CMR-11117: adding a wrapper to parse edn data which is not longer automaticly parsed

jceaser · jceaser · commit ee0ca8970ae6 · 2026-03-16T14:38:59.000-04:00
diff --git a/access-control-app/src/cmr/access_control/routes.clj b/access-control-app/src/cmr/access_control/routes.clj
@@ -5,6 +5,7 @@
   a place for adding routes that apply to both (e.g., robots.txt, should we
   ever need that for access-control)."
   (:require
+   [clojure.edn :as edn]
    [cmr.access-control.api.routes :as api-routes]
    [cmr.access-control.site.routes :as site-routes]
    [cmr.acl.core :as acl]
@@ -13,6 +14,7 @@
    [cmr.common-app.site.pages :as common-pages]
    [cmr.common.api.context :as context]
    [cmr.common.api.errors :as api-errors]
+   [cmr.common.log :refer (warnf)]
    [compojure.core :refer [routes]]
    [ring.middleware.keyword-params :as keyword-params]
    [ring.middleware.nested-params :as nested-params]
@@ -24,10 +26,44 @@
     (site-routes/build-routes system)
     (common-pages/not-found)))
 
+(defn- parse-group-permission
+  "Safely parse group-permission parameter, handling both parsed and string formats."
+  [group-permission]
+  (cond
+    (nil? group-permission) nil
+    (map? group-permission) group-permission
+    (string? group-permission)
+    (try
+      (edn/read-string {:readers {}} group-permission)
+      (catch Exception _e
+        (warnf "Failed to parse group-permission parameter: %s." group-permission)
+        nil))
+    :else
+    (do
+      (warnf "Unexpected group-permission format: %s." (type group-permission))
+      nil)))
+
+(defn normalize-acl-search-params
+  "Normalize params to handle format changes from HTTP library updates."
+  [params]
+  (if-let [gp (:group-permission params)]
+    (assoc params :group-permission (parse-group-permission gp))
+    params))
+
+(defn wrap-parse-group-permission
+  "Middleware to parse group-permission params that may come as strings."
+  [handler]
+  (fn [request]
+    (let [params (:params request)
+          normalized (normalize-acl-search-params params)
+          request' (assoc request :params normalized)]
+      (handler request'))))
+
 (defn handlers [system]
   (-> (build-routes system)
       acl/add-authentication-handler
       common-routes/add-request-id-response-handler
+      wrap-parse-group-permission
       req-log/log-ring-request ;; Must be after request id
       (context/build-request-context-handler system)
       keyword-params/wrap-keyword-params
