def _get_type(self, policy):
"""
Returns the type of the given policy
:param string or dict policy: Policy data
:return PolicyTypes: Type of the given policy. None, if type could not be inferred
"""
# Must handle intrinsic functions. Policy could be a primitive type or an intrinsic function
# Managed policies are of type string
if isinstance(policy, string_types):
return PolicyTypes.MANAGED_POLICY
# Handle the special case for 'if' intrinsic function
if is_intrinsic_if(policy):
return self._get_type_from_intrinsic_if(policy)
# Intrinsic functions are treated as managed policies by default
if is_instrinsic(policy):
return PolicyTypes.MANAGED_POLICY
# Policy statement is a dictionary with the key "Statement" in it
if isinstance(policy, dict) and "Statement" in policy:
return PolicyTypes.POLICY_STATEMENT
# This could be a policy template then.
if self._is_policy_template(policy):
return PolicyTypes.POLICY_TEMPLATE
# Nothing matches. Don't take opinions on how to handle it. Instead just set the appropriate type.
return PolicyTypes.UNKNOWN
def test_is_intrinsic_must_detect_intrinsics(self, intrinsic_name):
input = {
intrinsic_name: ["some value"]
}
self.assertTrue(is_instrinsic(input))
def _add_cors(self):
"""
Add CORS configuration to the Swagger file, if necessary
"""
INVALID_ERROR = "Invalid value for 'Cors' property"
if not self.cors:
return
if self.cors and not self.definition_body:
raise InvalidResourceException(
self.logical_id,
"Cors works only with inline Swagger specified in "
"'DefinitionBody' property")
if isinstance(self.cors, string_types) or is_instrinsic(self.cors):
# Just set Origin property. Others will be defaults
properties = CorsProperties(AllowOrigin=self.cors)
elif isinstance(self.cors, dict):
# Make sure keys in the dict are recognized
if not all(key in CorsProperties._fields
for key in self.cors.keys()):
raise InvalidResourceException(self.logical_id, INVALID_ERROR)
properties = CorsProperties(**self.cors)
else:
raise InvalidResourceException(self.logical_id, INVALID_ERROR)
if not SwaggerEditor.is_valid(self.definition_body):
raise InvalidResourceException(
self.logical_id,
"Unable to add Cors configuration because "
"'DefinitionBody' does not contain a valid Swagger",
)
if properties.AllowCredentials is True and properties.AllowOrigin == _CORS_WILDCARD:
raise InvalidResourceException(
self.logical_id,
"Unable to add Cors configuration because "
"'AllowCredentials' can not be true when "
"'AllowOrigin' is \"'*'\" or not set",
)
editor = SwaggerEditor(self.definition_body)
for path in editor.iter_on_path():
editor.add_cors(
path,
properties.AllowOrigin,
properties.AllowHeaders,
properties.AllowMethods,
max_age=properties.MaxAge,
allow_credentials=properties.AllowCredentials,
)
# Assign the Swagger back to template
self.definition_body = editor.swagger
def _replace_deployment_types(self, value):
if isinstance(value, list):
for i in range(len(value)):
value[i] = self._replace_deployment_types(value[i])
return value
elif is_instrinsic(value):
for (k, v) in value.items():
value[k] = self._replace_deployment_types(v)
return value
else:
if value in CODEDEPLOY_PREDEFINED_CONFIGURATIONS_LIST:
return fnSub("CodeDeployDefault.Lambda${ConfigName}",
{"ConfigName": value})
return value
def _add_cors(self):
"""
Add CORS configuration to the Swagger file, if necessary
"""
INVALID_ERROR = "Invalid value for 'Cors' property"
if not self.cors:
return
if self.cors and not self.definition_body:
raise InvalidResourceException(self.logical_id,
"Cors works only with inline Swagger specified in "
"'DefinitionBody' property")
if isinstance(self.cors, string_types) or is_instrinsic(self.cors):
# Just set Origin property. Others will be defaults
properties = CorsProperties(AllowOrigin=self.cors)
elif isinstance(self.cors, dict):
# Make sure keys in the dict are recognized
if not all(key in CorsProperties._fields for key in self.cors.keys()):
raise InvalidResourceException(self.logical_id, INVALID_ERROR)
properties = CorsProperties(**self.cors)
else:
raise InvalidResourceException(self.logical_id, INVALID_ERROR)
if not SwaggerEditor.is_valid(self.definition_body):
raise InvalidResourceException(self.logical_id, "Unable to add Cors configuration because "
"'DefinitionBody' does not contain a valid Swagger")
editor = SwaggerEditor(self.definition_body)
for path in editor.iter_on_path():
editor.add_cors(path, properties.AllowOrigin, properties.AllowHeaders, properties.AllowMethods,
max_age=properties.MaxAge)
# Assign the Swagger back to template
self.definition_body = editor.swagger
def _get_type(self, policy):
"""
Returns the type of the given policy
:param string or dict policy: Policy data
:return PolicyTypes: Type of the given policy. None, if type could not be inferred
"""
# Must handle intrinsic functions. Policy could be a primitive type or an intrinsic function
# Managed policies are either string or an intrinsic function that resolves to a string
if isinstance(policy, string_types) or is_instrinsic(policy):
return PolicyTypes.MANAGED_POLICY
# Policy statement is a dictionary with the key "Statement" in it
if isinstance(policy, dict) and "Statement" in policy:
return PolicyTypes.POLICY_STATEMENT
# This could be a policy template then.
if self._is_policy_template(policy):
return PolicyTypes.POLICY_TEMPLATE
# Nothing matches. Don't take opinions on how to handle it. Instead just set the appropriate type.
return PolicyTypes.UNKNOWN
def test_is_intrinsic_on_intrinsic_like_dict_input(self):
self.assertFalse(is_instrinsic({
"Ref": "foo",
"key": "bar"
}))
def test_is_intrinsic_on_non_dict_input(self):
self.assertFalse(is_instrinsic([1,2,3]))
def test_is_intrinsic_on_empty_input(self):
self.assertFalse(is_instrinsic(None))
def test_is_intrinsic_must_detect_intrinsics(self, intrinsic_name):
input = {intrinsic_name: ["some value"]}
self.assertTrue(is_instrinsic(input))
def test_is_intrinsic_on_intrinsic_like_dict_input(self):
self.assertFalse(is_instrinsic({"Ref": "foo", "key": "bar"}))
def test_is_intrinsic_on_non_dict_input(self):
self.assertFalse(is_instrinsic([1, 2, 3]))
def test_is_intrinsic_on_empty_input(self):
self.assertFalse(is_instrinsic(None))
