class Account(db.Model):
__tablename__ = "account"
id = db.Column(db.Integer, primary_key=True)
uuid = db.Column(db.String(500), nullable=False)
foreign = db.Column(db.Boolean(), nullable=False)
blacklisted = db.Column(db.Boolean())
job_uuid = db.Column(db.String(500), nullable=False)
name = db.Column(db.String(500))
created_at = db.Column(db.DateTime, default=datetime.now, nullable=False)
updated_at = db.Column(db.DateTime, default=datetime.now)
roles = db.relationship('Role', backref='account', lazy=True)
users = db.relationship('User', backref='account', lazy=True)
policies = db.relationship('Policy', backref='account', lazy=True)
def __repr__(self):
return self.uuid
def __eq__(self, other):
return isinstance(other, Account) and self.uuid == other.uuid
@staticmethod
def find_or_create(uuid, foreign=False):
blacklisted = uuid in BLACK_LIST
account = Account(uuid=uuid, foreign=foreign, blacklisted=blacklisted)
for o in db.session:
if account == o:
return o
account_in_db = db.session.query(Account).filter_by(uuid=uuid).first()
if account_in_db:
db.session.add(account_in_db)
return account_in_db
db.session.add(account)
return account
class Service(db.Model):
__tablename__ = "service"
id = db.Column(db.Integer, primary_key=True)
name = db.Column(db.String(500))
holds_data = db.Column(db.Boolean())
critical = db.Column(db.Boolean())
created_at = db.Column(db.DateTime, default=datetime.now, nullable=False)
updated_at = db.Column(db.DateTime, default=datetime.now)
# policy = db.relationship("Permission", back_populates="service")
def __repr__(self):
return self.name
@staticmethod
def find_or_create(name):
service = Service.query.filter_by(name=name).first()
if service:
return service
service = Service(name=name)
db.session.add(service)
return service
class Role(db.Model):
__tablename__ = "role"
id = db.Column(db.Integer, primary_key=True)
arn = db.Column(db.String(500))
name = db.Column(db.String(500))
ext_entity_compliance = db.Column(db.Boolean(), nullable=False)
last_used = db.Column(db.DateTime)
last_used_region = db.Column(db.String(500))
inline_count = db.Column(db.Integer)
account_id = db.Column(db.Integer,
db.ForeignKey('account.id'),
nullable=False)
policies = db.relationship("Policy",
secondary=role_policies,
lazy='subquery',
backref='roles')
trusted_users = db.relationship("User",
secondary=trusted_role_users,
lazy='subquery')
trusted_accounts = db.relationship("Account",
secondary=trusted_role_accounts,
lazy='subquery')
trusted_services = db.relationship("Service",
secondary=trusted_role_services,
lazy='subquery')
foreign = db.Column(db.Boolean(), nullable=False)
job_uuid = db.Column(db.String(500), nullable=False)
create_date = db.Column(db.DateTime, nullable=False)
created_at = db.Column(db.DateTime, default=datetime.now, nullable=False)
updated_at = db.Column(db.DateTime, default=datetime.now)
trusted_roles = db.relationship(
"Role",
secondary=trusted_role_roles,
primaryjoin=id == trusted_role_roles.c.role_id,
secondaryjoin=id == trusted_role_roles.c.assuming_role_id,
lazy='subquery')
def __repr__(self):
return self.arn
def __eq__(self, other):
return isinstance(other, Role) and self.arn == other.arn
@staticmethod
def find_or_create(arn, foreign=False):
role = Role(arn=arn, foreign=foreign)
for o in db.session:
if role == o:
return o
role_in_db = db.session.query(Role).filter_by(arn=arn).first()
if role_in_db:
db.session.add(role_in_db)
return role_in_db
db.session.add(role)
return role
from app.models.db.db import db
from datetime import datetime
from sqlalchemy.orm import validates
role_policies = db.Table(
'role_policy',
db.Column('role_id',
db.Integer,
db.ForeignKey('role.id'),
primary_key=True),
db.Column('policy_id',
db.Integer,
db.ForeignKey('policy.id'),
primary_key=True))
trusted_role_users = db.Table(
'trusted_role_user',
db.Column('role_id',
db.Integer,
db.ForeignKey('role.id'),
primary_key=True),
db.Column('user_id',
db.Integer,
db.ForeignKey('user.id'),
primary_key=True))
trusted_role_roles = db.Table(
'trusted_role_role',
db.Column('role_id',
db.Integer,
db.ForeignKey('role.id'),
class Policy(db.Model):
__tablename__ = "policy"
id = db.Column(db.Integer, primary_key=True)
arn = db.Column(db.String(500))
scope = db.Column(db.String(500))
name = db.Column(db.String(500))
attachment_count = db.Column(db.Integer)
description = db.Column(db.Text())
is_attachable = db.Column(db.Boolean)
account_id = db.Column(db.Integer,
db.ForeignKey('account.id'),
nullable=False)
job_uuid = db.Column(db.String(500), nullable=False)
create_date = db.Column(db.DateTime, nullable=False)
update_date = db.Column(db.DateTime, nullable=False)
created_at = db.Column(db.DateTime, default=datetime.now, nullable=False)
updated_at = db.Column(db.DateTime, default=datetime.now)
services = db.relationship("Policy", secondary="permission")
permissions = db.relationship("Permission", cascade="all,delete")
def __repr__(self):
return self.arn
@staticmethod
def find_or_create(arn, account_id):
policy = Policy.query.filter_by(arn=arn, account_id=account_id).first()
if policy:
return policy
policy = Policy(arn=arn)
db.session.add(policy)
return policy
class Permission(db.Model):
__tablename__ = "permission"
id = db.Column(db.Integer, primary_key=True)
service_id = db.Column(db.Integer, db.ForeignKey('service.id'), nullable=False)
policy_id = db.Column(db.Integer, db.ForeignKey('policy.id'), nullable=False)
last_used = db.Column(db.DateTime)
reading = db.Column(db.Boolean(), default=False, nullable=False)
writing = db.Column(db.Boolean(), default=False, nullable=False)
job_uuid = db.Column(db.String(500), nullable=False)
listing = db.Column(db.Boolean(), default=False, nullable=False)
managing = db.Column(db.Boolean(), default=False, nullable=False)
tagging = db.Column(db.Boolean(), default=False, nullable=False)
last_auth_entity = db.Column(db.String(500))
created_at = db.Column(db.DateTime, default=datetime.now, nullable=False)
updated_at = db.Column(db.DateTime, default=datetime.now)
# service = db.relationship('Service', lazy=True)
# policy = db.relationship("Policy", backref="permissions")
service = db.relationship("Service", backref="permissions")
def __eq__(self, other):
return isinstance(other, Permission) and self.policy_id == other.policy_id and self.service_id == other.service_id
class User(db.Model):
__tablename__ = "user"
id = db.Column(db.Integer, primary_key=True)
name = db.Column(db.String(500))
last_auth = db.Column(db.DateTime)
arn = db.Column(db.String(500))
account_id = db.Column(db.Integer,
db.ForeignKey('account.id'),
nullable=False)
foreign = db.Column(db.Boolean(), nullable=False)
inline_count = db.Column(db.Integer)
create_date = db.Column(db.DateTime)
created_at = db.Column(db.DateTime, default=datetime.now, nullable=False)
updated_at = db.Column(db.DateTime, default=datetime.now)
job_uuid = db.Column(db.String(500), nullable=False)
policies = db.relationship("Policy",
secondary=user_policies,
lazy='subquery',
backref='users')
def __repr__(self):
return self.arn
def __eq__(self, other):
return isinstance(other, User) and self.arn == other.arn
@staticmethod
def find_or_create(arn, foreign=False):
user = User(arn=arn, foreign=foreign)
for o in db.session:
if user == o:
return o
user_in_db = db.session.query(User).filter_by(arn=arn).first()
if user_in_db:
db.session.add(user_in_db)
return user_in_db
db.session.add(user)
return user
from app.models.db.db import db
from app.models.db.policy import Policy
from datetime import datetime
user_policies = db.Table(
'user_policy',
db.Column('user_id',
db.Integer,
db.ForeignKey('user.id'),
primary_key=True),
db.Column('policy_id',
db.Integer,
db.ForeignKey('policy.id'),
primary_key=True))
class User(db.Model):
__tablename__ = "user"
id = db.Column(db.Integer, primary_key=True)
name = db.Column(db.String(500))
last_auth = db.Column(db.DateTime)
arn = db.Column(db.String(500))
account_id = db.Column(db.Integer,
db.ForeignKey('account.id'),
nullable=False)
foreign = db.Column(db.Boolean(), nullable=False)
inline_count = db.Column(db.Integer)
create_date = db.Column(db.DateTime)
created_at = db.Column(db.DateTime, default=datetime.now, nullable=False)
updated_at = db.Column(db.DateTime, default=datetime.now)
job_uuid = db.Column(db.String(500), nullable=False)