Za/data access webapi

[amrc-za]

Implemented web api feature. Includes:

• dataflow
• api-v1
• lib/js-service-client/lib/data-access.js client interface for data access service

[amrc-benmorrow]

Looks pretty good. I've requested a few changes. Some of them are larger-scale refactors and may not be worth pursuing at the moment.

[amrc-benmorrow]

If you convert this function to an Rx operator you can avoid the dataset_validity parameter everywhere.

An Rx operator is not a complicated thing, it's just something you can call from within .pipe; in RxJS it's implemented as a function that returns a function which modifies the source sequence. (I like JS, you can do things like that…)

So in this case you would want something like

filter_allowed_uuids (principal, permission) {
    const acls = this.auth.watch_acl_with_perm(principal, permission);
    return datasets => datasets.pipe(
        rx.combineLatestWith(acls),
        rx.map(([datasets, targets]) => { /* as before */ }),
    );
}

Then when you use it you start with the appropriate datasets sequence (all datasets or valid-only) and apply the ACL operator, i.e. still in Dataflow you define

metadata_list (principal) {
    return rxu.rx(
        this.valid_definitions,
        this.filter_allowed_uuids(principal, Constants.Perm.ReadDataset),
    );
}

where data.valid_definitions is defined in the constructor as

    this.valid_definitions = this.dataset_definitions.pipe(
        rx.filter(def => def.structure != StructurallyInvalidDataset));

(This assumes the change above to avoid keeping invalid definitions). Then for the API function metadata_list you just call

    const uuids = rx.firstValueFrom(this.data.metadata_list(req.auth));

and for the notify interface you can make a similar call, without the firstValueFrom, using the principal from the notify session. By pushing the firstValueFrom as late as possible you make the notify interface easier to implement.