kgrift 1.3.108

data/KGrift/knewton_grifts/tag_grifts.rb

@@ -0,0 +1,41 @@
+#NODE TAG METHODS
+def get_node_tags graph_id, node_id, overrides={}
+  Log.info "Getting tags for graph node: #{graph_id} -> #{node_id}"
+  do_as_knewton_partner overrides.delete('use_current_user') do
+    kapi.get "/v0/graphs/#{graph_id}/nodes/#{node_id}/tags"
+  end
+end
+
+def create_node_tag graph_id, node_id, tag_name, encode=true, overrides={}
+  tag_name = URI.encode_www_form_component(tag_name) if encode
+  do_as_knewton_partner overrides.delete('use_current_user') do
+    Log.info "adding a tag '#{tag_name}' to graph node: #{graph_id} -> #{node_id}"
+    kapi.put "/v0/graphs/#{graph_id}/nodes/#{node_id}/tags/#{tag_name}", nil
+  end
+end
+
+def delete_node_tag graph_id, node_id, tag_name, encode=true, overrides={}
+  tag_name = URI.encode_www_form_component(tag_name) if encode
+  Log.info "deleting tag '#{tag_name}' from graph node: #{graph_id} -> #{node_id}"
+  do_as_knewton_partner overrides.delete('use_current_user') do
+    kapi.delete "/v0/graphs/#{graph_id}/nodes/#{node_id}/tags/#{tag_name}"
+  end
+end
+
+#LEARNING INSTANCE TAG METHODS
+def get_learning_instance_tags learning_instance_id
+  Log.info "Getting tags for learning instance: #{learning_instance_id}"
+  kapi.get "/v0/learning-instances/#{learning_instance_id}/tags"
+end
+
+def create_learning_instance_tag learning_instance_id, tag_name, encode=true
+  tag_name = URI.encode_www_form_component(tag_name) if encode
+  Log.info "adding a tag '#{tag_name}' to learning instance: #{learning_instance_id}"
+  kapi.put "/v0/learning-instances/#{learning_instance_id}/tags/#{tag_name}", nil
+end
+
+def delete_learning_instance_tag learning_instance_id, tag_name, encode=true
+  tag_name = URI.encode_www_form_component(tag_name) if encode
+  Log.info "deleting tag '#{tag_name}' from learning instance: #{learning_instance_id}"
+  kapi.delete "/v0/learning-instances/#{learning_instance_id}/tags/#{tag_name}"
+end

data/KGrift/knewton_grifts/test_data_grifts.rb

@@ -0,0 +1,328 @@
+"""
+test_data_grifts contains the all important get_test_data method
+
+this method is all about making it easy to deal with shared test data
+This test data is persisted in S3 and is available to any machine
+that is executing tests.
+
+Here is a basic outline of how this works:
+
+- client calls get_test_data <test data label> ( for example: get_test_data :test_users_and_partners)
+- look for a generator file named test_data_generators/<label>.rb.
+- If generator found, get the sha of the file.  This is the version of test data we need
+- It generator not found, version is 'default'
+- Now look for test data locally at: ~/.kgrift/<env>/<test data label>/<generator sha>/<test data label>.yml
+- If found, load the yaml data from the file and return it
+- If not found, look for data in S3 at s3://knewton-<env>/tools/kgrift/<test data label>/<sha>/<test data label>.yml
+- If found in S3, retrieve locally, load it, return it
+- If not found in S3, we need to generate the data.
+- Run the generator. It will return a data structure (usually a Hash)
+- Save the data it returned locally
+- Push the freshly generated data into S3.
+- Load the data, and return it
+
+Other notes:
+- special logic for localmode bivins is provided.  In this case test data is simply generated and returned since local mode has no
+  permanent persistence, any data made is gone once the localmode bivins is stopped.
+
+- REGEN_TEST_DATA is a way to allow a user to regenerate data that exists but may have been invalidated for some reason
+
+
+end
+
+"""
+
+require 'aws-sdk'
+
+# each of these places is important to how test data is found and generated
+USER_HOME = Dir.home
+CUR_DIR = Dir.pwd
+KAPI_GEM_HOME = File.dirname(File.dirname(__FILE__))
+
+TEST_DATA_GENERATORS_FOLDERS = [
+  File.join(KAPI_GEM_HOME, 'test_data_generators'), #generators can come with the gem
+  File.join(CUR_DIR, 'test_data_generators'), #or they can come with the project (current working dir)
+]
+
+# if the environment we are running against is here, we
+# will generate the data every time, instead of checking
+# if we have a persisted data file for it
+DONT_PERSIST_DATA_ENVIRONMENTS = [:local, :maven, :undefined]
+
+FORCE_REGENERATION_ENV_VAR='REGEN_TEST_DATA'
+
+# get_test_data is the main method here
+def get_test_data test_data_label, options={}
+  test_data_label = test_data_label.to_s
+  options = {
+    force_generate: false,  #if true, data will be generated even if already persisted
+    session_only: false,  #if true, the data will last only for a single session
+  }.merge(options)
+  Log.debug "get_test_data '#{test_data_label}'"
+
+  # parse the REGEN_TEST_DATA variable which is a list of test_data_labels, separated by non-word chars (spaces, commas, etc)
+  sets_to_force_gen = ENV[FORCE_REGENERATION_ENV_VAR] ? ENV[FORCE_REGENERATION_ENV_VAR].split(/\W+/) : []
+
+  #sometimes you just want to run a generator and skip all the fancy stuff
+  if options[:force_generate]
+    return generate_test_data(test_data_label, options)
+  end
+
+  #sometimes you want all data created to be completely ephemeral
+  #one such case is when running against a local server
+  #this will cache the data only for the life of interpreter (one test run)
+  if options[:session_only] || local_environment?
+    @session_data ||= {}
+    if @session_data.has_key?(test_data_label)
+      Log.debug "Found existing test data for this session"
+    else
+      Log.debug "First request for this test data in this session, generating"
+      @session_data[test_data_label] = generate_test_data(test_data_label, options)
+    end
+    return @session_data[test_data_label]
+  end
+
+  generator_sha = test_data_version test_data_label
+
+  # check if we already have the data generated
+  persisted_test_data_file = test_data_file_path(test_data_label)
+  # if user put this in REGEN_TEST_DATA list, then skip the checking and just generate
+  if sets_to_force_gen.include?(test_data_label)
+    Log.debug "Test data generation forced for '#{test_data_label}' because #{FORCE_REGENERATION_ENV_VAR} set"
+    options[:force_generate] = true
+  else
+    if File.exist? persisted_test_data_file
+      data = YAML.load_file(persisted_test_data_file)
+      if !generator_sha || !data['sha1'] || data['sha1'] == generator_sha
+        Log.debug "the persisted test data file exists, and is up to date, so we are going to use it"
+        return data
+      else
+        Log.debug "the persisted test data file exists but it is out of date.  We will not use it"
+      end
+    end
+
+    data = retrieve_data_set_from_s3(test_data_label)
+    if data
+      if !generator_sha || !data['sha1'] || data['sha1'] == generator_sha
+        Log.debug "the data was found in s3, and it is up to date"
+        return data
+      else
+        Log.debug "the data was found in s3 but it is out of date. We will not use it"
+      end
+    end
+  end
+
+  #generate data and save to file
+  data = generate_test_data(test_data_label, options)
+  Log.info 'Writing test data to: ' + persisted_test_data_file
+  FileUtils.mkdir_p(File.dirname persisted_test_data_file)
+  File.open(persisted_test_data_file, 'w') {|f| f.write(data.to_yaml)}
+  archive_test_data_to_s3(test_data_label)
+  YAML.load_file(persisted_test_data_file)
+end
+
+def local_environment?
+  DONT_PERSIST_DATA_ENVIRONMENTS.include?(grifter_configuration[:environment].to_sym)
+end
+
+#path to directory containing test data
+def test_data_base_path
+  File.join USER_HOME, '.kgrift', grifter_configuration[:environment].to_s
+end
+
+#path to a test data yaml file
+def test_data_file_path test_data_label
+  test_data_label = test_data_label
+  generator_sha = test_data_version test_data_label
+  File.join test_data_base_path, test_data_label, generator_sha, test_data_label+'.yml'
+end
+
+#construct a path to the test data generator script
+def test_data_generator_path test_data_label
+  TEST_DATA_GENERATORS_FOLDERS.each do |possible_path|
+
+    generator_path = File.join(*[
+      possible_path,
+      test_data_label + '.rb'
+    ])
+
+    Log.debug "Checking: #{generator_path}"
+    return generator_path if File.exist? generator_path
+  end
+  return nil
+end
+
+def generate_test_data test_data_label, options={}
+  options = {
+    force_generate: false,  #if true, data will be generated even if already persisted
+    session_only: false,  #if true, the data will last only for a single session
+  }.merge(options)
+  Log.debug "get_test_data '#{test_data_label}'"
+  grift_script_path = test_data_generator_path(test_data_label)
+  if (!grift_script_path)
+    raise "Persisted data was not present, and no generator exists either"
+  end
+
+  Log.info "Generating test data '#{test_data_label}' via generator script '#{grift_script_path}'"
+  generated_test_data = run_script_file(grift_script_path)
+  # stick the sha of the generator into the data
+  generated_test_data['sha1'] = get_file_sha1(grift_script_path)
+  Log.info "Done generating test data '#{test_data_label}'"
+  return generated_test_data
+end
+
+def retrieve_data_set_from_s3 test_data_label
+  return nil if grifter_configuration[:environment] =~ /local/
+  tgt_file = test_data_file_path test_data_label
+  s3_key = test_data_s3_key(test_data_label)
+  bucket = test_data_s3_bucket
+  Log.debug "Retrieving from S3: s3://#{bucket}/#{s3_key}"
+  FileUtils.mkdir_p File.dirname(tgt_file)
+  s3_client.get_object bucket: bucket,
+    key: s3_key,
+    response_target: tgt_file
+
+  YAML.load_file(tgt_file)
+
+  # handle case where data is not in S3
+rescue Aws::S3::Errors::NoSuchKey
+  msg = "Persisted test data not found for data set: #{test_data_label}.  S3 path 's3://#{test_data_s3_bucket}/#{s3_key}'"
+  Log.error msg
+  nil
+end
+
+def archive_test_data_to_s3 test_data_label
+  # we only archive for non-local environments where data actually persists in a real DB
+  # this catches local and localx cases
+  if grifter_configuration[:environment] !~ /local/
+    src_file = test_data_file_path test_data_label
+    s3_key = test_data_s3_key(test_data_label)
+    File.open(src_file, 'rb') do |file|
+      s3_client.put_object bucket: test_data_s3_bucket, key: s3_key, body: file
+    end
+    Log.info "Archived s3://#{test_data_s3_bucket}/#{s3_key}"
+  end
+  nil # return nil, to make sure nothing is paying attention to the return of this
+rescue Exception => e
+  # so archiving failed... if we are on ITStack... there is not much to do here.  If this is a local run though... it is FATAL and should not be ignored
+  if on_ec2_instance?
+    Log.warn "Failed to archive newly generated test data!  Going to ignore this error since we are on an EC2 instance... but this is an S3 permission problem that should be fixed!"
+  else
+    raise e
+  end
+end
+
+def test_data_s3_bucket
+  if grifter_configuration[:services][:kapi][:s3_bucket]
+    grifter_configuration[:services][:kapi][:s3_bucket]
+  else
+    "knewton-#{grifter_configuration[:environment].to_s}"
+  end
+end
+
+def test_data_s3_region
+  case grifter_configuration[:environment].to_s
+  when 'production-euwest1'
+    'eu-west-1'
+  else
+    'us-east-1'
+  end
+end
+
+# return the aws credential object which will be used to authenticate with S3
+# Handle three cases:
+# - AWS_ACCESS_KEY_ID + AWS_SECRET_ACCESS_KEY are defined (the manual override option)
+# - We are on an EC2 instance, so simply use the IAM role (aka instance profile)
+# - use ~/.aws/credentials as setup by kva (for developers laptops)
+def test_data_s3_credentials
+  # lazy initialize credentials once
+  @aws_creds ||= begin
+                   Log.debug "Initializing AWS credentials"
+                   if ENV['AWS_ACCESS_KEY_ID'] and ENV['AWS_SECRET_ACCESS_KEY']
+                     Log.debug "Using AWS_ACCESS_KEY_ID / AWS_SECRET_ACCESS_KEY environment variables"
+                     Aws::Credentials.new ENV['AWS_ACCESS_KEY_ID'], ENV['AWS_SECRET_ACCESS_KEY']
+
+                   elsif on_ec2_instance?
+                     Log.debug "Using the instance profile for AWS credentials since we are on an EC2 instance"
+                     Aws::InstanceProfileCredentials.new
+                   else
+                     profile_name = setup_aws_profile_using_kvault
+                     Log.debug "Using profile '#{profile_name}' from ~/.aws/credentials"
+                     Aws::SharedCredentials.new profile_name: profile_name
+                   end
+                 end
+  @aws_creds
+end
+
+
+# use kva to get an aws profile, and return the profile name
+# This is all about the ~/.aws/credentials file
+# use kva to get up to date keys in that file,
+# then return the name of the profile
+def setup_aws_profile_using_kvault
+  # we need some info from grifter.yml
+  profile_name = grifter_configuration[:services][:kapi][:aws_profile]
+  kva_env_name = grifter_configuration[:services][:kapi][:kva_env_name]
+  if profile_name.nil? or kva_env_name.nil?
+    Kernel.abort "Missing configuration for environment: #{grifter_configuration[:environment]}.  Unsure how to acquire aws keys using kva.  See grifter.yml settings kva_env_name and/or aws_profile"
+  end
+  #run kva to ensure credentials are good in ~/.aws/credentials
+  Log.info "Acquiring leased aws keys.  This may prompt you for your LDAP password..."
+  # --validate switch ensures keys will work immediately after cmd returns (see SRE-1200)
+  # pwrusr role ensure both read and write access into s3
+  kva_cmd = "kva aws --validate #{kva_env_name} pwrusr"
+  execute_shell_command kva_cmd
+  profile_name
+rescue ShellCommandFailed
+  Kernel.abort "Failed to setup aws keys using kva. Make sure this command works before proceeding: $ #{kva_cmd}"
+end
+
+# this returns the sha of the generator file, or 'default' if there is no generator
+# This string is used to determine if the data available matches the data needed
+def test_data_version test_data_label
+  test_data_generator_file = test_data_generator_path(test_data_label)
+  test_data_generator_file ? get_file_sha1(test_data_generator_file) : 'default'
+end
+
+# return true or false depending whether on ec2 instance or not
+def on_ec2_instance?
+  # we'll figure this out once only since it involves running a curl with a 1 second timeout
+  @ec2instance ||= begin
+                     Log.debug "Testing whether we are on an EC2 instance or not..."
+                     # some vpn settings could be redirecting through an EC2 gateway, so it is important that we query the WHOLE iam path
+                     execute_shell_command "curl --connect-timeout 1 -s http://169.254.169.254/2014-11-05/meta-data/iam/info"
+                     Log.debug "We are on an EC2 instance"
+                     true
+                   rescue Exception
+                     Log.debug "We are NOT on an EC2 instance"
+                     false
+                   end
+  @ec2instance
+end
+
+def test_data_s3_key test_data_label
+  generator_sha = test_data_version test_data_label
+  "tools/kgrift/#{test_data_label}/#{generator_sha}/#{test_data_label}.yml"
+end
+
+def s3_client
+  @s3_client ||= Aws::S3::Client.new region: test_data_s3_region, credentials: test_data_s3_credentials
+  @s3_client
+end
+
+
+# Remove this once migration is complete
+def migrate_kird_data
+  td_files = Dir["#{USER_HOME}/.kird/kgrift/#{grifter_configuration[:environment]}/**/*.yml"]
+  td_files.each do |td_file|
+
+    test_data_label = File.basename td_file, '.yml'
+
+    unless test_data_s3_key(test_data_label) =~ /\/default\//
+      File.open(td_file, 'rb') do |file|
+        s3_client.put_object bucket: test_data_s3_bucket, key: test_data_s3_key(test_data_label), body: file
+      end
+      Log.info "Migrated s3://#{test_data_s3_bucket}/#{test_data_s3_key(test_data_label)}"
+    end
+  end
+end

data/KGrift/knewton_grifts/test_user_grifts.rb

@@ -0,0 +1,264 @@
+def set_account arg1, arg2=nil
+  Log.debug "Requested user '#{arg1}' with credentials '#{arg2}'"
+  #find the correct set of user and client credentials
+  account={}
+  case arg1
+  when Symbol
+    account = get_account arg1
+    account.delete('client')
+  when Hash
+    if arg1['external_user_id'] and arg1['client_credentials']
+      account = arg1
+    end
+  when String
+    account['external_user_id'] = arg1
+    case arg2
+    when Symbol
+      account['client_credentials'] = get_client_credentials arg2
+    when Hash
+      account['client_credentials'] = arg2
+    end
+  else raise TypeError.new('First argument must be a Symbol, Hash, or String')
+  end
+  unless account['external_user_id'] and account['client_credentials']
+    raise ArgumentError.new('Could not set user and client credentials')
+  end
+  Log.debug "Resolved to account user '#{account['external_user_id']}' with partner '#{account['client_credentials']['client_id']}'"
+
+  #get access token for account (and authorize if first time making account)
+  token_request_params = {
+    'code' => nil,
+    'redirect_uri' => nil,
+    'scope' => account['external_user_id'],
+    'grant_type' => "client_credentials",
+    'client_credentials' => account['client_credentials'],
+    'external_user_id' => account['external_user_id']
+  }
+  access_token = do_cached_token_request token_request_params
+
+  set_authorization_headers access_token
+  true
+end
+
+# Cache access tokens to improve performance when switching between test users rapidly
+# All the cacheing logic lives here
+# We also check that the cache tokens are not expired and refresh them if they are
+TOKEN_CACHE={}
+def do_cached_token_request token_request_params, options={}
+
+  # build a cache key and see if anything in the cache
+  cache_key = token_request_params.select{|k| ['scope', 'grant_type', 'external_user_id', 'client_credentials'].include?(k) }
+  tokens = TOKEN_CACHE[cache_key]
+
+  #nothing was in the cache, so just do the token request
+  if tokens.nil?
+    Log.debug "Token cache miss: will do token request"
+    tokens = get_access_token token_request_params
+    tokens['resolved_token_expiration_time'] = Time.now + tokens['expires_in']
+    TOKEN_CACHE[cache_key] = tokens
+    seconds_remaining = tokens['resolved_token_expiration_time'] - Time.now
+    Log.debug "Get token for this account:\ntoken: #{tokens['access_token']}\nexternal_user_id: #{cache_key['external_user_id']}\nseconds remaining: #{seconds_remaining.to_i}"
+
+  # the cache had the needed tokens, but we need to check if they have expired
+  else
+    seconds_remaining = tokens['resolved_token_expiration_time'] - Time.now
+    Log.debug "Token cache hit: found cached token response for this account:\ntoken: #{tokens['access_token']}\nexternal_user_id: #{cache_key['external_user_id']}\nseconds remaining: #{seconds_remaining.to_i}"
+
+    # Bivins uses 60 seconds expiry for it's own server side cache of access tokens.
+    # We might as well use the same cache timeout client side since otherwise the refresh will simply return the server cached tokens
+    if seconds_remaining < 60
+      Log.debug "cached token has less than 60 seconds until expiration, refreshing..."
+
+      token_request_params.merge! 'refresh_token' => tokens['refresh_token'],
+        'grant_type' => 'refresh_token'
+
+      tokens = get_access_token_from_refresh_token token_request_params
+      tokens['resolved_token_expiration_time'] = Time.now + tokens['expires_in']
+      TOKEN_CACHE[cache_key] = tokens
+    end
+  end
+
+  tokens['access_token']
+end
+
+# remove anything from the token cache for a given account id
+# this is used when an account is deleted to clear the cache
+def delete_account_id_from_token_cache account_id
+  TOKEN_CACHE.delete_if {|k,v| v['account_id'] == account_id }
+end
+
+# temporarily authenticate as a user.
+# Do the block.
+# Go back to the orriginal user.
+def as_account arg1, arg2=nil, &blk
+  cur_auth_header = kapi.headers["Authorization"]
+  Log.debug "as_account called, Authorization header currently set to '#{cur_auth_header}'"
+
+  set_account arg1, arg2
+  yield
+
+ensure
+  # whether the block returns, or threw exception, we need to change back to original user
+  if cur_auth_header.nil?
+    kapi.headers.delete "Authorization"
+  else
+    set_authorization_headers cur_auth_header
+  end
+  Log.debug "as_user over, Authorization header set back to '#{cur_auth_header}'"
+end
+
+def knerd_accounts
+  #if were dealing with any kind of local environment, return some pre-defined constants
+  if local_environment? || grifter_configuration[:environment].to_s.downcase =~ /local/
+
+    knewton_client_credentials = {
+      'client_id' => 'knewton',
+      'client_secret' => '321knewton123',
+    }
+
+    {
+      'knerd' => {
+        'external_user_id' => 'knewton-system-user',
+        'client' => 'knewton',
+        'client_credentials' => knewton_client_credentials,
+      },
+      'prod_knerd' => {
+        'external_user_id' => 'knewton-prod-system-user',
+        'client' => 'knewton',
+        'client_credentials' => knewton_client_credentials,
+      },
+    }
+
+  else
+    get_test_data :knerd_accounts
+  end
+end
+
+def test_account_map
+  @test_account_map ||= begin
+                          full_data = get_test_data(:test_users_and_partners)
+                          full_data['accounts'].merge! knerd_accounts
+                          full_data['partners']['knewton'] = full_data['accounts']['knerd']['client_credentials']
+                          full_data
+                        end
+  @test_account_map.clone  #clone to protect our original copy
+end
+
+def get_account label
+  if label==:partner
+    test_account_map['accounts']['system_user_default']
+  elsif label==:user
+    test_account_map['accounts']['user_default']
+  else
+    test_account_map['accounts'][label.to_s]
+  end
+end
+
+def get_partner_helper label=nil
+  if !label or label==:partner
+    test_account_map['partners']['test_partner_default']
+  else
+    test_account_map['partners'][label.to_s]
+  end
+end
+
+def get_client_id label=nil
+  (get_partner_helper label)['client_id']
+end
+
+def get_client_secret label=nil
+  (get_partner_helper label)['client_secret']
+end
+
+def get_client_credentials label=nil
+  partner = get_partner_helper label
+  {
+    'client_id' => partner['client_id'],
+    'client_secret' => partner['client_secret']
+  }
+end
+
+def get_client_partner_id label=nil
+  if label==nil or label==:partner
+    test_account_map['partners']['test_partner_default']['partner_id']
+  else
+    test_account_map['partners'][label.to_s]['partner_id']
+  end
+end
+
+#this method is used for grifters automatic authentication feature
+#when calling grifts off the cmd line, this authentication will be
+#done automatically first
+def bivins_grifter_authenticate
+  set_account :knerd
+end
+
+#this method is used to set a descriptive user-agent header before
+#executing any method off the command line
+def user_agent_grifter_authenticate
+  user = Etc.getpwuid(Process.uid).name.slice(0,15)
+  cmd_method_name = ARGV.first.slice(0,15)
+  tracing_header = rand(2**32..2**64-1).to_s(16)
+  Log.debug "Setting user-agent header to '#{cmd_method_name}', tracing header to #{tracing_header}"
+  kapi.headers['user-agent'] = kapi.config[:default_headers][:"user-agent"] + " - #{cmd_method_name} - #{user}"
+  kapi.headers['X-B3-TraceId'] = tracing_header
+rescue Exception
+  Log.warn "Failed to set method-specific user-agent header"
+end
+
+# create_partner_with_admin creates
+# * a new partner with api key set to a name optionally
+# * a partner admin for that partner
+#
+# returns a hash with all the data in a format that is ready to
+# use with set_account / as_account methods.
+def create_partner_with_admin options={}
+  client_id = options.fetch('name', random_string(23)) + "-#{random_string(8)}"
+  options.delete('name')
+  client_secret = options.fetch('password', random_string)
+  options.delete('password')
+
+  as_account :knerd do
+    #make the partner (and keep the partner id)
+    partner_options = {'name' => client_id,
+                       'password' => client_secret,
+                       'rate_limit_multiplier' => 1.0,
+                       'default_entitlements' => options['default_entitlements'],
+    }.merge(options)
+    partner = create_partner partner_options
+
+    #make the system user
+    system_user = create_system_user partner['id']
+
+    {
+      'account_id' => system_user['id'],
+      'external_user_id' => system_user['external_user_id'],
+      'partner_id' => partner['id'],
+      'client_credentials' => {
+        'client_id' => client_id,
+        'client_secret' => client_secret,
+      },
+    }
+  end
+end
+
+#create a user account, and get the account id
+#This is useful for making fresh accounts that can help avoid entity limits
+def create_test_account client_credentials
+  external_user_id = create_account['external_user_id']
+  account_id = get_account_id_for external_user_id, client_credentials
+  {
+    'account_id' => account_id,
+    'external_user_id' => external_user_id,
+  }
+end
+
+def get_partner_id_for_current_account
+  orig_header_val = kapi.headers['X-Include-Partner-Id']
+  kapi.headers['X-Include-Partner-Id'] = 'true'
+  get_current_account
+  pid = kapi.last_response['X-Partner-Id']
+  kapi.headers['X-Include-Partner-Id'] = orig_header_val
+
+  pid
+end