in src/lambdas/modular_api_handler/handler.py [0:0]
def __call__(self, event: ProcessedEvent) -> ProcessedEvent:
if event['is_system']:
return event
username = event['cognito_username']
if not username:
return event
if not event['resource']:
_LOG.warning('A request for not known resource')
return event
permission = self._mapping.get((event['resource'], event['method']))
if not permission:
_LOG.info('No permission exist for endpoint, allowing')
return event
# if cognito_username exists, cognito_customer & cognito_user_role
# exist as well
if not self._rs.is_allowed(event['cognito_customer'], event['cognito_user_role'], permission):
_LOG.info('Not allowed to access')
raise ResponseFactory(HTTPStatus.FORBIDDEN).message(
f'You don\'t have the necessary permission: {permission}'
).exc() # todo maybe return missing permission in a separate key
event['permission'] = permission
return event