def delete_excluded_resources_handler(event, context):
trace_id = eventhelper.get_trace_id(event)
user_id = trace_id
organization_id = eventhelper.get_organization_id(event)
project_id = eventhelper.get_project_id(event)
check_item_code = eventhelper.get_check_item_code(event)
coop_id = eventhelper.get_coop_id(event)
region_name = eventhelper.get_region_name(event)
resource_type = eventhelper.get_resource_type(event)
resource_name = eventhelper.get_resource_name(event)
# Get logging
pm_logger = common_utils.begin_logger(trace_id, __name__,
inspect.currentframe())
# アクセス権限チェックを行います。
response_authority = checkauthority.authority(trace_id, user_id,
organization_id,
Authority.Editor)
if response_authority:
return common_utils.response(response_authority, pm_logger)
# リソース除外設定情報を削除します。
response = checkitemsettings_logic.delete_excluded_resources(
trace_id, organization_id, project_id, check_item_code, coop_id,
region_name, resource_type, resource_name)
return common_utils.response(response, pm_logger)
def list_awscoops_handler(event, context):
trace_id = eventhelper.get_trace_id(event)
user_id = eventhelper.get_trace_id(event)
organization_id = eventhelper.get_organization_id(event)
project_id = eventhelper.get_project_id(event)
if (event['queryStringParameters'] and event[
'queryStringParameters']['effective']):
effective = eventhelper.get_effective(event)
else:
effective = None
# Get logging
pm_logger = common_utils.begin_logger(trace_id, __name__,
inspect.currentframe())
# アクセス権限チェック
response_authority = checkauthority.authority(
trace_id, user_id, organization_id, Authority.Viewer)
if response_authority:
return common_utils.response(response_authority, pm_logger)
response = awscoops_logic.get_list_awscoops(trace_id, organization_id,
project_id, effective)
return common_utils.response(response, pm_logger)
def create_excluesion_item_handler(event, context):
trace_id = eventhelper.get_trace_id(event)
user_id = trace_id
organization_id = eventhelper.get_organization_id(event)
project_id = eventhelper.get_project_id(event)
email = eventhelper.get_email(event)
check_item_code = eventhelper.get_check_item_code(event)
coop_id = eventhelper.get_coop_id(event)
# Get logging
pm_logger = common_utils.begin_logger(trace_id, __name__,
inspect.currentframe())
# アクセス権限チェックを行います。
response_authority = checkauthority.authority(trace_id, user_id,
organization_id,
Authority.Editor)
if response_authority:
return common_utils.response(response_authority, pm_logger)
# return response data
response = checkitemsettings_logic.create_excluesion_item(
trace_id, user_id, organization_id, project_id, email, check_item_code,
coop_id, event['body'])
return common_utils.response(response, pm_logger)
def reject_invite_handler(event, context):
trace_id = eventhelper.get_trace_id(event)
user_id_sign_in = eventhelper.get_trace_id(event)
user_id = eventhelper.get_user_id(event)
organization_id = eventhelper.get_organization_id(event)
# Get logging
pm_logger = common_utils.begin_logger(trace_id, __name__,
inspect.currentframe())
# return response data
response = organizations_logic.reject_invite(trace_id, organization_id,
user_id, user_id_sign_in)
return common_utils.response(response, pm_logger)
def get_organization_handler(event, context):
trace_id = eventhelper.get_trace_id(event)
user_id = eventhelper.get_trace_id(event)
organization_id = eventhelper.get_organization_id(event)
pm_logger = common_utils.begin_logger(trace_id, __name__,
inspect.currentframe())
# アクセス権限チェック
response_authority = checkauthority.authority(trace_id, user_id,
organization_id,
Authority.Viewer)
if (response_authority):
return common_utils.response(response_authority, pm_logger)
# return data response
response = organizations_logic.get_organization(trace_id, organization_id)
return common_utils.response(response, pm_logger)
def execute_copy_item_setting_handler(event, context):
trace_id = eventhelper.get_trace_id(event)
user_id = trace_id
email = eventhelper.get_email(event)
organization_id_destination = eventhelper.get_organization_id(event)
project_id_destination = eventhelper.get_project_id(event)
coop_id_destination = eventhelper.get_coop_id(event)
# Get logging
pm_logger = common_utils.begin_logger(trace_id, __name__,
inspect.currentframe())
# return response data
response = checkitemsettings_logic.execute_copy_item_setting(
trace_id, organization_id_destination, project_id_destination,
coop_id_destination, event['body'], email, user_id)
return common_utils.response(response, pm_logger)
def create_notifymail_handler(event, context):
trace_id = eventhelper.get_trace_id(event)
user_id = eventhelper.get_trace_id(event)
organization_id = eventhelper.get_organization_id(event)
pm_logger = common_utils.begin_logger(trace_id, __name__,
inspect.currentframe())
# アクセス権限チェック
response_authority = checkauthority.authority(trace_id, user_id,
organization_id,
Authority.Owner)
if (response_authority):
return common_utils.response(response_authority, pm_logger)
# return data response
response = notifymail_logic.create_notifymail(trace_id, organization_id,
event["body"])
return common_utils.response(response, pm_logger)
def list_reports_handler(event, context):
trace_id = eventhelper.get_trace_id(event)
user_id = eventhelper.get_trace_id(event)
organization_id = eventhelper.get_organization_id(event)
project_id = eventhelper.get_project_id(event)
pm_logger = common_utils.begin_logger(trace_id, __name__,
inspect.currentframe())
# アクセス権限チェック
response_authority = checkauthority.authority(trace_id, user_id,
organization_id,
Authority.Viewer)
if response_authority:
return common_utils.response(response_authority, pm_logger)
response = reports_logic.get_list_reports(trace_id, organization_id,
project_id)
return common_utils.response(response, pm_logger)
def get_notifyslack_handler(event, context):
trace_id = eventhelper.get_trace_id(event)
user_id = eventhelper.get_trace_id(event)
organization_id = eventhelper.get_organization_id(event)
notify_code = eventhelper.get_notify_code(event)
pm_logger = common_utils.begin_logger(trace_id, __name__,
inspect.currentframe())
# アクセス権限チェック
response_authority = checkauthority.authority(trace_id, user_id,
organization_id,
Authority.Owner)
if response_authority:
return common_utils.response(response_authority, pm_logger)
# return data response
response = notifymail_logic.get_notifyslack(trace_id, organization_id,
notify_code)
return common_utils.response(response, pm_logger)
def create_project_handler(event, context):
trace_id = eventhelper.get_trace_id(event)
user_id = eventhelper.get_trace_id(event)
organization_id = eventhelper.get_organization_id(event)
# Get logging
pm_logger = common_utils.begin_logger(trace_id, __name__,
inspect.currentframe())
# アクセス権限チェック
response_authority = checkauthority.authority(trace_id, user_id,
organization_id,
Authority.Owner)
if (response_authority):
return common_utils.response(response_authority, pm_logger)
# create project
response = projects_logic.create_project(trace_id, organization_id,
event['body'])
return common_utils.response(response, pm_logger)
def list_projects_handler(event, context):
# Get data request
trace_id = eventhelper.get_trace_id(event)
user_id = eventhelper.get_trace_id(event)
organization_id = eventhelper.get_organization_id(event)
# Get logging
pm_logger = common_utils.begin_logger(trace_id, __name__,
inspect.currentframe())
# アクセス権限チェック
response_authority = checkauthority.authority(trace_id, user_id,
organization_id,
Authority.Viewer)
if (response_authority):
return common_utils.response(response_authority, pm_logger)
# return response data
response = projects_logic.get_list_project(trace_id, organization_id)
return common_utils.response(response, pm_logger)
def create_report_handler(event, context):
trace_id = eventhelper.get_trace_id(event)
user_id = eventhelper.get_trace_id(event)
email = eventhelper.get_email(event)
organization_id = eventhelper.get_organization_id(event)
project_id = eventhelper.get_project_id(event)
pm_logger = common_utils.begin_logger(trace_id, __name__,
inspect.currentframe())
# アクセス権限チェック
response_authority = checkauthority.authority(trace_id, user_id,
organization_id,
Authority.Editor)
if response_authority:
return common_utils.response(response_authority, pm_logger)
# Create report
response = reports_logic.create_report(trace_id, email, organization_id,
project_id, event["body"])
return common_utils.response(response, pm_logger)
def delete_awscoop_handler(event, context):
trace_id = eventhelper.get_trace_id(event)
user_id = eventhelper.get_trace_id(event)
organization_id = eventhelper.get_organization_id(event)
project_id = eventhelper.get_project_id(event)
coop_id = eventhelper.get_coop_id(event)
# Get logging
pm_logger = common_utils.begin_logger(trace_id, __name__,
inspect.currentframe())
# アクセス権限チェック
response_authority = checkauthority.authority(
trace_id, user_id, organization_id, Authority.Owner)
if response_authority:
return common_utils.response(response_authority, pm_logger)
# delete awscoop
response = awscoops_logic.delete_awscoop(trace_id, coop_id,
organization_id, project_id)
return common_utils.response(response, pm_logger)
def execute_force_invites_handler(event, context):
trace_id = eventhelper.get_trace_id(event)
user_id = trace_id
organization_id = eventhelper.get_organization_id(event)
body = event['body']
# Get logging
pm_logger = common_utils.begin_logger(trace_id, __name__,
inspect.currentframe())
# アクセス権限チェック
response_authority = checkauthority.authority(trace_id, user_id,
organization_id,
Authority.Owner)
if (response_authority):
return common_utils.response(response_authority, pm_logger)
# return response data
response = organizations_logic.execute_force_invites(
trace_id, body, organization_id)
return common_utils.response(response, pm_logger)
def delete_user_handler(event, context):
trace_id = eventhelper.get_trace_id(event)
user_id_sign_in = eventhelper.get_trace_id(event)
user_id = eventhelper.get_user_id(event)
organization_id = eventhelper.get_organization_id(event)
email = eventhelper.get_email(event)
# Get logging
pm_logger = common_utils.begin_logger(trace_id, __name__,
inspect.currentframe())
# アクセス権限チェック
response_authority = checkauthority.authority(trace_id, user_id_sign_in,
organization_id,
Authority.Owner)
if (response_authority):
return common_utils.response(response_authority, pm_logger)
# return response data
response = organizations_logic.delete_user(trace_id, organization_id,
user_id, email)
return common_utils.response(response, pm_logger)
def execute_security_check_handler(event, context):
trace_id = eventhelper.get_trace_id(event)
user_id = eventhelper.get_trace_id(event)
email = eventhelper.get_email(event)
organization_id = eventhelper.get_organization_id(event)
project_id = eventhelper.get_project_id(event)
# Get logging
pm_logger = common_utils.begin_logger(trace_id, __name__,
inspect.currentframe())
# アクセス権限チェックを行います。
response_authority = checkauthority.authority(trace_id, user_id,
organization_id,
Authority.Editor)
if response_authority:
return common_utils.response(response_authority, pm_logger)
# return response data
response = awschecks_logic.execute_security_check(trace_id,
organization_id,
project_id, user_id,
email)
return common_utils.response(response, pm_logger)
def get_security_check_detail_handler(event, context):
trace_id = eventhelper.get_trace_id(event)
user_id = eventhelper.get_trace_id(event)
organization_id = eventhelper.get_organization_id(event)
project_id = eventhelper.get_project_id(event)
check_history_id = eventhelper.get_check_history_id(event)
group_filter = eventhelper.get_group_filter(event)
# Get logging
pm_logger = common_utils.begin_logger(trace_id, __name__,
inspect.currentframe())
# アクセス権限チェックを行います。
response_authority = checkauthority.authority(trace_id, user_id,
organization_id,
Authority.Viewer)
if response_authority:
return common_utils.response(response_authority, pm_logger)
# return response data
response = awschecks_logic.get_security_check_detail(
trace_id, organization_id, project_id, check_history_id, group_filter)
return common_utils.response(response, pm_logger)
def request_output_report_handler(event, context):
trace_id = eventhelper.get_trace_id(event)
user_id = eventhelper.get_trace_id(event)
email = eventhelper.get_email(event)
organization_id = eventhelper.get_organization_id(event)
project_id = eventhelper.get_project_id(event)
report_id = eventhelper.get_report_id(event)
file_type = eventhelper.get_file_type(event)
pm_logger = common_utils.begin_logger(trace_id, __name__,
inspect.currentframe())
# アクセス権限チェック
response_authority = checkauthority.authority(trace_id, user_id,
organization_id,
Authority.Editor)
if response_authority:
return common_utils.response(response_authority, pm_logger)
# export report
response = reports_logic.request_output_report(trace_id, email,
organization_id, project_id,
report_id, file_type)
return common_utils.response(response, pm_logger)
def list_item_settings_handler(event, context):
trace_id = eventhelper.get_trace_id(event)
user_id = trace_id
organization_id = eventhelper.get_organization_id(event)
project_id = eventhelper.get_project_id(event)
coop_id = eventhelper.get_coop_id(event)
group_filter = eventhelper.get_group_filter(event)
# Get logging
pm_logger = common_utils.begin_logger(trace_id, __name__,
inspect.currentframe())
# アクセス権限チェックを行います。
response_authority = checkauthority.authority(trace_id, user_id,
organization_id,
Authority.Editor)
if response_authority:
return common_utils.response(response_authority, pm_logger)
# return response data
response = checkitemsettings_logic.list_item_settings(
trace_id, organization_id, project_id, coop_id, group_filter)
return common_utils.response(response, pm_logger)
def get_security_check_resource_handler(event, context):
trace_id = eventhelper.get_trace_id(event)
user_id = trace_id
organization_id = eventhelper.get_organization_id(event)
coop_id = eventhelper.get_coop_id(event)
project_id = eventhelper.get_project_id(event)
check_item_code = eventhelper.get_check_item_code(event)
# Get logging
pm_logger = common_utils.begin_logger(trace_id, __name__,
inspect.currentframe())
# アクセス権限チェックを行います。
response_authority = checkauthority.authority(trace_id, user_id,
organization_id,
Authority.Viewer)
if response_authority:
return common_utils.response(response_authority, pm_logger)
# return response data
response = awschecks_logic.get_security_check_resource(
trace_id, coop_id, project_id, organization_id, check_item_code)
return common_utils.response(response, pm_logger)
