in src/lambdas/custodian_api_handler/handlers/users_handler.py [0:0]
def signup(self, event: SignUpModel):
if self._cs.get(event.customer_name):
raise ResponseFactory(HTTPStatus.CONFLICT).message(
f'Customer {event.customer_name} already exists'
).exc()
if self._user_client.does_user_exist(event.username):
raise ResponseFactory(HTTPStatus.CONFLICT).message(
f'User {event.username} already exists'
).exc()
customer = Customer(
name=event.customer_name,
display_name=event.customer_display_name,
admins=list(event.customer_admins),
is_active=True
)
policy = self._ps.create(
customer=event.customer_name,
name='admin_policy',
permissions=sorted([i.value for i in Permission.iter_enabled()]),
description='Auto-created policy for newly signed up user',
effect=PolicyEffect.ALLOW,
tenants=('*', )
)
role = self._rs.create(
customer=event.customer_name,
name='admin_role',
expiration=None,
policies=('admin_policy', ),
description='Auto-created role for newly signed up user'
)
try:
customer.save()
except ClientError:
_LOG.warning('Cannot save customer. Probably no permissions.',
exc_info=True)
raise ResponseFactory(HTTPStatus.FORBIDDEN).message(
'Cannot create a new user. Please, contact support'
).exc()
self._rs.save(role)
self._ps.save(policy)
self._user_client.signup_user(
username=event.username,
password=event.password,
role='admin_role',
customer=event.customer_name
)
_LOG.debug(f'Saving user: {event.username}')
return build_response(
code=HTTPStatus.CREATED,
content=f'The user {event.username} was created'
)