def delete_notifymail(trace_id, organization_id, notify_code): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # 全てのチェックを行い、エラーがあった場合はログを出力してエラーレスポンスを返します。 list_error = validate_notifymail(notify_code) if list_error: return common_utils.error_validate(MsgConst.ERR_REQUEST_201, HTTPStatus.UNPROCESSABLE_ENTITY, list_error, pm_logger) try: result = pm_orgNotifyMailDestinations.query_key( trace_id, organization_id, notify_code) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) if (not result): return common_utils.error_common(MsgConst.ERR_301, HTTPStatus.NOT_FOUND, pm_logger) try: pm_orgNotifyMailDestinations.delete(trace_id, organization_id, notify_code) except PmError as e: return common_utils.error_exception(MsgConst.ERR_DB_404, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # return response data response = common_utils.get_response_by_response_body( HTTPStatus.NO_CONTENT, None) return common_utils.response(response, pm_logger)
def get_notifyslack(trace_id, organization_id, notify_code): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # 全てのチェックを行い、エラーがあった場合はログを出力してエラーレスポンスを返します。 list_error = validate_notifyslack(notify_code) if list_error: return common_utils.error_validate(MsgConst.ERR_REQUEST_201, HTTPStatus.UNPROCESSABLE_ENTITY, list_error, pm_logger) # Slack通知設定情報を取得します。 try: result = pm_orgNotifySlack.query_key(trace_id, organization_id, notify_code, True) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) if not result: return common_utils.get_response_by_response_body(HTTPStatus.OK, []) # return data response = common_utils.get_response_by_response_body( HTTPStatus.OK, result) return common_utils.response(response, pm_logger)
def get_myorganizations(trace_id, user_id, invite_status): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # Validate list_error = common_utils.validate_invite_status(trace_id, invite_status) if list_error: return common_utils.error_validate(MsgConst.ERR_REQUEST_201, HTTPStatus.UNPROCESSABLE_ENTITY, list_error, pm_logger) try: # get list affiliations by email,email get from event affiliations = pm_affiliation.query_userid_key_invite( trace_id, user_id, int(invite_status), True) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) result = [] for affiliation in affiliations: try: # get organization by organization id organization = pm_organizations.get_organization( trace_id, affiliation["organizationId"], True) affiliation.pop('organizationId', None) affiliation['organization'] = organization result.append(affiliation) except PmError as e: return common_utils.error_exception( MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # return data response = common_utils.get_response_by_response_body( HTTPStatus.OK, affiliations) return common_utils.response(response, pm_logger)
def update_organization(trace_id, organization_id, data_body): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # Parse JSON try: body_object = json.loads(data_body) organization_name = body_object["name"] except Exception as e: return common_utils.error_exception(MsgConst.ERR_REQUEST_202, HTTPStatus.BAD_REQUEST, e, pm_logger, True) # Validate list_error = validate_update(organization_name) if list_error: return common_utils.error_validate(MsgConst.ERR_REQUEST_201, HTTPStatus.UNPROCESSABLE_ENTITY, list_error, pm_logger) # Databaseから組織情報を取得する try: organization_item = pm_organizations.get_organization( trace_id, organization_id) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) if (not organization_item): return common_utils.error_common(MsgConst.ERR_301, HTTPStatus.NOT_FOUND, pm_logger) # Update Organization attribute = {'OrganizationName': {"Value": organization_name}} updated_at = organization_item['UpdatedAt'] try: pm_organizations.update_organization(trace_id, organization_id, attribute, updated_at) except PmError as e: return common_utils.error_exception(MsgConst.ERR_DB_404, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # Get data update try: organization_result = pm_organizations.get_organization( trace_id, organization_id, True) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) response = common_utils.get_response_by_response_body( HTTPStatus.OK, organization_result) # return data response return common_utils.response(response, pm_logger)
def create_notifyslack(trace_id, organization_id, data_body): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # リクエストボディのJSONでパースエラーが発生した場合は、ログを出力してエラーレスポンスを返します。 try: body_object = json.loads(data_body) notify_code = body_object['notifyCode'] webhook_url = body_object['webhookUrl'] except Exception as e: return common_utils.error_exception(MsgConst.ERR_REQUEST_202, HTTPStatus.BAD_REQUEST, e, pm_logger, True) mentions = None if common_utils.check_key('mentions', body_object): mentions = body_object['mentions'] # バリデーションチェックを行います。 list_error = validate_notifyslack(notify_code, webhook_url) if list_error: return common_utils.error_validate(MsgConst.ERR_REQUEST_201, HTTPStatus.UNPROCESSABLE_ENTITY, list_error, pm_logger) # Slack通知設定情報を作成します。 try: pm_orgNotifySlack.create(trace_id, organization_id, notify_code, webhook_url, mentions) except PmError as e: return common_utils.error_exception(MsgConst.ERR_DB_403, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # get record created try: org_notify_slack_created = pm_orgNotifySlack.query_key( trace_id, organization_id, notify_code, True) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # return data response = common_utils.get_response_by_response_body( HTTPStatus.CREATED, org_notify_slack_created) return common_utils.response(response, pm_logger)
def create_project(trace_id, organization_id, data_body): # Get logging pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # Parse JSON try: body_object = json.loads(data_body) project_name = body_object["name"] description = body_object["description"] except Exception as e: return common_utils.error_exception(MsgConst.ERR_REQUEST_202, HTTPStatus.BAD_REQUEST, e, pm_logger, True) # Validate list_error = validate_project(trace_id, project_name) if list_error: return common_utils.error_validate(MsgConst.ERR_REQUEST_201, HTTPStatus.UNPROCESSABLE_ENTITY, list_error, pm_logger) # Create Project project_id = str(uuid.uuid4()) if common_utils.is_null(description): description = None try: pm_projects.create_projects(trace_id, project_id, project_name, description, organization_id) except PmError as e: return common_utils.error_exception(MsgConst.ERR_DB_403, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) try: project_item = pm_projects.get_projects(trace_id, project_id, convert_response=True) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # return data response response = common_utils.get_response_by_response_body( HTTPStatus.CREATED, project_item[0]) return common_utils.response(response, pm_logger)
def request_output_report(trace_id, email, organization_id, project_id, report_id, file_type): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # Validate list_error = validate_output_report(trace_id, file_type) if list_error: return common_utils.error_validate(MsgConst.ERR_REQUEST_201, HTTPStatus.UNPROCESSABLE_ENTITY, list_error, pm_logger) # レポートテーブルから、レポート情報を取得します。 try: # get report report = pm_reports.query_report_filter_organization_project( trace_id, report_id, project_id, organization_id, ReportStatus.ConvertFinish.value) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) if (not report): return common_utils.error_common(MsgConst.ERR_301, HTTPStatus.NOT_FOUND, pm_logger) # 指定のファイル形式のレポートがすでに作成済みか確認します。 if (report[0]['ExcelOutputStatus'] != ExcelStatus.Waiting.value): return common_utils.error_common(MsgConst.ERR_302, HTTPStatus.CONFLICT, pm_logger) # レポート出力ジョブの設定 job_id = [] code = 'OUTPUT_REPORT_EXCEL' response, job_id = job_report(trace_id, email, report_id, code, job_id) if response: return common_utils.response(response, pm_logger) # 取得したジョブIDをレスポンス(ステータスコード:201)として返します。 response = common_utils.get_response_by_response_body( HTTPStatus.CREATED, job_id[0]) return common_utils.response(response, pm_logger)
def get_report_url(trace_id, report_id, organization_id, project_id, file_type): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # Validate list_error = validate_output_report(trace_id, file_type) if list_error: return common_utils.error_validate(MsgConst.ERR_REQUEST_201, HTTPStatus.UNPROCESSABLE_ENTITY, list_error, pm_logger) try: report = pm_reports.query_report_filter_organization_project( trace_id, report_id, project_id, organization_id, ReportStatus.ConvertFinish) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) if not report: return common_utils.error_common(MsgConst.ERR_301, HTTPStatus.NOT_FOUND, pm_logger) if report[0]["ExcelOutputStatus"] != ExcelStatus.Finish: return common_utils.error_common(MsgConst.ERR_301, HTTPStatus.NOT_FOUND, pm_logger) try: excel_path = report[0]["ExcelPath"] bucket = os.environ.get("S3_REPORT_BUCKET") url = aws_common.generate_presigned_url(trace_id, bucket, excel_path) except PmError as e: return common_utils.error_exception(MsgConst.ERR_999, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) response_body = {"URL": url} response = common_utils.get_response_by_response_body( HTTPStatus.OK, response_body) return common_utils.response(response, pm_logger)
def count_myorganizations(trace_id, user_id, invite_status): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # Validate list_error = common_utils.validate_invite_status(trace_id, invite_status) if list_error: return common_utils.error_validate(MsgConst.ERR_REQUEST_201, HTTPStatus.UNPROCESSABLE_ENTITY, list_error, pm_logger) try: count = pm_affiliation.query_userid_key_invite_count( trace_id, user_id, int(invite_status)) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) response_body = {"count": count} response = common_utils.get_response_by_response_body( HTTPStatus.OK, response_body) return common_utils.response(response, pm_logger)
def get_list_users(trace_id, organization_id, invite_status): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # Validate if not common_utils.is_null(invite_status): list_error = common_utils.validate_invite_status( trace_id, invite_status) if list_error: return common_utils.error_validate(MsgConst.ERR_REQUEST_201, HTTPStatus.UNPROCESSABLE_ENTITY, list_error, pm_logger) try: users = pm_affiliation.query_users_organization_index( trace_id, organization_id, invite_status, convert_response=True) except PmError as err: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, err, pm_logger, True) # response when do success response = common_utils.get_response_by_response_body(HTTPStatus.OK, users) return common_utils.response(response, pm_logger)
def update_project(trace_id, project_id, organization_id, data_body): # Get logging pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # Parse JSON try: body_object = json.loads(data_body) project_name = body_object["name"] description = body_object["description"] except Exception as e: return common_utils.error_exception(MsgConst.ERR_REQUEST_202, HTTPStatus.BAD_REQUEST, e, pm_logger, True) # Validate list_error = validate_project(trace_id, project_name) if list_error: return common_utils.error_validate(MsgConst.ERR_REQUEST_201, HTTPStatus.UNPROCESSABLE_ENTITY, list_error, pm_logger) # Get project try: project_item = pm_projects.get_projects_by_organization_id( trace_id, project_id, organization_id) except PmError as err: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, err, pm_logger, True) if not project_item: return common_utils.error_common(MsgConst.ERR_301, HTTPStatus.NOT_FOUND, pm_logger) # update project if common_utils.is_null(description): description = None attribute = { 'ProjectName': { "Value": project_name }, 'Description': { "Value": description } } updated_at = project_item[0]['UpdatedAt'] try: pm_projects.update_project(trace_id, project_id, attribute, updated_at) except PmError as err: return common_utils.error_exception(MsgConst.ERR_DB_404, HTTPStatus.INTERNAL_SERVER_ERROR, err, pm_logger, True) # Get data update try: project_result = pm_projects.get_projects(trace_id, project_id, convert_response=True) except PmError as err: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, err, pm_logger, True) response = common_utils.get_response_by_response_body( HTTPStatus.OK, project_result[0]) # return data response return common_utils.response(response, pm_logger)
def update_awscoop(trace_id, project_id, organization_id, coop_id, data_body): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # Parse JSON try: body_object = json.loads(data_body) aws_account = body_object["awsAccount"] role_name = body_object["roleName"] description = body_object["description"] aws_account_name = body_object['awsAccountName'] except Exception as e: return common_utils.error_exception(MsgConst.ERR_REQUEST_202, HTTPStatus.BAD_REQUEST, e, pm_logger, True) # Validate list_error = validate_update_awscoop(aws_account, role_name) if list_error: return common_utils.error_validate(MsgConst.ERR_REQUEST_201, HTTPStatus.UNPROCESSABLE_ENTITY, list_error, pm_logger) # Get data AWSアカウント連携 try: awscoops_item = pm_awsAccountCoops.get_awscoops_update( trace_id, coop_id, project_id, organization_id) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # 組織情報を取得します。 if awscoops_item is None: return common_utils.error_common(MsgConst.ERR_301, HTTPStatus.NOT_FOUND, pm_logger) # ロールのアクセス確認 if common_utils.is_null(description): description = None if common_utils.is_null(aws_account_name): aws_account_name = None external_id = awscoops_item['ExternalID'] effective = Effective.Disable.value members = None if (checkaccess.check_access_to_aws(trace_id, aws_account, role_name, external_id)): effective = Effective.Enable.value # IAMクライアントを用いて、IAMロールcm-membersportalを取得します。 try: session = aws_common.create_session_client(trace_id, aws_account, role_name, external_id) members = IAMUtils.get_membership_aws_account( trace_id, session, aws_account) except PmError as e: common_utils.write_log_pm_error(e, pm_logger, exc_info=True) # update project attribute = { 'AWSAccount': { "Value": aws_account }, 'RoleName': { "Value": role_name }, 'Description': { "Value": description }, 'Effective': { "Value": effective }, 'AWSAccountName': { "Value": aws_account_name } } if (members is not None): attribute['Members'] = {"Value": members} updated_at = awscoops_item['UpdatedAt'] try: pm_awsAccountCoops.update_awscoops(trace_id, coop_id, attribute, updated_at) except PmError as e: return common_utils.error_exception(MsgConst.ERR_DB_403, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # Get data response try: awscoops_item = pm_awsAccountCoops.query_awscoop_coop_key( trace_id, coop_id, convert_response=True) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # return data response response = common_utils.get_response_by_response_body( HTTPStatus.OK, awscoops_item) return common_utils.response(response, pm_logger)
def create_excluded_resources(trace_id, user_id, organization_id, project_id, coop_id, check_item_code, email, data_body): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # AWSアカウントAWSAccountは、AWSアカウント連携テーブルに、AWSアカウント連携ID{coop_id}をキーとしてクエリを実行します。 try: awscoops_item = pm_awsAccountCoops.query_awscoop_coop_key( trace_id, coop_id) except Exception as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # 有効なAWSアカウントが存在しなかった場合(取得件数が0件) if (not awscoops_item): return common_utils.error_common(MsgConst.ERR_AWS_401, HTTPStatus.UNPROCESSABLE_ENTITY, pm_logger) # チェック項目コード if check_item_code not in LIST_CHECK_ITEM_CODE_EXCLUDED_RESOURCE: return common_utils.error_common(MsgConst.ERR_AWS_401, HTTPStatus.UNPROCESSABLE_ENTITY, pm_logger) # リクエストボディのJSONでパースエラーが発生した場合は、エラーログを出力してエラーレスポンスを返します。 try: body_object = json.loads(data_body) except Exception as e: return common_utils.error_exception(MsgConst.ERR_REQUEST_202, HTTPStatus.BAD_REQUEST, e, pm_logger, True) region_name = common_utils.get_value("regionName", body_object, None) resource_type = common_utils.get_value("resourceType", body_object, None) resource_name = common_utils.get_value("resourceName", body_object, None) exclusion_comment = common_utils.get_value("exclusionComment", body_object, None).strip() # 全てのチェックを行い、エラーがあった場合はエラーログを出力してエラーレスポンスを返します。 list_error = validate_create_excluded_resources(region_name, resource_type, resource_name, exclusion_comment) if list_error: return common_utils.error_validate(MsgConst.ERR_REQUEST_201, HTTPStatus.UNPROCESSABLE_ENTITY, list_error, pm_logger) aws_account = awscoops_item['AWSAccount'] check_item_refine_code = CommonConst.CHECK_ITEM_REFINE_CODE.format( organization_id, project_id, aws_account, check_item_code) try: excluded_resource = pm_exclusionResources.query_filter_region_name_and_resource_name( trace_id, check_item_refine_code, region_name, resource_type, resource_name) except Exception as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) if not excluded_resource: exclusion_resource_id = common_utils.get_uuid4() account_refine_code = CommonConst.ACCOUNT_REFINE_CODE.format( organization_id, project_id, aws_account) time_to_live_date = date_utils.get_current_date() + timedelta(days=180) time_to_live = Decimal(time_to_live_date.timestamp()) # リソース除外設定テーブルに除外設定レコードを作成します。 try: pm_exclusionResources.create( user_id, exclusion_resource_id, organization_id, project_id, aws_account, check_item_code, region_name, resource_type, resource_name, exclusion_comment, email, account_refine_code, check_item_refine_code, time_to_live) except Exception as e: return common_utils.error_exception( MsgConst.ERR_DB_403, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) else: exclusion_resource_id = excluded_resource[0]["ExclusionResourceID"] attribute = {'ExclusionComment': {"Value": exclusion_comment}} try: pm_exclusionResources.update(trace_id, exclusion_resource_id, attribute) except Exception as e: return common_utils.error_exception( MsgConst.ERR_DB_404, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) try: excluded_resource_new = pm_exclusionResources.query_key( trace_id, exclusion_resource_id, True) except Exception as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # return response data response = common_utils.get_response_by_response_body( HTTPStatus.CREATED, excluded_resource_new) return common_utils.response(response, pm_logger)
def delete_excluded_resources(trace_id, organization_id, project_id, check_item_code, coop_id, region_name, resource_type, resource_name): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # validate param query string of delete exclusion resource list_error = validate_excluded_resources(region_name, resource_type, resource_name, is_query_string=True) if list_error: return common_utils.error_validate(MsgConst.ERR_REQUEST_201, HTTPStatus.UNPROCESSABLE_ENTITY, list_error, pm_logger) # リソース関連性のバリデーションチェックを行います。 try: awscoop_item = pm_awsAccountCoops.query_awscoop_coop_key( trace_id, coop_id) except Exception as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) if not awscoop_item: return common_utils.error_common(MsgConst.ERR_AWS_401, HTTPStatus.UNPROCESSABLE_ENTITY, pm_logger) check_item_refine_code = CommonConst.CHECK_ITEM_REFINE_CODE.format( organization_id, project_id, awscoop_item['AWSAccount'], check_item_code) # リソース除外設定情報を取得します。 try: exclusion_resources = pm_exclusionResources.query_check_item_refine_code( trace_id, check_item_refine_code) except Exception as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) if not exclusion_resources: return common_utils.error_common(MsgConst.ERR_301, HTTPStatus.NOT_FOUND, pm_logger) patern_filter_data = "[?RegionName == '{0}' && ResourceType == '{1}' && ResourceName == '{2}']".format( region_name, resource_type, resource_name) list_exclusion_resource_delete = jmespath.search(patern_filter_data, exclusion_resources) if len(list_exclusion_resource_delete) == 0: return common_utils.error_common(MsgConst.ERR_301, HTTPStatus.NOT_FOUND, pm_logger) # リソース除外設定情報を削除します。 for exclusion_resource_delete in list_exclusion_resource_delete: try: pm_exclusionResources.delete( trace_id, exclusion_resource_delete['ExclusionResourceID']) except Exception as e: return common_utils.error_exception( MsgConst.ERR_DB_405, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # return response data response = common_utils.get_response_by_response_body( HTTPStatus.NO_CONTENT, None) return common_utils.response(response, pm_logger)
def create_organization(trace_id, email, data_body): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # Parse JSON try: body_object = json.loads(data_body) organization_name = body_object["name"] contract = body_object["contract"] contract_status = body_object["contractStatus"] except Exception as e: return common_utils.error_exception(MsgConst.ERR_REQUEST_202, HTTPStatus.BAD_REQUEST, e, pm_logger, True) # Validate list_error = validate_insert(organization_name, contract, contract_status) if list_error: return common_utils.error_validate(MsgConst.ERR_REQUEST_201, HTTPStatus.UNPROCESSABLE_ENTITY, list_error, pm_logger) # Create Organization organization_id = str(uuid.uuid4()) try: pm_organizations.create_organization(trace_id, organization_id, organization_name, contract, contract_status) except PmError as e: return common_utils.error_exception(MsgConst.ERR_DB_403, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # Create Affiliation try: pm_affiliation.create_affiliation(trace_id, email, trace_id, organization_id, Authority.Owner.value, InvitationStatus.Belong.value) except PmError as e: # Delete Organizations pm_organizations.delete_organization(trace_id, organization_id) # 例外スタックトレースをログに出力する。 return common_utils.error_exception(MsgConst.ERR_DB_403, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # 組織情報を取得します。 try: organization_item = pm_organizations.get_organization( trace_id, organization_id, True) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) response = common_utils.get_response_by_response_body( HTTPStatus.CREATED, organization_item) # return data response return common_utils.response(response, pm_logger)
def update_authority(trace_id, organization_id, user_id, data_body): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # Parse JSON try: body_object = json.loads(data_body) authority = body_object["authority"] except Exception as e: return common_utils.error_exception(MsgConst.ERR_REQUEST_202, HTTPStatus.BAD_REQUEST, e, pm_logger, True) # Validate list_error = common_utils.validate_authority(trace_id, authority) if list_error: return common_utils.error_validate(MsgConst.ERR_REQUEST_201, HTTPStatus.UNPROCESSABLE_ENTITY, list_error, pm_logger) # check the update condition if user_id == trace_id and authority != Authority.Owner.value: try: count = pm_affiliation.query_users_check_authority_count( trace_id, user_id, organization_id, Authority.Owner) except PmError as e: return common_utils.error_exception( MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) if count == 0: return common_utils.error_common(MsgConst.ERR_REQUEST_203, HTTPStatus.PRECONDITION_FAILED, pm_logger) # get user to update try: user = pm_affiliation.query(user_id, organization_id) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) if not user: return common_utils.error_common(MsgConst.ERR_301, HTTPStatus.NOT_FOUND, pm_logger) # update user authority attribute = {'Authority': {"Value": authority}} updated_at = user[0]['UpdatedAt'] try: pm_affiliation.update_affiliation(trace_id, user_id, organization_id, attribute, updated_at) except PmError as err: return common_utils.error_exception(MsgConst.ERR_DB_404, HTTPStatus.INTERNAL_SERVER_ERROR, err, pm_logger, True) # Get data update try: user_result = pm_affiliation.get_affiliation(user_id, organization_id, True) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) response = common_utils.get_response_by_response_body( HTTPStatus.OK, user_result) # return data response return common_utils.response(response, pm_logger)
def create_notifymail(trace_id, organization_id, data_body): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # リクエストボディのJSONでパースエラーが発生した場合は、ログを出力してエラーレスポンスを返します。 try: body_object = json.loads(data_body) notify_code = body_object["notifyCode"] users = body_object["users"] except Exception as e: return common_utils.error_exception(MsgConst.ERR_REQUEST_202, HTTPStatus.BAD_REQUEST, e, pm_logger, True) # 全てのチェックを行い、エラーがあった場合はログを出力してエラーレスポンスを返します。 list_error = validate_notifymail(notify_code, users) if list_error: return common_utils.error_validate(MsgConst.ERR_REQUEST_201, HTTPStatus.UNPROCESSABLE_ENTITY, list_error, pm_logger) # 宛先ユーザーのメールアドレスを取得します。 destinations = [] for user_id in users: try: affiliation = pm_affiliation.get_affiliation( user_id, organization_id) except PmError as e: return common_utils.error_exception( MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # レコードが取得できなかった場合、そのユーザーは宛先ユーザーから除外します。 if (not affiliation): continue # 宛先ユーザー配列は、ユーザーIDとメールアドレスを属性として持つオブジェクトの配列として表現します。 destination = { "UserID": user_id, "MailAddress": affiliation['MailAddress'] } destinations.append(destination) if len(destinations) == 0: list_error = [] list_error.append( common_utils.get_error_validate(MsgConst.ERR_VAL_999, "users", users)) return common_utils.error_validate(MsgConst.ERR_REQUEST_201, HTTPStatus.UNPROCESSABLE_ENTITY, list_error, pm_logger) # 宛先情報を作成します。 try: pm_orgNotifyMailDestinations.create(trace_id, organization_id, notify_code, destinations) except PmError as e: return common_utils.error_exception(MsgConst.ERR_DB_403, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # 宛先情報を取得します。 try: result = pm_orgNotifyMailDestinations.query_key( trace_id, organization_id, notify_code, True) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) response = common_utils.get_response_by_response_body( HTTPStatus.CREATED, result) # return data response return common_utils.response(response, pm_logger)
def apply_change_email(user_id, mail_before_change, data_body): pm_logger = common_utils.begin_logger(user_id, __name__, inspect.currentframe()) # Parse JSON try: body_object = json.loads(data_body) except Exception as e: return common_utils.error_exception(MsgConst.ERR_REQUEST_202, HTTPStatus.BAD_REQUEST, e, pm_logger, True) mail_after_change = common_utils.get_value("mailAddress", body_object, None) caller_service_name = common_utils.get_value("callerServiceName", body_object, None) mail_lang = common_utils.get_value("mailLang", body_object, None) # validate list_errors = validate_param_apply_change_email(user_id, mail_lang, caller_service_name, mail_before_change) if list_errors: return common_utils.error_validate(MsgConst.ERR_REQUEST_201, HTTPStatus.UNPROCESSABLE_ENTITY, list_errors, pm_logger) # Cognito UserPoolsから変更するメールアドレス{mailaddress}に該当するユーザー情報情報を取得します。 try: list_users = aws_common.get_cognito_user_pools(user_id, mail_after_change, "email") except PmError as e: return common_utils.error_exception(MsgConst.ERR_COGNITO_501, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) if list_users: return common_utils.error_common(MsgConst.ERR_302, HTTPStatus.CONFLICT, pm_logger) # メールアドレス変更申請テーブルから申請レコードを取得します。 try: list_email_change_apply = pm_emailChangeApply.query_user_index(user_id) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) if list_email_change_apply: return common_utils.error_common(MsgConst.ERR_302, HTTPStatus.CONFLICT, pm_logger) # メールアドレス変更申請テーブルに申請レコードを作成します。 apply_id = common_utils.get_uuid4() time_to_live = common_utils.get_time_to_live( CommonConst.EMAIL_CHANGE_APPLY_EXPIRATION_DATE) try: pm_emailChangeApply.create(user_id, apply_id, mail_before_change, mail_after_change, time_to_live, caller_service_name) except PmError as e: return common_utils.error_exception(MsgConst.ERR_DB_403, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # get record PM_EmailChangeApply try: result = pm_emailChangeApply.query_key(user_id, apply_id, convert_response=True) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # S3から通知メール送信設定ファイルを取得します。 try: config = FileUtils.read_yaml(user_id, CommonConst.S3_SETTING_BUCKET, CommonConst.NOTIFY_CONFIG_CIS_RESULT_MAIL) except PmError as e: pm_logger.error( "メールアドレス変更通知メール送信設定ファイルの取得に失敗しました。:s3://%s/%s", common_utils.get_environ(CommonConst.S3_SETTING_BUCKET), CommonConst.NOTIFY_CONFIG_CIS_RESULT_MAIL) return common_utils.error_exception(MsgConst.ERR_S3_702, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) path_file_template = config[ CommonConst.KEY_GET_PATH_FILE_TEMPLATE_MAIL_SERVICE.format( language=mail_lang, serviceName=caller_service_name)] # 通知メール本文を作成 try: template_body_mail = FileUtils.read_decode( user_id, CommonConst.S3_SETTING_BUCKET, path_file_template) except PmError as e: pm_logger.error( "メールアドレス変更通知メール本文テンプレートファイルの取得に失敗しました。:s3://%s/%s", common_utils.get_environ(CommonConst.S3_SETTING_BUCKET), path_file_template) return common_utils.error_exception(MsgConst.ERR_S3_702, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # SESで通知メールを送信します。 bcc_addresses = [mail_after_change] template_body_mail = Template(template_body_mail) body_mail = template_body_mail.render(ApplyID=apply_id) mail_subject = config[CommonConst.KEY_MAIL_SUBJECT_SERVICE.format( language=mail_lang, serviceName=caller_service_name)] mail_form = config[CommonConst.KEY_MAIL_FROM_SERVICE.format( serviceName=caller_service_name)] try: aws_common.send_email(user_id, config['ses.region'], mail_form, bcc_addresses, mail_subject, body_mail) except PmError as e: pm_logger.error("通知メール送信に失敗しました。") return common_utils.error_exception(MsgConst.ERR_SES_801, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # return data response response = common_utils.get_response_by_response_body( HTTPStatus.CREATED, result) return common_utils.response(response, pm_logger)
def create_invite(trace_id, organization_id, data_body): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) attributesToGet = "email_verified" key = "Name" value = "Value" # Parse JSON try: body_object = json.loads(data_body) mail_address = body_object["mailAddress"] authority = body_object["authority"] except Exception as e: return common_utils.error_exception(MsgConst.ERR_REQUEST_202, HTTPStatus.BAD_REQUEST, e, pm_logger, True) # validate authority list_error = validate_params_invite(trace_id, mail_address, authority) if list_error: return common_utils.error_validate(MsgConst.ERR_REQUEST_201, HTTPStatus.UNPROCESSABLE_ENTITY, list_error, pm_logger) # get list cognito users try: list_users = aws_common.get_cognito_user_pools(trace_id, mail_address, attributesToGet) if len(list_users) == 0: list_error = [] list_error.append( common_utils.get_error_validate(MsgConst.ERR_VAL_999, "mail_address", mail_address)) return common_utils.error_validate(MsgConst.ERR_REQUEST_201, HTTPStatus.UNPROCESSABLE_ENTITY, list_error, pm_logger) list_user_verified = [] for user in list_users: # get value of key email_verified in attribute for user_attr in user["Attributes"]: if common_utils.check_key( key, user_attr) and user_attr[key] == attributesToGet: email_verified = user_attr[value] # check email_verified is true if email_verified == "true": list_user_verified.append(user["Username"]) if len(list_user_verified) == 0: list_error = [] list_error.append( common_utils.get_error_validate(MsgConst.ERR_VAL_999, "mail_address", mail_address)) return common_utils.error_validate(MsgConst.ERR_REQUEST_201, HTTPStatus.UNPROCESSABLE_ENTITY, list_error, pm_logger) except PmError as e: return common_utils.error_exception(MsgConst.ERR_COGNITO_501, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # get affiliation try: user_id = list_user_verified[0] affiliation = pm_affiliation.get_affiliation(user_id, organization_id) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) if affiliation and affiliation["InvitationStatus"] != InvitationStatus.Deny: return common_utils.error_common(MsgConst.ERR_302, HTTPStatus.CONFLICT, pm_logger) # get organization try: organization = pm_organizations.get_organization( trace_id, organization_id) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) if not organization: return common_utils.error_common(MsgConst.ERR_301, HTTPStatus.NOT_FOUND, pm_logger) # create affiliation try: pm_affiliation.create_affiliation(trace_id, mail_address, user_id, organization_id, authority, InvitationStatus.Invited) except PmError as e: return common_utils.error_exception(MsgConst.ERR_DB_403, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # get affiliation just create new to response try: affiliation_created = pm_affiliation.get_affiliation( user_id, organization_id, True) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) response = common_utils.get_response_by_response_body( HTTPStatus.CREATED, affiliation_created) # return data response return common_utils.response(response, pm_logger)
def create_excluesion_item(trace_id, user_id, organization_id, project_id, email, check_item_code, coop_id, data_body): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # リソース関連性のバリデーションチェックを行います。 try: awscoop_item = pm_awsAccountCoops.query_awscoop_coop_key( trace_id, coop_id) except Exception as err: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, err, pm_logger, True) if not awscoop_item: return common_utils.error_common(MsgConst.ERR_AWS_401, HTTPStatus.UNPROCESSABLE_ENTITY, pm_logger) # リクエストボディのJSONでパースエラーが発生した場合は、エラーログを出力してエラーレスポンスを返します。 try: body_object = json.loads(data_body) exclusion_comment = body_object["exclusionComment"].strip() except Exception as err: return common_utils.error_exception(MsgConst.ERR_REQUEST_202, HTTPStatus.BAD_REQUEST, err, pm_logger, True) # 全てのチェックを行い、エラーがあった場合はエラーログを出力してエラーレスポンスを返します。 list_error = validate_insert(exclusion_comment) if list_error: return common_utils.error_validate(MsgConst.ERR_REQUEST_201, HTTPStatus.UNPROCESSABLE_ENTITY, list_error, pm_logger) # チェック項目除外設定テーブルに除外設定レコードを作成します。 aws_account = awscoop_item['AWSAccount'] exclusion_item_id = CommonConst.EXCLUSIONITEM_ID.format( organization_id, project_id, aws_account, check_item_code) account_refine_code = CommonConst.ACCOUNT_REFINE_CODE.format( organization_id, project_id, aws_account) time_to_live_date = date_utils.get_current_date() + timedelta(days=180) time_to_live = Decimal(time_to_live_date.timestamp()) try: pm_exclusionitems.create(trace_id, exclusion_item_id, organization_id, project_id, aws_account, check_item_code, time_to_live, exclusion_comment, user_id, email, account_refine_code) except Exception as e: return common_utils.error_common(MsgConst.ERR_DB_403, HTTPStatus.INTERNAL_SERVER_ERROR, pm_logger) try: exclusion_item = pm_exclusionitems.query_key(trace_id, exclusion_item_id, True) except Exception as err: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, err, pm_logger, True) # return response data response = common_utils.get_response_by_response_body( HTTPStatus.CREATED, exclusion_item) return common_utils.response(response, pm_logger)
def execute_force_invites(trace_id, body_object, organization_id): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # parse json try: body_object_json = json.loads(body_object) except Exception as e: return common_utils.error_exception(MsgConst.ERR_REQUEST_202, HTTPStatus.BAD_REQUEST, e, pm_logger, True) caller_service_name = common_utils.get_value("callerServiceName", body_object_json, None) mail_lang = common_utils.get_value("mailLang", body_object_json, None) mail_address = common_utils.get_value("mailAddress", body_object_json, None) authority = common_utils.get_value("authority", body_object_json, None) # validate param execute invite unregistered list_error = validate_param_invite_unregistered_user( trace_id, mail_lang, caller_service_name, mail_address, authority) if list_error: return common_utils.error_validate(MsgConst.ERR_REQUEST_201, HTTPStatus.UNPROCESSABLE_ENTITY, list_error, pm_logger) # get list cognito users try: list_users = aws_common.get_cognito_user_pools(trace_id, mail_address) except PmError as e: return common_utils.error_exception(MsgConst.ERR_COGNITO_501, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) if list_users: return common_utils.error_common(MsgConst.ERR_302, HTTPStatus.CONFLICT, pm_logger) # regist Cognito UserPools temporary_password = '' pattern = re.compile(CommonConst.FORMAT_PASSWORD_TEMPORARY) while pattern.match(temporary_password) is None: temporary_password = common_utils.get_password_temporary( CommonConst.NUMBER_CHARACTERS_PASSWORD_TEMPORARY) user_attributes = [{"Name": "email", "Value": mail_address}] user_name = common_utils.get_uuid4() message_action = MessageAction.Suppress try: aws_common.process_admin_create_user_pools(trace_id, user_name, user_attributes, temporary_password, message_action) except PmError as e: return common_utils.error_exception(MsgConst.ERR_COGNITO_501, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # enable confirm email try: user_attributes = [{'Name': 'email_verified', 'Value': 'true'}] aws_common.update_cognito_user_attributes(trace_id, user_name, user_attributes) except PmError as e: return common_utils.error_exception(MsgConst.ERR_COGNITO_501, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # get affiliation try: affiliation = pm_affiliation.get_affiliation(user_name, organization_id) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) if affiliation and affiliation["InvitationStatus"] != InvitationStatus.Deny: return common_utils.error_common(MsgConst.ERR_302, HTTPStatus.CONFLICT, pm_logger) # get organization try: organization = pm_organizations.get_organization( trace_id, organization_id) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) if len(organization) == 0: return common_utils.error_common(MsgConst.ERR_301, HTTPStatus.NOT_FOUND, pm_logger) # create affiliation try: pm_affiliation.create_affiliation(trace_id, mail_address, user_name, organization_id, authority, InvitationStatus.Invited) except PmError as e: return common_utils.error_exception(MsgConst.ERR_DB_403, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # Get data affiliation try: affiliation_result = pm_affiliation.get_affiliation( user_name, organization_id, True) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # Get data user_attribute try: user_attribute = pm_userAttribute.query_key(trace_id) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # S3から通知メール送信設定ファイルを取得します。 try: config = FileUtils.read_yaml(trace_id, CommonConst.S3_SETTING_BUCKET, CommonConst.NOTIFY_CONFIG_CIS_RESULT_MAIL) except PmError as e: pm_logger.error("メール送信設定ファイルの取得に失敗しました。:s3://{0}/{1}".format( common_utils.get_environ(CommonConst.S3_SETTING_BUCKET), CommonConst.NOTIFY_CONFIG_CIS_RESULT_MAIL)) return common_utils.error_exception(MsgConst.ERR_S3_702, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # メッセージ本文を作成します。 path_file_template = config[ CommonConst.KEY_GET_PATH_FILE_TEMPLATE_USER_INVITE_MAIL.format( language=mail_lang, serviceName=caller_service_name)] try: template_body_mail = FileUtils.read_decode( trace_id, CommonConst.S3_SETTING_BUCKET, path_file_template) except PmError as e: pm_logger.error("招待メール本文テンプレートファイルの取得に失敗しました。:s3://{0}/{1}".format( common_utils.get_environ(CommonConst.S3_SETTING_BUCKET), path_file_template)) return common_utils.error_exception(MsgConst.ERR_S3_702, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # SESで通知メールを送信します。 bcc_addresses = [mail_address] user_name_sign_in = common_utils.get_value("UserName", user_attribute, None) if not user_name_sign_in: try: affiliation_sign_in = pm_affiliation.get_affiliation( trace_id, organization_id) except PmError as e: return common_utils.error_exception( MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) user_name_sign_in = common_utils.get_value("MailAddress", affiliation_sign_in, None) organization_name = common_utils.get_value("OrganizationName", organization, None) time_zone = date_utils.get_time_zone_by_language(mail_lang) time_to_live_date = date_utils.get_current_date() + timedelta(days=6) time_to_live = date_utils.toString(time_to_live_date, date_utils.PATTERN_YYYYMMDD_SLASH, time_zone) template_body_mail = Template(template_body_mail) context = { 'mailAddress': mail_address, 'userName': user_name_sign_in, 'organizationName': organization_name, 'temporaryPassword': temporary_password, 'timeToLive': time_to_live } body_mail = template_body_mail.render(context) mail_subject = config[CommonConst.KEY_MAIL_SUBJECT_USER_INVITE.format( language=mail_lang, serviceName=caller_service_name)] mail_from = config[CommonConst.KEY_INVITE_MAIL_FROM_SERVICE.format( serviceName=caller_service_name)] ses_region = config['ses.region'] try: aws_common.send_email(user_name, ses_region, mail_from, bcc_addresses, mail_subject, body_mail) except PmError as e: pm_logger.error("通知メール送信に失敗しました。") return common_utils.error_exception(MsgConst.ERR_SES_801, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) response = common_utils.get_response_by_response_body( HTTPStatus.CREATED, affiliation_result) # return data response return common_utils.response(response, pm_logger)
def create_report(trace_id, email, organization_id, project_id, data_body): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) try: project = pm_projects.get_projects_by_organization_id( trace_id, project_id, organization_id) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # 組織情報を取得します。 if (not project): return common_utils.error_common(MsgConst.ERR_AWS_401, HTTPStatus.UNPROCESSABLE_ENTITY, pm_logger) # Parse JSON try: body_object = json.loads(data_body) report_name = body_object["name"] aws_accounts = body_object["awsAccounts"] output_file_type = body_object["outputFileType"] except Exception as e: return common_utils.error_exception(MsgConst.ERR_REQUEST_202, HTTPStatus.BAD_REQUEST, e, pm_logger, True) # Validate list_error = validate_report(trace_id, report_name, aws_accounts, output_file_type) if list_error: return common_utils.error_validate(MsgConst.ERR_REQUEST_201, HTTPStatus.UNPROCESSABLE_ENTITY, list_error, pm_logger) # Create report report_id = common_utils.get_uuid4() status = Status.Waiting.value html_output_status = Status.Waiting.value excel_output_status = Status.Waiting.value schema_version = CommonConst.SCHEMA_VERSION try: pm_reports.create_report(trace_id, report_id, report_name, email, aws_accounts, status, None, None, None, html_output_status, None, None, excel_output_status, None, None, schema_version, organization_id, project_id) except PmError as e: return common_utils.error_exception(MsgConst.ERR_DB_403, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # AWS利用状況情報収集ジョブの設定 # レポート中間ファイル作成ジョブの設定 # レポート出力ジョブの設定 codes = [ 'COLLECT_AWS_RESOURCE_INFO', 'OUTPUT_REPORT_JSON', 'OUTPUT_REPORT_EXCEL' ] job_id = [] for code in codes: response, job_id = job_report(trace_id, email, report_id, code, job_id) if response: # Delete report pm_reports.delete_reports(trace_id, report_id) return response try: report = pm_reports.query_report(trace_id, report_id, True) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # return data response response = common_utils.get_response_by_response_body( HTTPStatus.CREATED, report) return common_utils.response(response, pm_logger)
def update_user_attributes(user_id, data_body): pm_logger = common_utils.begin_logger(user_id, __name__, inspect.currentframe()) try: body_object = json.loads(data_body) except Exception as e: return common_utils.error_exception(MsgConst.ERR_REQUEST_202, HTTPStatus.BAD_REQUEST, e, pm_logger, True) try: user = pm_userAttribute.query_key(user_id) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) user_name = get_data_json_by_key("userName", body_object) company_name = get_data_json_by_key("companyName", body_object) department_name = get_data_json_by_key("departmentName", body_object) company_flg = common_utils.get_value("companyFlg", body_object, None) country_code = get_data_json_by_key("countryCode", body_object) caller_service_name = common_utils.get_value("callerServiceName", body_object, None) # validate param info user attribute list_error = validate_info_user_attribute(caller_service_name) if list_error: return common_utils.error_validate(MsgConst.ERR_REQUEST_201, HTTPStatus.UNPROCESSABLE_ENTITY, list_error, pm_logger) if user is None: # Create User try: pm_userAttribute.create(user_id, user_name, company_name, department_name, MailStatus.Normal, company_flg, country_code, caller_service_name) except PmError as e: return common_utils.error_exception( MsgConst.ERR_DB_403, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) else: # Update User attribute = { 'UserName': { "Value": user_name }, 'CompanyName': { "Value": company_name }, 'DepartmentName': { "Value": department_name } } if company_flg is not None: attribute['CompanyFlg'] = {"Value": company_flg} if country_code is not None: attribute['CountryCode'] = {"Value": country_code} try: pm_userAttribute.update(user_id, attribute) except PmError as e: return common_utils.error_exception( MsgConst.ERR_DB_404, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # Get data response try: user = pm_userAttribute.query_key(user_id, True) except PmError as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # return data response response = common_utils.get_response_by_response_body(HTTPStatus.OK, user) return common_utils.response(response, pm_logger)
def create_assessment_item(trace_id, user_id, organization_id, project_id, coop_id, check_item_code, email, data_body): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # AWSアカウントAWSAccountは、AWSアカウント連携テーブルに、AWSアカウント連携ID{coop_id}をキーとしてクエリを実行します。 try: awscoops_item = pm_awsAccountCoops.query_awscoop_coop_key( trace_id, coop_id) except Exception as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # 有効なAWSアカウントが存在しなかった場合(取得件数が0件) if (not awscoops_item): return common_utils.error_common(MsgConst.ERR_AWS_401, HTTPStatus.UNPROCESSABLE_ENTITY, pm_logger) # リクエストボディのJSONでパースエラーが発生した場合は、エラーログを出力してエラーレスポンスを返します。 try: body_object = json.loads(data_body) assessment_comment = body_object["assessmentComment"].strip() except Exception as e: return common_utils.error_exception(MsgConst.ERR_REQUEST_202, HTTPStatus.BAD_REQUEST, e, pm_logger, True) # 全てのチェックを行い、エラーがあった場合はエラーログを出力してエラーレスポンスを返します。 list_error = validate_insert_assessment(check_item_code, assessment_comment) if list_error: return common_utils.error_validate(MsgConst.ERR_REQUEST_201, HTTPStatus.UNPROCESSABLE_ENTITY, list_error, pm_logger) # 評価結果テーブルに評価レコードを作成します。 aws_account = awscoops_item['AWSAccount'] assessment_item_id = CommonConst.ASSESSMENTITEM_ID.format( organization_id, project_id, aws_account, check_item_code) account_refine_code = CommonConst.ACCOUNT_REFINE_CODE.format( organization_id, project_id, aws_account) time_to_live_date = date_utils.get_current_date() + timedelta(days=180) time_to_live = Decimal(time_to_live_date.timestamp()) try: pm_assessmentItems.create(trace_id, assessment_item_id, organization_id, project_id, aws_account, check_item_code, time_to_live, assessment_comment, user_id, email, account_refine_code) except Exception: return common_utils.error_common(MsgConst.ERR_DB_403, HTTPStatus.INTERNAL_SERVER_ERROR, pm_logger) try: assessment_item = pm_assessmentItems.query_key(trace_id, assessment_item_id, True) except Exception as e: return common_utils.error_exception(MsgConst.ERR_402, HTTPStatus.INTERNAL_SERVER_ERROR, e, pm_logger, True) # return response data response = common_utils.get_response_by_response_body( HTTPStatus.CREATED, assessment_item) return common_utils.response(response, pm_logger)