remove security handling in WCMP2 links (#812)

* do not apply security to WCMP2 records on API (#775)

* do not apply security to WCMP2 records on API (#775)

* always remove links added by API

tests/integration/test_workflow.py

@@ -205,11 +205,6 @@ def test_metadata_discovery_publish():
         assert 'has_auth' in r['wis2box']
         assert r['wis2box']['has_auth']
 
-        for link in r['links']:
-            if link['rel'] == 'collection' and link['title'] == id_:
-                assert link['security']['default']['type'] == 'http'
-                assert link['security']['default']['scheme'] == 'bearer'
-
 
 def test_data_ingest():
     """Test data ingest/process publish"""

wis2box-management/wis2box/auth.py

@@ -181,16 +181,7 @@ def add_token(ctx, metadata_id, path, yes, token):
         record = oar.collection_item('discovery-metadata', metadata_id)
         record['wis2box']['has_auth'] = True
 
-        for link in record['links']:
-            if link['rel'] == 'collection' and link['title'] == metadata_id:
-                LOGGER.debug('Adding security object to link')
-                link['security'] = {
-                    'default': {
-                        'type': 'http',
-                        'scheme': 'bearer',
-                        'description': 'Please contact the data provider for access'  # noqa
-                    }
-                }
+        del record['links'][-6:]
 
         upsert_collection_item('discovery-metadata', record)
 
@@ -223,9 +214,8 @@ def remove_token(ctx, metadata_id, path, token):
 
         record = oar.collection_item('discovery-metadata', metadata_id)
         record['wis2box'].pop('has_auth', None)
-        for link in record['links']:
-            if 'security' in link:
-                link.pop('security', None)
+
+        del record['links'][-6:]
 
         upsert_collection_item('discovery-metadata', record)