def doStart(reqbody, context, env, version): try: verstr = "chaim-cli-{}".format(env) + " " + version log.debug("{} doStart entered: {}".format(verstr, reqbody)) ep = EnvParam() secretpath = ep.getParam("SECRETPATH") pms = Permissions(secretpath, stagepath=env + "/") cp = CommandParse(reqbody, roledict=pms.roleAliasDict()) emsg = "" if cp.dolist: log.debug("cli account list request") kdict = {"accountlist": pms.accountList()} else: rdict = cp.requestDict() msg = "incoming CLI request: user agent" msg += " unknown!" if rdict["useragent"] is None else " {}".format( rdict["useragent"]) log.info(msg) if "role" in rdict: if rdict["role"] is None: raise DataNotFound("Role not recognised: {}".format( rdict["rolealias"])) log.debug("incoming cli request: {}".format(rdict)) kdict, rdict = chaim.buildCredentials(pms, rdict, noUrl=True) if kdict is None: emsg = "Failed to build credentials" else: chaim.incMetric("key.cli") return [emsg, kdict] except Exception as e: emsg = "doStart: Error {}: {}".format(type(e).__name__, e) log.error(emsg) chaim.incMetric("key.cli.error") return [emsg, None]
def doSnsReq(rbody, context, verstr, ep, env): """The chaim sns handler hands off to this after obtaining the wavefront key :param rbody: the request body :param context: the AWS lambda context :param verstr: the full version string :param ep: an EnvParam object :param evn: the enviroment this is operating in """ secretpath = ep.getParam("SECRETPATH", True) pms = Permissions(secretpath=secretpath, stagepath=env) cp = CommandParse(rbody, roledict=pms.roleAliasDict()) if cp.docommand: log.debug("incoming command request") chaim.doCommand(cp, pms, verstr) else: rdict = cp.requestDict() rdict["username"] = pms.userNameFromSlackIds(rdict["teamid"], rdict["slackid"]) try: log.debug("incoming sns request") kdict, rdict = chaim.buildCredentials(pms, rdict) if kdict is None: raise (Exception("Failed to build credentials.")) cmsg = "\nCredentials OK. " cmsg += "The ChatBot will send a url for account " cmsg += "{} ".format(rdict["accountname"]) cmsg += "- {} ".format(kdict["accountid"]) cmsg += "with a role of {}\n".format(rdict["role"]) chaim.sendToSlack(rdict["responseurl"], cmsg) umsg = "Account ID: {}".format(kdict["accountid"]) if rdict["stage"] == "dev": umsg += "\nAccessKeyID: {}\n".format(kdict["accesskeyid"]) umsg += "SecretKeyID: {}\n".format(kdict["secretkey"]) umsg += "Session Token: {}\n".format(kdict["sessiontoken"]) umsg += "\nLink {}\n".format(rdict["expiresstr"].lower()) chaim.incMetric("key.sns") res = chaim.sendSlackBot( pms.slackapitoken, rdict["slackusername"], umsg, kdict["url"], "{} {}".format(rdict["accountname"].upper(), rdict["role"])) if res['ok'] is False: emsg = "Sending login url to users private Slack Channel failed" emsg += ": {}".format(res) log.error(emsg) chaim.sendToSlack(rdict["responseurl"], emsg) raise (chaim.SlackSendFail(emsg)) except Exception as e: emsg = "doSnsReq error: {}: {}".format(type(e).__name__, e) log.error(emsg) chaim.sendToSlack(rdict["responseurl"], emsg)
def doStartGui(rbody, context, env, version): try: log.debug("dostartgui entry") verstr = "chaim-cligui-{}".format(env) + " " + version log.debug("{} doStartGui entered: {}".format(verstr, rbody)) parsed = parse_qs(rbody) creds = { "Credentials": { "AccessKeyId": parsed.get("accesskey")[0], "SecretAccessKey": parsed.get("secret")[0], "SessionToken": parsed.get("session")[0] } } log.debug("creds {}".format(creds)) ar = AssumedRole(creds) duration = parsed.get("duration")[0] useragent = None tmp = parsed.get("useragent") if tmp is not None: useragent = tmp[0] msg = "incoming url request: user agent: " msg += "unknown!" if useragent is None else "{}".format(useragent) log.info(msg) loginurl = ar.getLoginUrl(duration) emsg = None if loginurl is not None else "Failed to obtain a url" msg = "GUI url issued to " msg += parsed.get("username")[0] msg += " for account " msg += parsed.get("account")[0] if emsg is None: log.info(msg) chaim.incMetric("gui") else: log.error(emsg) return [emsg, {"url": loginurl}] except Exception as e: emsg = "start cli gui: {}: {}".format(type(e).__name__, e) log.error(emsg) return [emsg, None]