def github_oauth_request(event, context):
req_session = RequestSession(event)
req_error = req_session.validate_authorized_request(False, ['authToken'])
if req_error:
return req_error
url = oauth.oauth_request(req_session.get_req_param('authToken'))
return req_session.generate_redirect_response(url)
def post_user_app(event, context):
req_session = RequestSession(event)
req_error = req_session.validate_authorized_request()
if req_error:
return req_error
apps = directory_controller.insert_apps(req_session.get_auth_token(), req_session.get_body())
return req_session.generate_sqlalchemy_response(201, apps)
def delete_datasource(event, context):
req_session = RequestSession(event)
req_error = req_session.validate_authorized_request(True, ["datasourceId"], ["completeDelete"])
if req_error:
return req_error
domain_controller.delete_datasource(req_session.get_auth_token(), req_session.get_req_param("datasourceId"), req_session.get_req_param("completeDelete"))
return req_session.generate_response(200)
def get_resource_tree_data(event, context):
req_session = RequestSession(event)
req_error = req_session.validate_authorized_request(
optional_params=["pageNumber", "pageSize", "datasourceId"])
if req_error:
return req_error
auth_token = req_session.get_auth_token()
payload = req_session.get_body()
accessible_by = payload.get("accessibleBy")
exposure_type = payload.get("exposureType")
resource_type = payload.get("resourceType")
page_number = payload.get("pageNumber")
page_size = payload.get("pageSize")
owner_email_id = payload.get("ownerEmailId")
parent_folder = payload.get("parentFolder")
selected_date = payload.get("selectedDate")
search_prefix = payload.get("prefix")
sort_column_name = payload.get("sortColumn")
sort_type = payload.get("sortType")
datasource_id = payload.get("datasourceId")
source_type = payload.get("sourceType")
resource_list = resource_controller.get_resources(
auth_token, page_number, page_size, accessible_by, exposure_type,
resource_type, search_prefix, owner_email_id, parent_folder,
selected_date, sort_column_name, sort_type, datasource_id, source_type)
return req_session.generate_sqlalchemy_response(200, resource_list)
def get_alert(event, context):
req_session = RequestSession(event)
req_error = req_session.validate_authorized_request()
if req_error:
return req_error
alerts = alert_controller.get_alerts(req_session.get_auth_token())
return req_session.generate_sqlalchemy_response(200, alerts)
def get_user_stats(event, context):
req_session = RequestSession(event)
req_error = req_session.validate_authorized_request(True)
if req_error:
return req_error
stats = directory_controller.get_user_stats(req_session.get_auth_token())
return req_session.generate_sqlalchemy_response(200, stats)
def execute_slack_actions(event, context):
req_session = RequestSession(event)
req_error = req_session.validate_authorized_request(True)
if req_error:
return req_error
body = req_session.get_body()
response = slack_action_facade.execute_slack_actions(req_session.get_auth_token(), body)
log_status = action_constants.ActionStatus.SUCCESS.value
status_code = 200
status_message = "Action completed successfully"
if response['action_status'] == constants.ResponseType.ERROR.value:
status_code = 404
log_status = action_constants.ActionStatus.FAILED.value
status_message = "Action failed"
log_id = body['log_id']
db_session = db_connection().get_session()
current_log = db_session.query(AuditLog).filter(
and_(AuditLog.log_id == log_id, AuditLog.status != action_constants.ActionStatus.FAILED.value)).first()
if current_log:
current_log.status = log_status
current_log.message = status_message
db_connection().commit()
return req_session.generate_response(status_code, response)
def get_trusted_entities(event, context):
req_session = RequestSession(event)
req_error = req_session.validate_authorized_request(True, ["domainId"])
if req_error:
return req_error
trusted_entities = domain_controller.get_all_trusted_entities(req_session.get_req_param("domainId"))
return req_session.generate_sqlalchemy_response(200, trusted_entities)
def post_trusted_entities(event, context):
req_session = RequestSession(event)
req_error = req_session.validate_authorized_request()
if req_error:
return req_error
trusted_entities = domain_controller.create_trusted_entities_for_a_domain(req_session.get_auth_token(), req_session.get_body())
return req_session.generate_sqlalchemy_response(200, trusted_entities)
def get_all_activities(event, context):
req_session = RequestSession(event)
req_error = req_session.validate_authorized_request()
if req_error:
return req_error
activities = get_activites_for_domain(req_session.get_body())
return req_session.generate_sqlalchemy_response(200, activities)
def get_alert_count(event, context):
req_session = RequestSession(event)
req_error = req_session.validate_authorized_request()
if req_error:
return req_error
alerts_count = alert_controller.fetch_alerts_count(
req_session.get_auth_token())
return req_session.generate_response(200, alerts_count)
def delete_policy(event, context):
req_session = RequestSession(event)
req_error = req_session.validate_authorized_request(True, ['policyId'])
if req_error:
return req_error
policy_controller.delete_policy(req_session.get_req_param('policyId'))
return req_session.generate_response(200)
def get_audit_log(event, context):
req_session = RequestSession(event)
req_error = req_session.validate_authorized_request(True)
if req_error:
return req_error
auth_token = req_session.get_auth_token()
audit_log_list = auditlog_controller.get_audit_log(auth_token)
return req_session.generate_sqlalchemy_response(200, audit_log_list)
def receive_github_notifications(event, context):
req_session = RequestSession(event)
req_error = req_session.validate_authorized_request(True)
if req_error:
return
response = notifications_receiver.receive_notification(
req_session.get_auth_token(), req_session.get_body())
return req_session.generate_response(response.get_response_code(),
response.get_response_body())
def get_accesslogs_handler(event, context):
req_session = RequestSession(event)
req_error = req_session.validate_authorized_request(
True, mandatory_params=['datasource_id'], optional_params=['page_num'])
if req_error:
return req_error
response = get_accesslogs(req_session.get_req_param('datasource_id'),
req_session.get_req_param('page_num'))
return req_session.generate_response(response)
def get_datasource(event, context):
req_session = RequestSession(event)
req_error = req_session.validate_authorized_request()
if req_error:
return req_error
datasources = domain_controller.get_datasource(
req_session.get_auth_token(), None)
return req_session.generate_sqlalchemy_response(200, datasources)
def execute_gsuite_actions(event, context):
req_session = RequestSession(event)
req_error = req_session.validate_authorized_request(True)
if req_error:
return req_error
response = gsuite_action_facade.execute_action(
req_session.get_auth_token(), req_session.get_body())
return req_session.generate_sqlalchemy_response(
response.get_response_code(), response.get_response_body())
def get_policies(event, context):
req_session = RequestSession(event)
req_error = req_session.validate_authorized_request()
if req_error:
return req_error
policies = policy_controller.get_policies(req_session.get_auth_token())
return req_session.generate_sqlalchemy_response(200, policies)
def slack_oauth_request(event, context):
req_session = RequestSession(event)
req_error = req_session.validate_authorized_request(
False, ['authtoken'], ['scope'])
if req_error:
return req_error
url = oauth.request_oauth(req_session.get_req_param('scope'),
req_session.get_req_param('authtoken'))
return req_session.generate_redirect_response(url)
def post_policy(event, context):
req_session = RequestSession(event)
req_error = req_session.validate_authorized_request()
if req_error:
return req_error
policy = policy_controller.create_policy(req_session.get_auth_token(),
req_session.get_body())
return req_session.generate_sqlalchemy_response(201, policy)
def update_scan(event, context):
req_session = RequestSession(event)
req_error = req_session.validate_authorized_request(True, ['dataSourceId'])
if req_error:
return req_error
scanner_facade.update_scan(req_session.get_auth_token(),
req_session.get_req_param('dataSourceId'))
return req_session.generate_response(202)
def gdrive_periodic_changes_poll(event, context):
req_session = RequestSession(event)
req_error = req_session.validate_authorized_request(
False, optional_params=['datasource_id'])
if req_error:
return req_error
incremental_scan.gdrive_periodic_changes_poll(
req_session.get_req_param('datasource_id'))
return req_session.generate_response(200)
def handle_channel_expiration(event, context):
req_session = RequestSession(event)
req_error = req_session.validate_authorized_request(
False, optional_params=['page_num'])
if req_error:
return req_error
response = incremental_scan.handle_channel_expiration(
req_session.get_req_param('page_num'))
return req_session.generate_response(202)
def get_all_actions(event, context):
req_session = RequestSession(event)
req_error = req_session.validate_authorized_request()
if req_error:
return req_error
auth_token = req_session.get_auth_token()
actions = actions_controller.get_actions()
return req_session.generate_sqlalchemy_response(200, actions)
def github_oauth_callback(event, context):
req_session = RequestSession(event)
req_error = req_session.validate_authorized_request(False, [], ['code', 'state'])
if req_error:
return req_error
url = oauth.oauth_callback(req_session.get_req_param('code'), req_session.get_req_param('state'))
if not url:
return req_session.generate_error_response(401, "Not Authenticated")
else:
return req_session.generate_redirect_response(url)
def receive_slack_notifications(event, context):
req_session = RequestSession(event)
req_error = req_session.validate_authorized_request(False,
mandatory_params=[],
optional_params=[])
if req_error:
return req_error
response = notifications_receiver.receive_notifications(
req_session.get_body())
return req_session.generate_sqlalchemy_response(202, response or {})
def get_widget_data(event, context):
req_session = RequestSession(event)
req_error = req_session.validate_authorized_request(True)
if req_error:
return req_error
body = req_session.get_body()
data = reports_controller.get_widget_data(req_session.get_auth_token(),
body.get('widget_id'), None,
None, body.get('event_filters'))
return req_session.generate_sqlalchemy_response(200, data)
def update_policy(event, context):
req_session = RequestSession(event)
req_error = req_session.validate_authorized_request(True, ['policyId'])
if req_error:
return req_error
policy = policy_controller.update_policy(
req_session.get_auth_token(), req_session.get_req_param('policyId'),
req_session.get_body())
return req_session.generate_sqlalchemy_response(201, policy)
def process_scanner_data(event, context):
req_session = RequestSession(event)
req_error = req_session.validate_authorized_request(
True, ['domainId', 'dataSourceId', 'scannerId'],
['userId', 'userEmail', 'nextPageNumber', 'change_type'])
if req_error:
return req_error
scanner_facade.process_scanner_data(req_session.get_auth_token(),
req_session.get_all_req_param(),
req_session.get_body())
return req_session.generate_response(200)
def request_scanner_data(event, context):
req_session = RequestSession(event)
req_error = req_session.validate_authorized_request(
True, ['dataSourceId', 'domainId', 'scannerId'],
['repo_name', 'org_name', 'repo_id'])
if req_error:
return req_error
scanner_facade.request_scanner_data(req_session.get_auth_token(),
req_session.get_all_req_param())
return req_session.generate_response(202)
