DHDPS-414: split out DRS from htsget

Dockerfile

@@ -10,9 +10,8 @@ RUN groupadd -r candig && useradd -rm candig -g candig
 
 RUN apt-get update && apt-get -y install \
 	cron \
-	sqlite3 \
 	postgresql-client \
-    postgresql
+  postgresql
 
 COPY requirements.txt /app/htsget_server/requirements.txt
 
@@ -22,6 +21,8 @@ COPY . /app/htsget_server
 
 WORKDIR /app/htsget_server
 
+COPY data/files /data/
+
 RUN chown -R candig:candig /app/htsget_server
 
 USER candig

README.md

@@ -20,35 +20,17 @@ Thank you to [gel-htsget](https://github.com/genomicsengland/gel-htsget) for bei
 - Python 3
 - [Pysam](https://pysam.readthedocs.io/en/latest/api.html)
 - Pytest
-- Travis-CI
 
 ## Installation
 
-The server software can be installed in a virtual environment:
-```
-python setup.py install
-```
-
-## Running
-
-This application can be configured by way of the config.ini file in the root of the project.
-The server can be run with: 
-
-```
-python htsget_server/server.py
-```
-
-This application can also be set up in a docker container. A docker-compose file and Dockerfile are provided.
+The server is meant to be run in the context of the [CanDIG stack](https://candig.github.io/CanDIGv2/deployment/local/).
 
 The default MinIO location specified in the config.ini file is the sandbox at MinIO, but a different location can be specified there as well. Be sure to update the access key and secret key values in config.ini.
 
 
 ## Testing
 
-For testing, a small test suite under tests/test_htsget_server.py can be run by starting the server and running:
-
+An automated test suite is provided, but can only be run in the docker container stack context. If you are running the CanDIG stack, you can run the tests with
 ```
-pytest
+docker exec candigv2_htsget_1 pytest
 ```
-
-For automated testing, activate the repo with [Travis-CI](https://travis-ci.com/getting_started)

config.ini

@@ -9,6 +9,7 @@ AGGREGATE_COUNT_THRESHOLD = <AGGREGATE_COUNT_THRESHOLD>
 [paths]
 DBPath = sqlite:///./data/files.db
 PGPath = postgresql+psycopg2://<POSTGRES_USERNAME>:PASSWORD@HOST:5432/genomic
+DRSPath = postgresql+psycopg2://<POSTGRES_USERNAME>:PASSWORD@HOST:5432/drs
 
 [authz]
 CANDIG_OPA_URL = <OPA_URL>

data/files.sql

@@ -1,45 +1,4 @@
 BEGIN TRANSACTION;
-CREATE TABLE program (
-	id VARCHAR NOT NULL,
-	statistics JSONB,
-	PRIMARY KEY (id)
-);
-CREATE TABLE drs_object (
-        id VARCHAR NOT NULL,
-        name VARCHAR,
-        self_uri VARCHAR,
-        size BIGINT,
-        created_time VARCHAR,
-        updated_time VARCHAR,
-        version VARCHAR,
-        mime_type VARCHAR,
-        checksums VARCHAR,
-        description VARCHAR,
-        aliases VARCHAR,
-        program_id VARCHAR,
-        meta_data JSONB,
-        PRIMARY KEY (id),
-        FOREIGN KEY(program_id) REFERENCES program (id)
-);
-CREATE TABLE access_method (
-        id SERIAL PRIMARY KEY,
-        drs_object_id VARCHAR,
-        type VARCHAR,
-        access_id VARCHAR,
-        region VARCHAR,
-        url VARCHAR,
-        headers VARCHAR,
-        FOREIGN KEY(drs_object_id) REFERENCES drs_object (id)
-);
-CREATE TABLE content_object (
-        id SERIAL PRIMARY KEY,
-        drs_object_id VARCHAR,
-        name VARCHAR,
-        contents_id VARCHAR,
-        drs_uri VARCHAR,
-        contents VARCHAR,
-        FOREIGN KEY(drs_object_id) REFERENCES drs_object (id)
-);
 CREATE TABLE contig (
 	id VARCHAR NOT NULL,
 	PRIMARY KEY (id)
@@ -137,8 +96,8 @@ CREATE TABLE variantfile (
 	indexed INTEGER,
 	chr_prefix VARCHAR,
 	reference_genome VARCHAR,
-	PRIMARY KEY (id),
-	FOREIGN KEY(drs_object_id) REFERENCES drs_object (id)
+	PRIMARY KEY (id)
+	-- FOREIGN KEY(drs_object_id) REFERENCES drs_object (id)
 );
 CREATE TABLE pos_bucket (
 	id SERIAL PRIMARY KEY,

htsget_server/authz.py

@@ -1,17 +1,11 @@
-import json
 from config import AUTHZ, TEST_KEY
-from flask import Flask
-import database
 import authx.auth
 from candigv2_logging.logging import CanDIGLogger
 
 
 logger = CanDIGLogger(__file__)
 
 
-app = Flask(__name__)
-
-
 class AuthzRequest:
     headers = {}
     method = None
@@ -29,49 +23,6 @@ def is_testing(request):
         return True
 
 
-def is_authed(id_, request):
-    if request is None:
-        return 401
-    if is_testing(request):
-        return 200 # no auth
-    if has_full_authz(request):
-        return 200
-    if "Authorization" in request.headers:
-        obj = database.get_drs_object(id_)
-        if obj is not None and 'program' in obj:
-            if is_program_authorized(request, obj['program']):
-                return 200
-        else:
-            return 404
-    else:
-        return 401
-    return 403
-
-
-def get_authorized_programs(request):
-    req = AuthzRequest(request.headers, request.method, request.url.path)
-    if has_full_authz(req):
-        return list(map(lambda x: x['id'], database.list_programs()))
-    if is_testing(req):
-        return ["test-htsget"]
-    try:
-        return authx.auth.get_opa_datasets(req)
-    except Exception as e:
-        logger.warning(f"Couldn't authorize programs: {type(e)} {str(e)}")
-        return []
-
-
-def is_program_authorized(request, program_id):
-    req = AuthzRequest(request.headers, request.method, request.url.path)
-    if is_testing(req):
-        return True
-    if has_full_authz(req):
-        return True
-    if not "Authorization" in request.headers:
-        return False
-    return authx.auth.is_action_allowed_for_program(authx.auth.get_auth_token(req), method=req.method, path=req.path, program=program_id)
-
-
 def has_full_authz(request):
     """
     Is the user associated with the token a site admin? Alternately, is this request from query or ingest?