def email_user_without_access(user_email, projects, google_project_id):
"""
Send email to user, indicating no access to given projects
Args:
user_email (str): address to send email to
projects (list(str)): list of projects user does not have access to that they should
google_project_id (str): id of google project user belongs to
Returns:
HTTP response
"""
to_emails = [user_email]
from_email = config["PROBLEM_USER_EMAIL_NOTIFICATION"]["from"]
subject = config["PROBLEM_USER_EMAIL_NOTIFICATION"]["subject"]
domain = config["PROBLEM_USER_EMAIL_NOTIFICATION"]["domain"]
if config["PROBLEM_USER_EMAIL_NOTIFICATION"]["admin"]:
to_emails.extend(config["PROBLEM_USER_EMAIL_NOTIFICATION"]["admin"])
text = config["PROBLEM_USER_EMAIL_NOTIFICATION"]["content"]
content = text.format(google_project_id, ",".join(projects))
return utils.send_email(from_email, to_emails, subject, content, domain)
def _send_emails_informing_service_account_removal(
to_emails, invalid_service_account_reasons, invalid_project_reasons, project_id
):
"""
Send emails to list of emails
Args:
to_emails(list(str)): list of email addaresses
invalid_service_account_reasons(dict): removal reasons of service accounts
project_id(str): google project id
Returns:
httpResponse or None: None if input list is empty
Exceptions:
ValueError
"""
if not to_emails:
return None
from_email = config["REMOVE_SERVICE_ACCOUNT_EMAIL_NOTIFICATION"]["from"]
subject = config["REMOVE_SERVICE_ACCOUNT_EMAIL_NOTIFICATION"]["subject"]
domain = config["REMOVE_SERVICE_ACCOUNT_EMAIL_NOTIFICATION"]["domain"]
if config["REMOVE_SERVICE_ACCOUNT_EMAIL_NOTIFICATION"]["admin"]:
to_emails.extend(config["REMOVE_SERVICE_ACCOUNT_EMAIL_NOTIFICATION"]["admin"])
text = config["REMOVE_SERVICE_ACCOUNT_EMAIL_NOTIFICATION"]["content"]
content = text.format(project_id)
for email, removal_reasons in invalid_service_account_reasons.iteritems():
if removal_reasons:
content += "\n\t - Service account {} was removed from Google Project {}.".format(
email, project_id
)
for reason in removal_reasons:
content += "\n\t\t - {}".format(reason)
general_project_errors = invalid_project_reasons.get("general", {})
non_reg_sa_errors = invalid_project_reasons.get(
"non_registered_service_accounts", {}
)
access_errors = invalid_project_reasons.get("access")
if general_project_errors or non_reg_sa_errors or access_errors:
content += (
"\n\t - Google Project {} determined invalid. All service "
"accounts with data access will be removed from access.".format(project_id)
)
for removal_reason in general_project_errors:
if removal_reason:
content += "\n\t\t - {}".format(removal_reason)
if access_errors:
for project, removal_reasons in access_errors.iteritems():
for reason in removal_reasons:
content += "\n\t\t - {}".format(reason)
if non_reg_sa_errors:
for sa_email, removal_reasons in non_reg_sa_errors.iteritems():
content += "\n\t\t - Google Project Service Account {} determined invalid.".format(
sa_email
)
for reason in removal_reasons:
content += "\n\t\t\t - {}".format(reason)
return utils.send_email(from_email, to_emails, subject, content, domain)