def doStart(reqbody, context, env, version):
try:
verstr = "chaim-cli-{}".format(env) + " " + version
log.debug("{} doStart entered: {}".format(verstr, reqbody))
ep = EnvParam()
secretpath = ep.getParam("SECRETPATH")
pms = Permissions(secretpath, stagepath=env + "/")
cp = CommandParse(reqbody, roledict=pms.roleAliasDict())
emsg = ""
if cp.dolist:
log.debug("cli account list request")
kdict = {"accountlist": pms.accountList()}
else:
rdict = cp.requestDict()
msg = "incoming CLI request: user agent"
msg += " unknown!" if rdict["useragent"] is None else " {}".format(
rdict["useragent"])
log.info(msg)
if "role" in rdict:
if rdict["role"] is None:
raise DataNotFound("Role not recognised: {}".format(
rdict["rolealias"]))
log.debug("incoming cli request: {}".format(rdict))
kdict, rdict = chaim.buildCredentials(pms, rdict, noUrl=True)
if kdict is None:
emsg = "Failed to build credentials"
else:
chaim.incMetric("key.cli")
return [emsg, kdict]
except Exception as e:
emsg = "doStart: Error {}: {}".format(type(e).__name__, e)
log.error(emsg)
chaim.incMetric("key.cli.error")
return [emsg, None]
def doSnsReq(rbody, context, verstr, ep, env):
"""The chaim sns handler hands off to this after obtaining the wavefront key
:param rbody: the request body
:param context: the AWS lambda context
:param verstr: the full version string
:param ep: an EnvParam object
:param evn: the enviroment this is operating in
"""
secretpath = ep.getParam("SECRETPATH", True)
pms = Permissions(secretpath=secretpath, stagepath=env)
cp = CommandParse(rbody, roledict=pms.roleAliasDict())
if cp.docommand:
log.debug("incoming command request")
chaim.doCommand(cp, pms, verstr)
else:
rdict = cp.requestDict()
rdict["username"] = pms.userNameFromSlackIds(rdict["teamid"],
rdict["slackid"])
try:
log.debug("incoming sns request")
kdict, rdict = chaim.buildCredentials(pms, rdict)
if kdict is None:
raise (Exception("Failed to build credentials."))
cmsg = "\nCredentials OK. "
cmsg += "The ChatBot will send a url for account "
cmsg += "{} ".format(rdict["accountname"])
cmsg += "- {} ".format(kdict["accountid"])
cmsg += "with a role of {}\n".format(rdict["role"])
chaim.sendToSlack(rdict["responseurl"], cmsg)
umsg = "Account ID: {}".format(kdict["accountid"])
if rdict["stage"] == "dev":
umsg += "\nAccessKeyID: {}\n".format(kdict["accesskeyid"])
umsg += "SecretKeyID: {}\n".format(kdict["secretkey"])
umsg += "Session Token: {}\n".format(kdict["sessiontoken"])
umsg += "\nLink {}\n".format(rdict["expiresstr"].lower())
chaim.incMetric("key.sns")
res = chaim.sendSlackBot(
pms.slackapitoken, rdict["slackusername"], umsg, kdict["url"],
"{} {}".format(rdict["accountname"].upper(), rdict["role"]))
if res['ok'] is False:
emsg = "Sending login url to users private Slack Channel failed"
emsg += ": {}".format(res)
log.error(emsg)
chaim.sendToSlack(rdict["responseurl"], emsg)
raise (chaim.SlackSendFail(emsg))
except Exception as e:
emsg = "doSnsReq error: {}: {}".format(type(e).__name__, e)
log.error(emsg)
chaim.sendToSlack(rdict["responseurl"], emsg)
def doStartGui(rbody, context, env, version):
try:
log.debug("dostartgui entry")
verstr = "chaim-cligui-{}".format(env) + " " + version
log.debug("{} doStartGui entered: {}".format(verstr, rbody))
parsed = parse_qs(rbody)
creds = {
"Credentials": {
"AccessKeyId": parsed.get("accesskey")[0],
"SecretAccessKey": parsed.get("secret")[0],
"SessionToken": parsed.get("session")[0]
}
}
log.debug("creds {}".format(creds))
ar = AssumedRole(creds)
duration = parsed.get("duration")[0]
useragent = None
tmp = parsed.get("useragent")
if tmp is not None:
useragent = tmp[0]
msg = "incoming url request: user agent: "
msg += "unknown!" if useragent is None else "{}".format(useragent)
log.info(msg)
loginurl = ar.getLoginUrl(duration)
emsg = None if loginurl is not None else "Failed to obtain a url"
msg = "GUI url issued to "
msg += parsed.get("username")[0]
msg += " for account "
msg += parsed.get("account")[0]
if emsg is None:
log.info(msg)
chaim.incMetric("gui")
else:
log.error(emsg)
return [emsg, {"url": loginurl}]
except Exception as e:
emsg = "start cli gui: {}: {}".format(type(e).__name__, e)
log.error(emsg)
return [emsg, None]