stable-diffusion-aws-extension/middleware_api/lambda/roles/list_roles.py

74 lines
2.4 KiB
Python

import json
import logging
import os
from common.ddb_service.client import DynamoDbUtilsService
from common.response import ok
from libs.data_types import Role, PARTITION_KEYS
from libs.utils import get_permissions_by_username, get_user_roles
user_table = os.environ.get('MULTI_USER_TABLE')
logger = logging.getLogger(__name__)
logger.setLevel(os.environ.get('LOG_LEVEL') or logging.ERROR)
ddb_service = DynamoDbUtilsService(logger=logger)
# GET /roles?last_evaluated_key=xxx&limit=10&role=ROLE_NAME&filter=key:value,key:value
def handler(event, ctx):
logger.info(json.dumps(event))
_filter = {}
parameters = event['queryStringParameters']
requestor_name = event['requestContext']['authorizer']['username']
requestor_permissions = get_permissions_by_username(ddb_service, user_table, requestor_name)
requestor_roles = get_user_roles(ddb_service=ddb_service, user_table_name=user_table, username=requestor_name)
role = 0
if parameters:
role = parameters['role'] if 'role' in parameters and parameters['role'] else 0
last_token = None
if not role:
result = ddb_service.query_items(user_table,
key_values={
'kind': PARTITION_KEYS.role
})
scan_rows = result
if type(result) is tuple:
scan_rows = result[0]
last_token = result[1]
else:
scan_rows = ddb_service.query_items(user_table, key_values={
'kind': PARTITION_KEYS.role,
'sort_key': role
})
result = []
for row in scan_rows:
r = Role(**(ddb_service.deserialize(row)))
role_dto = {
'role_name': r.sort_key,
'creator': r.creator,
'permissions': r.permissions
}
if 'role' in requestor_permissions and 'all' in requestor_permissions['role']:
result.append(role_dto)
elif 'role' in requestor_permissions and \
'list' in requestor_permissions['role'] and r.creator == requestor_name:
result.append(role_dto)
elif r.sort_key in requestor_roles and 'role' in requestor_permissions and \
'list' in requestor_permissions['role']:
result.append(role_dto)
data = {
'roles': result,
'previous_evaluated_key': 'not_applicable',
'last_evaluated_key': last_token
}
return ok(data=data)