def main(event, request):
''' Main entry point for the sanitization lambda. '''
__validate_event(event)
s3_client = s3.get_client()
attachment_bucket = CloudCanvas.get_setting(constants.ATTACHMENT_BUCKET)
sanitized_bucket = CloudCanvas.get_setting(constants.SANITIZED_BUCKET)
sanitizer = Sanitizer(s3_client, attachment_bucket)
records = event['Records']
for record in records:
__validate_record(record)
key = record['s3']['object']['key']
if sanitizer.validate(key):
sanitizer.move_to_target(key, sanitized_bucket)
if sanitizer.rejected_files:
print("[REJECTED FILES]")
for status in sanitizer.rejected_files:
print("Key: {} is_allowed: {} Reason: {} Exception: {}".format(
status.key, status.is_allowed, status.reason,
status.exception))
def handler(event, context):
''' Invoked when AWS Lambda service executes. '''
if not __is_valid_event(event):
return custom_resource_response.failure_response(
'Malformed event recieved.')
request_type = event['RequestType']
if request_type != 'Create':
print(
'Saw RequestType: \"{}\". No action needed (Only \"Create\" supported)'
.format(request_type))
return custom_resource_response.success_response({}, '*')
s3_client = s3.get_client()
lambda_client = lambda_.get_client()
bucket_name, lambda_arn = __get_resources(event)
has_permission = __add_permission_to_trigger(lambda_client, lambda_arn,
bucket_name)
if not has_permission:
return custom_resource_response.failure_response(
'Could not add permissions to Lambda')
is_configured = __add_notification_configuration(bucket_name, lambda_arn,
s3_client)
if is_configured:
return custom_resource_response.success_response({}, '*')
else:
return custom_resource_response.failure_response(
'Could not succesfully configure AttachmentBucket')
def request_presigned_posts(request, request_content=None):
'''Process request and request-content to return a response that contains a url and two arrays of fields--one for encrypted posts and one for unencrypted posts.'''
__validate_request_content(request_content)
number_of_unencrypted_posts = request_content.get('NumberOfUnencryptedPosts')
number_of_encrypted_posts = request_content.get('NumberOfEncryptedPosts')
if number_of_encrypted_posts == 0 and number_of_unencrypted_posts == 0:
raise errors.ClientError('Invalid number of posts requested. (Must request at least one.)')
bucket_name = __get_bucket_name()
s3_client = s3.get_client()
unencrypted_posts = __generate_unencrypted_presigned_posts(s3_client, bucket_name, number_of_unencrypted_posts)
encrypted_posts = __generate_encrypted_presigned_posts(s3_client, bucket_name, number_of_encrypted_posts)
return __craft_response(unencrypted_posts, encrypted_posts)
def post(request, context):
try:
#tags on deployment may not enable JIRA. By default JIRA is disabled.
jira_integration_settings = jira_integration.get_jira_integration_settings()
except:
return {'status': 'FAILURE'}
submit_mode = jira_integration_settings.get('submitMode', 'manual')
if submit_mode != 'auto':
return {'status': 'SUCCESS'}
events_context = context['emitted']
bucket = events_context['bucket']
key = events_context['key']
s3 = s3_client.get_client()
res = s3.get_object(Bucket = bucket, Key = key)
reports = json.loads(res['Body'].read())
prepared_reports = jira_integration.prepare_jira_tickets(reports, jira_integration_settings)
return {'status': jira_integration.create_Jira_tickets(prepared_reports)}