def post()

in src/lambdas/r8s_api_handler/processors/role_processor.py [0:0]

• 60 lines of code
• 7 McCabe index (conditional complexity)

    def post(self, event):
        _LOG.debug(f'Create role event: {event}')
        validate_params(event, (NAME_ATTR, EXPIRATION_ATTR, POLICIES_ATTR))

        expiration = event.get(EXPIRATION_ATTR)
        error = self._validate_expiration(value=expiration)
        if error:
            return build_response(
                code=RESPONSE_BAD_REQUEST_CODE,
                content=error
            )

        role_name = event.get(NAME_ATTR)
        policies = event.get(POLICIES_ATTR)

        if not isinstance(policies, list) and \
                not all([isinstance(i, str) for i in policies]):
            _LOG.error(f'\'{POLICIES_ATTR}\' attribute must be a list of '
                       f'strings.')
            return build_response(
                code=RESPONSE_BAD_REQUEST_CODE,
                content=f'\'{POLICIES_ATTR}\' attribute must be a list of '
                        f'strings.'
            )

        if self.access_control_service.role_exists(name=role_name):
            _LOG.error(f'Role with name \'{role_name}\' already exists.')
            return build_response(
                code=RESPONSE_BAD_REQUEST_CODE,
                content=f'Role with name \'{role_name}\' already exists.'
            )

        non_existing_policies = self.access_control_service. \
            get_non_existing_policies(policies=policies)
        if non_existing_policies:
            error_message = f'Some of the policies provided in the event ' \
                            f'don\'t exist: {", ".join(non_existing_policies)}'
            _LOG.error(error_message)
            return build_response(code=RESPONSE_BAD_REQUEST_CODE,
                                  content=error_message)

        resource = event.get(RESOURCE_ATTR)

        if resource and not self.customer_service.get(name=resource):
            _LOG.warning(f'Customer with name \'{resource}\' does not exist.')
            return build_response(
                code=RESPONSE_BAD_REQUEST_CODE,
                content=f'Customer with name \'{resource}\' does not exist.'
            )

        role_data = {
            NAME_ATTR: role_name,
            EXPIRATION_ATTR: expiration,
            POLICIES_ATTR: policies
        }
        if resource:
            role_data[RESOURCE_ATTR]: resource

        _LOG.debug(f'Creating role from data: {role_data}')
        role = self.access_control_service.create_role(role_data=role_data)
        _LOG.debug(f'Role has been created. Saving.')
        self.access_control_service.save(role)

        _LOG.debug(f'Extracting role dto')
        role_dto = role.get_dto()
        _LOG.debug(f'Response: {role_dto}')
        return build_response(
            code=RESPONSE_OK_CODE,
            content=role_dto
        )