This repository has been archived by the owner on May 16, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 19
/
handle_grant.go
70 lines (62 loc) · 2.41 KB
/
handle_grant.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
package slacknotifier
import (
"context"
"encoding/json"
"fmt"
"github.com/aws/aws-lambda-go/events"
"github.com/common-fate/common-fate/pkg/gevent"
"github.com/common-fate/common-fate/pkg/storage"
"github.com/slack-go/slack"
"go.uber.org/zap"
)
func (n *SlackNotifier) HandleGrantEvent(ctx context.Context, log *zap.SugaredLogger, event events.CloudWatchEvent) error {
var grantEvent gevent.GrantEventPayload
err := json.Unmarshal(event.Detail, &grantEvent)
if err != nil {
return err
}
gq := storage.GetRequest{ID: grantEvent.Grant.ID}
_, err = n.DB.Query(ctx, &gq)
if err != nil {
return err
}
rq := storage.GetAccessRuleVersion{ID: gq.Result.Rule, VersionID: gq.Result.RuleVersion}
_, err = n.DB.Query(ctx, &rq)
if err != nil {
return err
}
var msg string
var fallback string
var accessory *slack.Accessory
// reviewURL, err := notifiers.ReviewURL(n.FrontendURL, gq.Result.ID)
// if err != nil {
// return err
// }
// get the message text based on the event type
switch event.DetailType {
// NOTE: Commenting out slack notification for grant activated type to make notification less noisy.
// case gevent.GrantActivatedType:
// msg = fmt.Sprintf("Your access to *%s* is now active.", rq.Result.Name)
// accessory = &slack.Accessory{
// ButtonElement: &slack.ButtonBlockElement{
// Type: slack.METButton,
// Text: slack.NewTextBlockObject(slack.PlainTextType, "Access Instructions", true, false),
// URL: reviewURL.AccessInstructions,
// },
// }
// fallback = fmt.Sprintf("Your access to %s is now active.", rq.Result.Name)
case gevent.GrantFailedType:
msg = fmt.Sprintf("We've had an issue trying to provision or clean up your access to *%s*. We'll keep trying, but if you urgently need access to the role please contact your cloud administrator.", rq.Result.Name)
fallback = fmt.Sprintf("We've had an issue with your access to %s", rq.Result.Name)
case gevent.GrantRevokedType:
msg = fmt.Sprintf("Your access to *%s* has been cancelled by your administrator. Please contact your cloud administrator for more information.", rq.Result.Name)
fallback = fmt.Sprintf("Your access to %s has been cancelled by your administrator", rq.Result.Name)
default:
zap.S().Infow("unhandled grant event", "detailType", event.DetailType)
}
if msg != "" {
_, err = SendMessage(ctx, n.directMessageClient.client, gq.Result.Grant.Subject, msg, fallback, accessory)
return err
}
return nil
}