30+
)
31+
return self
32+
33+
def publish_message(self, msg_str: str, is_with_daac_role: bool=False):
1534
if self.__topic_arn == '':
1635
raise ValueError('missing topic arn to publish message')
17-
response = self.__sns_client.publish(
36+
if is_with_daac_role and self.__special_sns_client is None:
37+
raise ValueError('sns client with external role NOT set')
38+
my_sns = self.__special_sns_client if is_with_daac_role else self.__sns_client
39+
response = my_sns.publish(
1840
TopicArn=self.__topic_arn,
1941
# TargetArn='string', # not needed coz of we are using topic arn
2042
# PhoneNumber='string', # not needed coz of we are using topic arn

tests/mdps_ds_lib/ds_client/test_ds_client_unity.py

Lines changed: 44 additions & 61 deletions
Original file line numberDiff line numberDiff line change
@@ -2,13 +2,18 @@
22
import os
33
from unittest import TestCase
44

5+
from dotenv import load_dotenv
6+
57
from mdps_ds_lib.ds_client.auth_token.token_abstract import TokenAbstract
68
from mdps_ds_lib.ds_client.auth_token.token_factory import TokenFactory
79
from mdps_ds_lib.ds_client.ds_client_admin import DsClientAdmin
810
from mdps_ds_lib.ds_client.ds_client_user import DsClientUser
911

1012

1113
class TestDsClientAdmin(TestCase):
14+
def setUp(self) -> None:
15+
super().setUp()
16+
load_dotenv()
1217
def test_01_admin(self):
1318
os.environ['TRUST_ENV'] = 'TRUE'
1419
os.environ['PASSWORD_TYPE'] = 'PARAM_STORE'
@@ -33,12 +38,6 @@ def test_01_admin(self):
3338

3439
def test_query_granules_across_collections(self):
3540
os.environ['TRUST_ENV'] = 'TRUE'
36-
os.environ['PASSWORD_TYPE'] = 'PARAM_STORE'
37-
os.environ['USERNAME'] = '/unity/uds/user/wphyo/username'
38-
os.environ['PASSWORD'] = '/unity/uds/user/wphyo/dwssap'
39-
os.environ['CLIENT_ID'] = '71g0c73jl77gsqhtlfg2ht388c'
40-
os.environ['COGNITO_URL'] = 'https://cognito-idp.us-west-2.amazonaws.com'
41-
4241
os.environ['TOKEN_FACTORY'] = 'COGNITO'
4342
token_retriever: TokenAbstract = TokenFactory().get_instance(os.getenv('TOKEN_FACTORY'))
4443
client = DsClientUser(token_retriever, 'https://d3vc8w9zcq658.cloudfront.net', 'data-sbx')
@@ -55,12 +54,6 @@ def test_query_granules_across_collections(self):
5554

5655
def test_query_collections(self):
5756
os.environ['TRUST_ENV'] = 'TRUE'
58-
os.environ['PASSWORD_TYPE'] = 'PARAM_STORE'
59-
os.environ['USERNAME'] = '/unity/uds/user/wphyo/username'
60-
os.environ['PASSWORD'] = '/unity/uds/user/wphyo/dwssap'
61-
os.environ['CLIENT_ID'] = '71g0c73jl77gsqhtlfg2ht388c'
62-
os.environ['COGNITO_URL'] = 'https://cognito-idp.us-west-2.amazonaws.com'
63-
6457
os.environ['TOKEN_FACTORY'] = 'COGNITO'
6558
token_retriever: TokenAbstract = TokenFactory().get_instance(os.getenv('TOKEN_FACTORY'))
6659
client = DsClientUser(token_retriever, 'https://d3vc8w9zcq658.cloudfront.net', 'data-sbx')
@@ -70,12 +63,6 @@ def test_query_collections(self):
7063

7164
def test_query_single_collection(self):
7265
os.environ['TRUST_ENV'] = 'TRUE'
73-
os.environ['PASSWORD_TYPE'] = 'PARAM_STORE'
74-
os.environ['USERNAME'] = '/unity/uds/user/wphyo/username'
75-
os.environ['PASSWORD'] = '/unity/uds/user/wphyo/dwssap'
76-
os.environ['CLIENT_ID'] = '71g0c73jl77gsqhtlfg2ht388c'
77-
os.environ['COGNITO_URL'] = 'https://cognito-idp.us-west-2.amazonaws.com'
78-
7966
os.environ['TOKEN_FACTORY'] = 'COGNITO'
8067
token_retriever: TokenAbstract = TokenFactory().get_instance(os.getenv('TOKEN_FACTORY'))
8168
client = DsClientUser(token_retriever, 'https://d3vc8w9zcq658.cloudfront.net', 'data-sbx')
@@ -92,12 +79,6 @@ def test_query_single_collection(self):
9279

9380
def test_query_granules(self):
9481
os.environ['TRUST_ENV'] = 'TRUE'
95-
os.environ['PASSWORD_TYPE'] = 'PARAM_STORE'
96-
os.environ['USERNAME'] = '/unity/uds/user/wphyo/username'
97-
os.environ['PASSWORD'] = '/unity/uds/user/wphyo/dwssap'
98-
os.environ['CLIENT_ID'] = '71g0c73jl77gsqhtlfg2ht388c'
99-
os.environ['COGNITO_URL'] = 'https://cognito-idp.us-west-2.amazonaws.com'
100-
10182
os.environ['TOKEN_FACTORY'] = 'COGNITO'
10283
token_retriever: TokenAbstract = TokenFactory().get_instance(os.getenv('TOKEN_FACTORY'))
10384
client = DsClientUser(token_retriever, 'https://d3vc8w9zcq658.cloudfront.net', 'data-sbx')
@@ -117,12 +98,6 @@ def test_query_granules(self):
11798

11899
def test_query_granules02(self):
119100
os.environ['TRUST_ENV'] = 'TRUE'
120-
os.environ['PASSWORD_TYPE'] = 'PARAM_STORE'
121-
os.environ['USERNAME'] = '/unity/uds/user/wphyo/username'
122-
os.environ['PASSWORD'] = '/unity/uds/user/wphyo/dwssap'
123-
os.environ['CLIENT_ID'] = '71g0c73jl77gsqhtlfg2ht388c'
124-
os.environ['COGNITO_URL'] = 'https://cognito-idp.us-west-2.amazonaws.com'
125-
126101
os.environ['TOKEN_FACTORY'] = 'COGNITO'
127102
token_retriever: TokenAbstract = TokenFactory().get_instance(os.getenv('TOKEN_FACTORY'))
128103
client = DsClientUser(token_retriever, 'https://d3vc8w9zcq658.cloudfront.net', 'am-uds-dapa')
@@ -151,12 +126,6 @@ def test_query_granules02(self):
151126

152127
def test_query_custom_properties(self):
153128
os.environ['TRUST_ENV'] = 'TRUE'
154-
os.environ['PASSWORD_TYPE'] = 'PARAM_STORE'
155-
os.environ['USERNAME'] = '/unity/uds/user/wphyo/username'
156-
os.environ['PASSWORD'] = '/unity/uds/user/wphyo/dwssap'
157-
os.environ['CLIENT_ID'] = '71g0c73jl77gsqhtlfg2ht388c'
158-
os.environ['COGNITO_URL'] = 'https://cognito-idp.us-west-2.amazonaws.com'
159-
160129
os.environ['TOKEN_FACTORY'] = 'COGNITO'
161130
token_retriever: TokenAbstract = TokenFactory().get_instance(os.getenv('TOKEN_FACTORY'))
162131
client = DsClientUser(token_retriever, 'https://d3vc8w9zcq658.cloudfront.net', 'am-uds-dapa')
@@ -178,12 +147,6 @@ def test_query_custom_properties(self):
178147

179148
def test_query_single_granule(self):
180149
os.environ['TRUST_ENV'] = 'TRUE'
181-
os.environ['PASSWORD_TYPE'] = 'PARAM_STORE'
182-
os.environ['USERNAME'] = '/unity/uds/user/wphyo/username'
183-
os.environ['PASSWORD'] = '/unity/uds/user/wphyo/dwssap'
184-
os.environ['CLIENT_ID'] = '71g0c73jl77gsqhtlfg2ht388c'
185-
os.environ['COGNITO_URL'] = 'https://cognito-idp.us-west-2.amazonaws.com'
186-
187150
os.environ['TOKEN_FACTORY'] = 'COGNITO'
188151
token_retriever: TokenAbstract = TokenFactory().get_instance(os.getenv('TOKEN_FACTORY'))
189152
client = DsClientUser(token_retriever, 'https://d3vc8w9zcq658.cloudfront.net', 'am-uds-dapa')
@@ -202,12 +165,6 @@ def test_query_single_granule(self):
202165

203166
def test_update_admin(self):
204167
os.environ['TRUST_ENV'] = 'TRUE'
205-
os.environ['PASSWORD_TYPE'] = 'PARAM_STORE'
206-
os.environ['USERNAME'] = '/unity/uds/user/wphyo/username'
207-
os.environ['PASSWORD'] = '/unity/uds/user/wphyo/dwssap'
208-
os.environ['CLIENT_ID'] = '71g0c73jl77gsqhtlfg2ht388c'
209-
os.environ['COGNITO_URL'] = 'https://cognito-idp.us-west-2.amazonaws.com'
210-
211168
os.environ['TOKEN_FACTORY'] = 'COGNITO'
212169
token_retriever: TokenAbstract = TokenFactory().get_instance(os.getenv('TOKEN_FACTORY'))
213170
client = DsClientAdmin(token_retriever, 'https://d3vc8w9zcq658.cloudfront.net', 'data-sbx')
@@ -225,12 +182,6 @@ def test_update_admin(self):
225182

226183
def test_delete_single_granule(self):
227184
os.environ['TRUST_ENV'] = 'TRUE'
228-
os.environ['PASSWORD_TYPE'] = 'PARAM_STORE'
229-
os.environ['USERNAME'] = '/unity/uds/user/wphyo/username'
230-
os.environ['PASSWORD'] = '/unity/uds/user/wphyo/dwssap'
231-
os.environ['CLIENT_ID'] = '71g0c73jl77gsqhtlfg2ht388c'
232-
os.environ['COGNITO_URL'] = 'https://cognito-idp.us-west-2.amazonaws.com'
233-
234185
os.environ['TOKEN_FACTORY'] = 'COGNITO'
235186
token_retriever: TokenAbstract = TokenFactory().get_instance(os.getenv('TOKEN_FACTORY'))
236187
client = DsClientUser(token_retriever, 'https://d3vc8w9zcq658.cloudfront.net', 'data-sbx')
@@ -243,21 +194,53 @@ def test_delete_single_granule(self):
243194
client.tenant_venue = 'DEV'
244195
client.collection = 'DDD-01'
245196
client.collection_venue = '001'
246-
client.granule = 'test_file10'
247197
# urn:nasa:unity:uds_local_test:DEV1:CHRP_16_DAY_REBIN___10:SNDR.SS1330.CHIRP.20230101T0000.m06.g001.L1_J1.std.v02_48.G.200101070318_REBIN
248198
print(client.delete_single_granule())
249199
return
250200

251201
def test_query_catalog(self):
252202
os.environ['TRUST_ENV'] = 'TRUE'
253-
os.environ['PASSWORD_TYPE'] = 'PARAM_STORE'
254-
os.environ['USERNAME'] = '/unity/uds/user/wphyo/username'
255-
os.environ['PASSWORD'] = '/unity/uds/user/wphyo/dwssap'
256-
os.environ['CLIENT_ID'] = '71g0c73jl77gsqhtlfg2ht388c'
257-
os.environ['COGNITO_URL'] = 'https://cognito-idp.us-west-2.amazonaws.com'
258-
259203
os.environ['TOKEN_FACTORY'] = 'COGNITO'
260204
token_retriever: TokenAbstract = TokenFactory().get_instance(os.getenv('TOKEN_FACTORY'))
261205
client = DsClientUser(token_retriever, 'https://d3vc8w9zcq658.cloudfront.net', 'data-sbx') # data-sbx'
262206
print(json.dumps(client.query_catalog(), indent=4))
263207
return
208+
209+
def test_query_granules01(self):
210+
os.environ['TRUST_ENV'] = 'TRUE'
211+
# https://api.test.mdps.mcp.nasa.gov/am-uds-dapa/collections/URN:NASA:UNITY:unity:test:TRPSDL2ALLCRS1MGLOS___2/items
212+
os.environ['TOKEN_FACTORY'] = 'COGNITO'
213+
token_retriever: TokenAbstract = TokenFactory().get_instance(os.getenv('TOKEN_FACTORY'))
214+
client = DsClientUser(token_retriever, 'https://api.test.mdps.mcp.nasa.gov', 'am-uds-dapa')
215+
# client = DsClientAdmin(token_retriever, 'http://localhost:8005', 'data')
216+
217+
client.urn = 'URN'
218+
client.org = 'NASA'
219+
client.project = 'UNITY'
220+
client.tenant = 'unity'
221+
client.tenant_venue = 'test'
222+
client.collection = 'TRPSDL2ALLCRS1MGLOS'
223+
client.collection_venue = '2'
224+
result = client.query_granules(sort_keys='+properties.datetime,-id') # bbox='-114,32.5,-113,33.5'
225+
print(json.dumps(result, indent=4))
226+
return
227+
228+
def test_archive_one(self):
229+
os.environ['TRUST_ENV'] = 'TRUE'
230+
# https://api.test.mdps.mcp.nasa.gov/am-uds-dapa/collections/URN:NASA:UNITY:unity:test:TRPSDL2ALLCRS1MGLOS___2/items
231+
os.environ['TOKEN_FACTORY'] = 'COGNITO'
232+
token_retriever: TokenAbstract = TokenFactory().get_instance(os.getenv('TOKEN_FACTORY'))
233+
client = DsClientUser(token_retriever, 'https://api.test.mdps.mcp.nasa.gov', 'am-uds-dapa')
234+
# client = DsClientAdmin(token_retriever, 'http://localhost:8005', 'data')
235+
236+
client.urn = 'URN'
237+
client.org = 'NASA'
238+
client.project = 'UNITY'
239+
client.tenant = 'unity'
240+
client.tenant_venue = 'test'
241+
client.collection = 'TRPSDL2ALLCRS1MGLOS'
242+
client.collection_venue = '2'
243+
client.granule = 'TROPESS_CrIS-JPSS1_L2_Standard_NH3_20250108_MUSES_R1p23_megacity_los_angeles_MGLOS_F2p5_J0'
244+
245+
print(client.archive_granule())
246+
return

0 commit comments

Comments
 (0)