in src/lambdas/r8s_api_handler/processors/job_processor.py [0:0]
def post(self, event):
_LOG.debug(f'Submit job event: {event}')
validate_params(event, (USER_ID_ATTR, PARENT_ID_ATTR))
parent_id = event.get(PARENT_ID_ATTR)
parent = self.parent_service.get_parent_by_id(parent_id=parent_id)
if not parent:
_LOG.error(f'Parent with id \'{parent_id}\' does not exist')
return build_response(
code=RESPONSE_BAD_REQUEST_CODE,
content=f'Parent with id \'{parent_id}\' does not exist'
)
if parent.type != RIGHTSIZER_LICENSES_PARENT_TYPE:
_LOG.error(f'Parent of {RIGHTSIZER_LICENSES_PARENT_TYPE} '
f'type required.')
return build_response(
code=RESPONSE_BAD_REQUEST_CODE,
content=f'Parent of {RIGHTSIZER_LICENSES_PARENT_TYPE} '
f'type required.'
)
application_id = parent.application_id
application = self.application_service.get_application_by_id(
application_id=application_id
)
if not application:
_LOG.error(f'No application found matching given query.')
return build_response(
code=RESPONSE_BAD_REQUEST_CODE,
content=f'No application found matching given query.'
)
user_id = event.get(USER_ID_ATTR)
user_customer = event.get(PARAM_USER_CUSTOMER)
if user_customer != 'admin' and parent.customer_id \
!= user_customer:
_LOG.warning(f'User \'{user_id}\' is not authorize to affect '
f'customer \'{parent.customer_id}\' entities.')
return build_response(
code=RESPONSE_FORBIDDEN_CODE,
content=f'User \'{user_id}\' is not authorize to affect '
f'customer \'{parent.customer_id}\' entities.'
)
envs = {
"AWS_REGION": self.environment_service.aws_region(),
"log_level": os.environ.get('log_level', 'ERROR'),
"parent_id": parent.parent_id,
"DEBUG": str(self.environment_service.is_debug())
}
meta_postponed_key = self.environment_service.meta_postponed_key()
if meta_postponed_key:
envs['META_POSTPONED_KEY'] = meta_postponed_key
rate_limit = self.environment_service.tenants_customer_name_index_rcu()
_LOG.debug(f'Rate limiting on Tenants customer index rcu: '
f'{rate_limit}')
envs[ENV_TENANT_CUSTOMER_INDEX] = str(rate_limit)
input_scan_tenants = event.get(TENANTS_ATTR)
if input_scan_tenants:
_LOG.debug(f'Validating user-provided scan tenants: '
f'{input_scan_tenants}')
self._validate_input_tenants(
parent=parent,
input_scan_tenants=input_scan_tenants
)
scan_tenants = input_scan_tenants
_LOG.debug(f'Setting scan_tenants env to '
f'\'{scan_tenants}\'')
envs['SCAN_TENANTS'] = ','.join(scan_tenants)
elif parent.scope == ParentScope.SPECIFIC.value:
_LOG.debug(f'Extracting tenant activated for parent '
f'{parent.parent_id}')
tenant = self.tenant_service.get(
tenant_name=parent.tenant_name,
attributes_to_get=[Tenant.name]
)
if not tenant:
_LOG.error(f'Tenant {parent.tenant_name} linked to parent '
f'{parent_id} does not exist.')
return build_response(
code=RESPONSE_BAD_REQUEST_CODE,
content=f'Tenant {parent.tenant_name} linked to parent '
f'{parent_id} does not exist.'
)
scan_tenants = [tenant.name]
envs['SCAN_TENANTS'] = tenant.name
else:
# todo temporary
# to validate job submit permission on any single tenant
scan_tenants = list(self.tenant_service.i_get_tenant_by_customer(
customer_id=parent.customer_id,
active=True,
attributes_to_get=[Tenant.name],
cloud=parent.cloud,
rate_limit=rate_limit
))
scan_tenants = [t.name for t in scan_tenants]
if not scan_tenants:
_LOG.error(f'No tenants to scan found.')
return build_response(
code=RESPONSE_BAD_REQUEST_CODE,
content=f'No tenants to scan found.'
)
parent_meta = self.parent_service.get_parent_meta(parent=parent)
_LOG.debug(f'Checking permission to submit job on license '
f'\'{parent_meta.license_key}\' '
f'for tenants: {scan_tenants}')
tenant_status_map = self._validate_licensed_job(
parent=parent,
license_key=parent_meta.license_key,
scan_tenants=scan_tenants
)
scan_from_date = event.get(SCAN_FROM_DATE_ATTR)
if scan_from_date:
_LOG.debug(f'Validating {SCAN_FROM_DATE_ATTR}')
self._validate_scan_date(date_str=scan_from_date)
envs[SCAN_FROM_DATE_ATTR.upper()] = scan_from_date
scan_to_date = event.get(SCAN_TO_DATE_ATTR)
if scan_to_date:
_LOG.debug(f'Validating {SCAN_TO_DATE_ATTR}')
self._validate_scan_date(date_str=scan_to_date)
envs[SCAN_TO_DATE_ATTR.upper()] = scan_to_date
_LOG.debug(f'Going to submit job from application '
f'\'{parent.application_id}\' for cloud')
response = self.job_service.submit_job(
job_owner=user_id,
parent_id=parent.parent_id,
envs=envs,
tenant_status_map=tenant_status_map
)
_LOG.debug(f'Response: {response}')
return build_response(
code=RESPONSE_OK_CODE,
content=response
)