def get_notifyslack(trace_id, organization_id, notify_code): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # 全てのチェックを行い、エラーがあった場合はログを出力してエラーレスポンスを返します。 list_error = validate_notifyslack(notify_code) if list_error: return common_utils.error_validate(MsgConst.ERR_REQUEST_201, HTTPStatus.UNPROCESSABLE_ENTITY, list_error, pm_logger) # Slack通知設定情報を取得します。 try: result = pm_orgNotifySlack.query_key(trace_id, organization_id, notify_code, True) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) if not result: return common_utils.get_response_by_response_body(HTTPStatus.OK, []) # return data response = common_utils.get_response_by_response_body( HTTPStatus.OK, result) return common_utils.response(response, pm_logger)
def get_securitycheck_awsacntsummary(user_id, aws_account): trace_id = user_id pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # 所属組織リストを取得します。 try: affiliations = pm_affiliation.query_userid_key_invite( trace_id, user_id, InvitationStatus.Belong) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) if (not affiliations): response = common_utils.get_response_by_response_body( HTTPStatus.OK, []) return common_utils.response(response, pm_logger) response_bodys = [] for affiliation in affiliations: try: # 最新チェック結果テーブルから組織ID をキーとして、クエリを行います。 list_latest_check_result = pm_latestCheckResult.query_organization_id( trace_id, affiliation['OrganizationID']) except PmError as e: return common_utils.error_exception( MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) if (not list_latest_check_result): continue for latest_check_result in list_latest_check_result: try: list_check_result = pm_checkResults.query_history_index_by_awsaccount( trace_id, aws_account, latest_check_result['CheckHistoryID'], True) except PmError as e: return common_utils.error_exception( MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) if (not list_check_result): continue response_bodys.extend(list_check_result) if aws_account is not None: response = common_utils.get_response_by_response_body( HTTPStatus.OK, response_bodys) return common_utils.response(response, pm_logger) response = common_utils.get_response_by_response_body( HTTPStatus.OK, response_bodys) return common_utils.response(response, pm_logger)
def get_report(trace_id, report_id, organization_id, project_id): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) try: report = pm_reports.query_report_filter_organization_project( trace_id, report_id, project_id, organization_id, convert_response=True) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # 組織情報を取得します。 if (not report): return common_utils.error_common(MsgConst.ERR_301, HTTPStatus.NOT_FOUND, pm_logger) # response when do success response = common_utils.get_response_by_response_body( HTTPStatus.OK, report[0]) return common_utils.response(response, pm_logger)
def delete_awscoop(trace_id, coop_id, organization_id, project_id): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) try: awscoops = pm_awsAccountCoops.get_awscoops_update( trace_id, coop_id, project_id, organization_id) except PmError as err: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, err, pm_logger, True) if awscoops is None: return common_utils.error_common(MsgConst.ERR_301, HTTPStatus.NOT_FOUND, pm_logger) try: pm_awsAccountCoops.delete_awscoops(trace_id, coop_id) except PmError as err: return common_utils.error_exception(MsgConst.ERR_DB_405, HTTPStatus.INTERNAL_SERVER_ERROR, err, pm_logger, True) # response if delete success response = common_utils.get_response_by_response_body( HTTPStatus.NO_CONTENT, None) return common_utils.response(response, pm_logger)
def get_myorganizations(trace_id, user_id, invite_status): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # Validate list_error = common_utils.validate_invite_status(trace_id, invite_status) if list_error: return common_utils.error_validate(MsgConst.ERR_REQUEST_201, HTTPStatus.UNPROCESSABLE_ENTITY, list_error, pm_logger) try: # get list affiliations by email,email get from event affiliations = pm_affiliation.query_userid_key_invite( trace_id, user_id, int(invite_status), True) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) result = [] for affiliation in affiliations: try: # get organization by organization id organization = pm_organizations.get_organization( trace_id, affiliation["organizationId"], True) affiliation.pop('organizationId', None) affiliation['organization'] = organization result.append(affiliation) except PmError as e: return common_utils.error_exception( MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # return data response = common_utils.get_response_by_response_body( HTTPStatus.OK, affiliations) return common_utils.response(response, pm_logger)
def delete_notifymail(trace_id, organization_id, notify_code): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # 全てのチェックを行い、エラーがあった場合はログを出力してエラーレスポンスを返します。 list_error = validate_notifymail(notify_code) if list_error: return common_utils.error_validate(MsgConst.ERR_REQUEST_201, HTTPStatus.UNPROCESSABLE_ENTITY, list_error, pm_logger) try: result = pm_orgNotifyMailDestinations.query_key( trace_id, organization_id, notify_code) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) if (not result): return common_utils.error_common(MsgConst.ERR_301, HTTPStatus.NOT_FOUND, pm_logger) try: pm_orgNotifyMailDestinations.delete(trace_id, organization_id, notify_code) except PmError as e: return common_utils.error_exception(MsgConst.ERR_DB_404, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # return response data response = common_utils.get_response_by_response_body( HTTPStatus.NO_CONTENT, None) return common_utils.response(response, pm_logger)
def delete_user(trace_id, organization_id, user_id, email): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # check the deletion condition if user_id == trace_id: try: count = pm_affiliation.query_users_check_authority_count( trace_id, user_id, organization_id, Authority.Owner) except PmError as e: return common_utils.error_exception( MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) if count == 0: return common_utils.error_common(MsgConst.ERR_REQUEST_203, HTTPStatus.PRECONDITION_FAILED, pm_logger) # get user to delete try: user = pm_affiliation.query(user_id, organization_id) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) if not user: return common_utils.error_common(MsgConst.ERR_301, HTTPStatus.NOT_FOUND, pm_logger) # delete user try: pm_affiliation.delete_affiliation(user_id, organization_id) except PmError as e: return common_utils.error_exception(MsgConst.ERR_DB_405, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # set task informaiton request delete in Organization Tasks task_id = str(uuid.uuid4()) target = CommonConst.TARGET_DELETE_ORG_USER.format(user_id, organization_id) try: # create task informaiton request delete in Organization Tasks pm_organizationTasks.create_organizationTask( trace_id, task_id, CommonConst.TASK_TYPE_CODE_DELETE_ORG_USER, target, trace_id, email, Status.Waiting.value, 0, 3) except PmError as e: return common_utils.error_exception(MsgConst.ERR_DB_403, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) try: # Send message to organization topic task aws_common.sns_organization_topic( trace_id, task_id, CommonConst.TASK_TYPE_CODE_DELETE_ORG_USER) except PmError as e: common_utils.write_log_pm_error(e, pm_logger, exc_info=True) response = common_utils.get_response_by_response_body( HTTPStatus.NO_CONTENT, None) return common_utils.response(response, pm_logger)
def update_organization(trace_id, organization_id, data_body): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # Parse JSON try: body_object = json.loads(data_body) organization_name = body_object["name"] except Exception as e: return common_utils.error_exception(MsgConst.ERR_REQUEST_202, HTTPStatus.BAD_REQUEST, e, pm_logger, True) # Validate list_error = validate_update(organization_name) if list_error: return common_utils.error_validate(MsgConst.ERR_REQUEST_201, HTTPStatus.UNPROCESSABLE_ENTITY, list_error, pm_logger) # Databaseから組織情報を取得する try: organization_item = pm_organizations.get_organization( trace_id, organization_id) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) if (not organization_item): return common_utils.error_common(MsgConst.ERR_301, HTTPStatus.NOT_FOUND, pm_logger) # Update Organization attribute = {'OrganizationName': {"Value": organization_name}} updated_at = organization_item['UpdatedAt'] try: pm_organizations.update_organization(trace_id, organization_id, attribute, updated_at) except PmError as e: return common_utils.error_exception(MsgConst.ERR_DB_404, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # Get data update try: organization_result = pm_organizations.get_organization( trace_id, organization_id, True) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) response = common_utils.get_response_by_response_body( HTTPStatus.OK, organization_result) # return data response return common_utils.response(response, pm_logger)
def execute_security_check_with_executed_type(trace_id, organization_id, project_id, user_id, email, executed_type): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # リソース関連性のバリデーションチェックを行います。 try: project = pm_projects.get_projects_by_organization_id( trace_id, project_id, organization_id) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) if not project: return common_utils.error_common( MsgConst.ERR_AWS_401, HTTPStatus.UNPROCESSABLE_ENTITY, pm_logger) try: check_history_id = common_utils.get_uuid4() executed_date_time = common_utils.get_current_date() pm_checkHistory.create(trace_id, check_history_id, organization_id, project_id, CHECK_SECURITY, CheckStatus.Waiting, None, executed_type, None, executed_date_time, None, user_id) except PmError as e: return common_utils.error_exception(MsgConst.ERR_DB_403, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) try: topic_arn = common_utils.get_environ( CommonConst.SECURITYCHECK_EXECUTE_TOPIC) subject = "USER : {0}".format(user_id) message = { 'CheckHistoryId': check_history_id } # Publish message aws_common.aws_sns(trace_id, subject, json.dumps(message), topic_arn) except PmError as e: common_utils.write_log_pm_error(e, pm_logger, exc_info=True) try: check_history = pm_checkHistory.query_key(trace_id, check_history_id, True) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # return data response response = common_utils.get_response_by_response_body( HTTPStatus.CREATED, check_history) return common_utils.response(response, pm_logger)
def get_user_attributes(user_id): pm_logger = common_utils.begin_logger(user_id, __name__, inspect.currentframe()) try: user = pm_userAttribute.query_key(user_id, True) if user is None: user = {} except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # data response response = common_utils.get_response_by_response_body(HTTPStatus.OK, user) return common_utils.response(response, pm_logger)
def create_awscoops(trace_id, project_id, organization_id): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) try: project = pm_projects.get_projects_by_organization_id( trace_id, project_id, organization_id) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # 組織情報を取得します。 if (not project): return common_utils.error_common(MsgConst.ERR_AWS_401, HTTPStatus.UNPROCESSABLE_ENTITY, pm_logger) # Create AWSアカウント連携 coop_id = str(uuid.uuid4()) aws_account = CommonConst.UNKNOWN aws_account_name = None role_name = None external_id = str(uuid.uuid4()) description = None effective = Effective.UnConfirmed.value try: pm_awsAccountCoops.create_awscoops(trace_id, coop_id, aws_account, aws_account_name, role_name, external_id, description, effective, organization_id, project_id) except PmError as e: return common_utils.error_exception(MsgConst.ERR_DB_403, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # Get data response try: awscoops_item = pm_awsAccountCoops.query_awscoop_coop_key( trace_id, coop_id, convert_response=True) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # return data response response = common_utils.get_response_by_response_body( HTTPStatus.CREATED, awscoops_item) return common_utils.response(response, pm_logger)
def list_security_check_reports(trace_id, organization_id, project_id): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) try: result = pm_checkHistory.query_project_index_by_organization_id( trace_id, organization_id, project_id, convert_response=True) except PmError as err: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, err, pm_logger, True) # return response data response = common_utils.get_response_by_response_body( HTTPStatus.OK, result) return common_utils.response(response, pm_logger)
def get_list_project(trace_id, organization_id): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) try: list_projects_result = pm_projects.query_organization_index( trace_id, organization_id, convert_response=True) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # data response response = common_utils.get_response_by_response_body( HTTPStatus.OK, list_projects_result) return common_utils.response(response, pm_logger)
def get_list_reports(trace_id, organization_id, project_id): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) try: reports = pm_reports.query_reports_filter_organization( trace_id, project_id, organization_id, convert_response=True) except PmError as err: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, err, pm_logger, True) # response when do success response = common_utils.get_response_by_response_body( HTTPStatus.OK, reports) return common_utils.response(response, pm_logger)
def update_security_check_webhook(trace_id, webhook_path, user_id, data_body): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) has_webhook_path = 'webhookPath' in data_body has_enabled = 'enabled' in data_body webhook = None try: webhooks = pm_securityCheckWebhook.query_webhook_index( trace_id, webhook_path) if webhooks: webhook = webhooks[0] except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) if not webhook: return common_utils.error_common(MsgConst.ERR_301, HTTPStatus.NOT_FOUND, pm_logger) if webhook['UserID'] != user_id: return common_utils.error_common(MsgConst.ERR_301, HTTPStatus.NOT_FOUND, pm_logger) if has_webhook_path: attribute = {'WebhookPath': {"Value": common_utils.get_uuid4()}} elif has_enabled: attribute = {'Enabled': {"Value": data_body['enabled']}} else: return common_utils.error_common(MsgConst.ERR_REQUEST_201, HTTPStatus.BAD_REQUEST, pm_logger) updated_at = webhook['UpdatedAt'] try: pm_securityCheckWebhook.update( trace_id, webhook['SecurityCheckWebhookID'], attribute, updated_at) webhook = pm_securityCheckWebhook.query_key( trace_id, webhook['SecurityCheckWebhookID'], convert_response=True) except PmError as e: return common_utils.error_exception(MsgConst.ERR_DB_404, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) response = common_utils.get_response_by_response_body( HTTPStatus.OK, webhook) return common_utils.response(response, pm_logger)
def delete_project(trace_id, email, project_id, organization_id): # Get logging pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) try: project = pm_projects.get_projects_by_organization_id( trace_id, project_id, organization_id, convert_response=True) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # 組織情報を取得します。 if (not project): return common_utils.error_common(MsgConst.ERR_301, HTTPStatus.NOT_FOUND, pm_logger) # プロジェクト削除の条件を満たしているかチェックを行います。現時点ではチェックすべき項目はありません。 # 現時点ではチェックすべき項目はありません。 # Delete project try: pm_projects.delete_projects(trace_id, project_id) except PmError as e: return common_utils.error_exception(MsgConst.ERR_DB_405, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # Create task task_id = str(uuid.uuid4()) user_id = trace_id try: pm_organizationTasks.create_organizationTask(trace_id, task_id, "DELETE_PRJ", project_id, user_id, email, Status.Waiting.value, 0, 3) except PmError as e: return common_utils.error_exception(MsgConst.ERR_DB_403, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) aws_common.sns_organization_topic(trace_id, task_id, "DELETE_PRJ") # data response response = common_utils.get_response_by_response_body( HTTPStatus.NO_CONTENT, None) return common_utils.response(response, pm_logger)
def create_notifyslack(trace_id, organization_id, data_body): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # リクエストボディのJSONでパースエラーが発生した場合は、ログを出力してエラーレスポンスを返します。 try: body_object = json.loads(data_body) notify_code = body_object['notifyCode'] webhook_url = body_object['webhookUrl'] except Exception as e: return common_utils.error_exception(MsgConst.ERR_REQUEST_202, HTTPStatus.BAD_REQUEST, e, pm_logger, True) mentions = None if common_utils.check_key('mentions', body_object): mentions = body_object['mentions'] # バリデーションチェックを行います。 list_error = validate_notifyslack(notify_code, webhook_url) if list_error: return common_utils.error_validate(MsgConst.ERR_REQUEST_201, HTTPStatus.UNPROCESSABLE_ENTITY, list_error, pm_logger) # Slack通知設定情報を作成します。 try: pm_orgNotifySlack.create(trace_id, organization_id, notify_code, webhook_url, mentions) except PmError as e: return common_utils.error_exception(MsgConst.ERR_DB_403, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # get record created try: org_notify_slack_created = pm_orgNotifySlack.query_key( trace_id, organization_id, notify_code, True) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # return data response = common_utils.get_response_by_response_body( HTTPStatus.CREATED, org_notify_slack_created) return common_utils.response(response, pm_logger)
def delete_assessment_item(trace_id, organization_id, project_id, check_item_code, coop_id): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # リソース関連性のバリデーションチェックを行います。 try: awscoop_item = pm_awsAccountCoops.query_awscoop_coop_key( trace_id, coop_id) except Exception as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) if not awscoop_item: return common_utils.error_common(MsgConst.ERR_AWS_401, HTTPStatus.UNPROCESSABLE_ENTITY, pm_logger) # マニュアル評価情報を取得します。 assessment_item_id = CommonConst.ASSESSMENTITEM_ID.format( organization_id, project_id, awscoop_item['AWSAccount'], check_item_code) try: assessment_item = pm_assessmentItems.query_key(trace_id, assessment_item_id) except Exception as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) if not assessment_item: return common_utils.error_common(MsgConst.ERR_301, HTTPStatus.NOT_FOUND, pm_logger) # マニュアル評価情報を削除します。 try: pm_assessmentItems.delete(trace_id, assessment_item_id) except Exception as e: return common_utils.error_exception(MsgConst.ERR_DB_405, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # return response data response = common_utils.get_response_by_response_body( HTTPStatus.NO_CONTENT, None) return common_utils.response(response, pm_logger)
def create_project(trace_id, organization_id, data_body): # Get logging pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # Parse JSON try: body_object = json.loads(data_body) project_name = body_object["name"] description = body_object["description"] except Exception as e: return common_utils.error_exception(MsgConst.ERR_REQUEST_202, HTTPStatus.BAD_REQUEST, e, pm_logger, True) # Validate list_error = validate_project(trace_id, project_name) if list_error: return common_utils.error_validate(MsgConst.ERR_REQUEST_201, HTTPStatus.UNPROCESSABLE_ENTITY, list_error, pm_logger) # Create Project project_id = str(uuid.uuid4()) if common_utils.is_null(description): description = None try: pm_projects.create_projects(trace_id, project_id, project_name, description, organization_id) except PmError as e: return common_utils.error_exception(MsgConst.ERR_DB_403, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) try: project_item = pm_projects.get_projects(trace_id, project_id, convert_response=True) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # return data response response = common_utils.get_response_by_response_body( HTTPStatus.CREATED, project_item[0]) return common_utils.response(response, pm_logger)
def request_output_report(trace_id, email, organization_id, project_id, report_id, file_type): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # Validate list_error = validate_output_report(trace_id, file_type) if list_error: return common_utils.error_validate(MsgConst.ERR_REQUEST_201, HTTPStatus.UNPROCESSABLE_ENTITY, list_error, pm_logger) # レポートテーブルから、レポート情報を取得します。 try: # get report report = pm_reports.query_report_filter_organization_project( trace_id, report_id, project_id, organization_id, ReportStatus.ConvertFinish.value) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) if (not report): return common_utils.error_common(MsgConst.ERR_301, HTTPStatus.NOT_FOUND, pm_logger) # 指定のファイル形式のレポートがすでに作成済みか確認します。 if (report[0]['ExcelOutputStatus'] != ExcelStatus.Waiting.value): return common_utils.error_common(MsgConst.ERR_302, HTTPStatus.CONFLICT, pm_logger) # レポート出力ジョブの設定 job_id = [] code = 'OUTPUT_REPORT_EXCEL' response, job_id = job_report(trace_id, email, report_id, code, job_id) if response: return common_utils.response(response, pm_logger) # 取得したジョブIDをレスポンス(ステータスコード:201)として返します。 response = common_utils.get_response_by_response_body( HTTPStatus.CREATED, job_id[0]) return common_utils.response(response, pm_logger)
def change_invite(trace_id, organization_id, user_id, invite): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # get affiliation try: affiliation = pm_affiliation.query_affiliation_filter_invite( trace_id, user_id, organization_id, InvitationStatus.Invited) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) if not affiliation: return common_utils.error_common(MsgConst.ERR_301, HTTPStatus.NOT_FOUND, pm_logger) # update invite attribute = {'InvitationStatus': {"Value": invite}} updated_at = affiliation[0]['UpdatedAt'] try: pm_affiliation.update_affiliation(trace_id, user_id, organization_id, attribute, updated_at) except PmError as err: return common_utils.error_exception(MsgConst.ERR_DB_404, HTTPStatus.INTERNAL_SERVER_ERROR, err, pm_logger, True) # Get data update try: affiliation_result = pm_affiliation.get_affiliation( user_id, organization_id, True) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) response = common_utils.get_response_by_response_body( HTTPStatus.CREATED, affiliation_result) # return data response return common_utils.response(response, pm_logger)
def delete_report(trace_id, email, report_id, organization_id, project_id): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) try: # get report report_item = pm_reports.query_report_filter_organization_project( trace_id, report_id, project_id, organization_id) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) if (not report_item): return common_utils.error_common(MsgConst.ERR_301, HTTPStatus.NOT_FOUND, pm_logger) try: # delete report pm_reports.delete_reports(trace_id, report_id) except PmError as e: return common_utils.error_exception(MsgConst.ERR_DB_405, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) task_id = common_utils.get_uuid4() try: # create task informaiton request delete in Organization Tasks pm_organizationTasks.create_organizationTask(trace_id, task_id, task_code, report_id, trace_id, email, 0, 0, 3) except PmError as e: return common_utils.error_exception(MsgConst.ERR_DB_403, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # Send message to organization topic task aws_common.sns_organization_topic(trace_id, task_id, task_code) # response if delete success response = common_utils.get_response_by_response_body( HTTPStatus.NO_CONTENT, None) return common_utils.response(response, pm_logger)
def get_security_check_report_url(trace_id, user_id, history_id): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # チェック履歴情報を取得します。 try: check_history = pm_checkHistory.get_check_history_by_status( trace_id, history_id, CheckStatus.ReportCompleted) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # 該当するレコードが存在しない場合(取得件数が0件) if len(check_history) == 0: return common_utils.error_common(MsgConst.ERR_301, HTTPStatus.NOT_FOUND, pm_logger) # 取得したチェック履歴情報より組織IDを取得する organization_id = check_history[0]['OrganizationID'] # アクセス権限チェックを行います response_authority = checkauthority.authority( trace_id, user_id, organization_id, Authority.Viewer) if response_authority: return common_utils.response(response_authority, pm_logger) # 有効期限が作成から1時間となる署名付きURLを作成します。 try: signed_url = aws_common.generate_presigned_url( trace_id, common_utils.get_environ('S3_CHECK_BUCKET'), check_history[0]['ReportFilePath']) except PmError as e: return common_utils.error_exception(MsgConst.ERR_999, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # return data response response_body = {"URL": signed_url} response = common_utils.get_response_by_response_body( HTTPStatus.OK, response_body) return common_utils.response(response, pm_logger)
def get_report_url(trace_id, report_id, organization_id, project_id, file_type): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # Validate list_error = validate_output_report(trace_id, file_type) if list_error: return common_utils.error_validate(MsgConst.ERR_REQUEST_201, HTTPStatus.UNPROCESSABLE_ENTITY, list_error, pm_logger) try: report = pm_reports.query_report_filter_organization_project( trace_id, report_id, project_id, organization_id, ReportStatus.ConvertFinish) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) if not report: return common_utils.error_common(MsgConst.ERR_301, HTTPStatus.NOT_FOUND, pm_logger) if report[0]["ExcelOutputStatus"] != ExcelStatus.Finish: return common_utils.error_common(MsgConst.ERR_301, HTTPStatus.NOT_FOUND, pm_logger) try: excel_path = report[0]["ExcelPath"] bucket = os.environ.get("S3_REPORT_BUCKET") url = aws_common.generate_presigned_url(trace_id, bucket, excel_path) except PmError as e: return common_utils.error_exception(MsgConst.ERR_999, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) response_body = {"URL": url} response = common_utils.get_response_by_response_body( HTTPStatus.OK, response_body) return common_utils.response(response, pm_logger)
def generate_security_check_webhook(trace_id, organization_id, project_id, user_id, email): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # リソース関連性のバリデーションチェックを行います。 try: project = pm_projects.get_projects_by_organization_id( trace_id, project_id, organization_id) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) if not project: return common_utils.error_common( MsgConst.ERR_AWS_401, HTTPStatus.UNPROCESSABLE_ENTITY, pm_logger) try: webhooks = pm_securityCheckWebhook.query_project_index( trace_id, project_id, user_id) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) if webhooks: return common_utils.error_common(MsgConst.ERR_302, HTTPStatus.CONFLICT, pm_logger) try: security_check_webhook_id = common_utils.get_uuid4() webhook_path = common_utils.get_uuid4() pm_securityCheckWebhook.create(trace_id, security_check_webhook_id, webhook_path, user_id, email, organization_id, project_id, 3) except PmError as e: return common_utils.error_exception(MsgConst.ERR_DB_403, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) response = common_utils.get_response_by_response_body( HTTPStatus.CREATED, {'webhookPath': webhook_path}) return common_utils.response(response, pm_logger)
def count_myorganizations(trace_id, user_id, invite_status): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # Validate list_error = common_utils.validate_invite_status(trace_id, invite_status) if list_error: return common_utils.error_validate(MsgConst.ERR_REQUEST_201, HTTPStatus.UNPROCESSABLE_ENTITY, list_error, pm_logger) try: count = pm_affiliation.query_userid_key_invite_count( trace_id, user_id, int(invite_status)) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) response_body = {"count": count} response = common_utils.get_response_by_response_body( HTTPStatus.OK, response_body) return common_utils.response(response, pm_logger)
def get_organization(trace_id, organization_id): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) try: organization = pm_organizations.get_organization( trace_id, organization_id, True) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # 組織情報を取得します。 if (not organization): return common_utils.error_common(MsgConst.ERR_301, HTTPStatus.NOT_FOUND, pm_logger) # data response response = common_utils.get_response_by_response_body( HTTPStatus.OK, organization) return common_utils.response(response, pm_logger)
def get_assessment_item(trace_id, organization_id, project_id, coop_id, check_item_code): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # AWSアカウントAWSAccountは、AWSアカウント連携テーブルに、AWSアカウント連携ID{coop_id}をキーとしてクエリを実行します。 try: awscoops_item = pm_awsAccountCoops.query_awscoop_coop_key( trace_id, coop_id) except Exception as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # 有効なAWSアカウントが存在しなかった場合(取得件数が0件) if (not awscoops_item): return common_utils.error_common(MsgConst.ERR_AWS_401, HTTPStatus.UNPROCESSABLE_ENTITY, pm_logger) # マニュアル評価情報を取得します。 assessment_item_id = CommonConst.ASSESSMENTITEM_ID.format( organization_id, project_id, awscoops_item['AWSAccount'], check_item_code) try: assessment_item = pm_assessmentItems.query_key(trace_id, assessment_item_id, True) except Exception as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # 該当レコードが存在しなかった場合(取得件数が0件) if (not assessment_item): assessment_item = [] # 取得したチェック項目除外情報をレスポンス(ステータスコード:200)として返します。 response = common_utils.get_response_by_response_body( HTTPStatus.OK, assessment_item) return common_utils.response(response, pm_logger)
def get_excluesion_item(trace_id, organization_id, project_id, check_item_code, coop_id): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # リソース関連性のバリデーションチェックを行います。 try: awscoop_item = pm_awsAccountCoops.query_awscoop_coop_key( trace_id, coop_id) except Exception as err: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, err, pm_logger, True) if not awscoop_item: return common_utils.error_common(MsgConst.ERR_AWS_401, HTTPStatus.UNPROCESSABLE_ENTITY, pm_logger) # チェック項目除外情報を取得します。 exclusion_item_id = CommonConst.EXCLUSIONITEM_ID.format( organization_id, project_id, awscoop_item['AWSAccount'], check_item_code) try: exclusion_item = pm_exclusionitems.query_key(trace_id, exclusion_item_id, True) except Exception as err: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, err, pm_logger, True) if not exclusion_item: exclusion_item = [] # return response data response = common_utils.get_response_by_response_body( HTTPStatus.OK, exclusion_item) return common_utils.response(response, pm_logger)
def get_list_users(trace_id, organization_id, invite_status): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # Validate if not common_utils.is_null(invite_status): list_error = common_utils.validate_invite_status( trace_id, invite_status) if list_error: return common_utils.error_validate(MsgConst.ERR_REQUEST_201, HTTPStatus.UNPROCESSABLE_ENTITY, list_error, pm_logger) try: users = pm_affiliation.query_users_organization_index( trace_id, organization_id, invite_status, convert_response=True) except PmError as err: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, err, pm_logger, True) # response when do success response = common_utils.get_response_by_response_body(HTTPStatus.OK, users) return common_utils.response(response, pm_logger)