Merge pull request #122 from pagreene/json-passing

Allow the passing of query JSON

after_zappa

@@ -0,0 +1,70 @@
+#!/usr/bin/env python
+
+import os
+import json
+import boto3
+
+from indra_db.config import CONFIG
+from indra_db.util.aws import get_role_kwargs
+
+
+# Lambda CONFIG parameters
+aws_role = CONFIG['lambda']['role']
+aws_primary_function = CONFIG['lambda']['function']
+
+# Load the Zappa config file.
+ZAPPA_CONFIG = 'zappa_settings.json'
+if not os.path.exists(ZAPPA_CONFIG):
+    raise Exception(f"No valid zappa config file present. "
+                    f"Expecting: {ZAPPA_CONFIG}")
+with open('zappa_settings.json', 'r') as f:
+    zappa_settings = json.load(f)
+
+
+def fix_permissions(deployment):
+    """Add permissions to the lambda function to allow access from API Gateway.
+
+    When Zappa runs, it removes permission for the primary endpoint to call
+    the lambda functions it creates. This function goes in and fixes those
+    permissions, and is intended to be run after a zappa update.
+    """
+    # Get relevant settings from the zappa config.
+    project_name = zappa_settings[deployment]['project_name']
+    region = zappa_settings[deployment]['aws_region']
+    if zappa_settings[deployment]['profile_name'].lower() != aws_role.lower():
+        raise Exception("Required roles do not match!")
+
+    # Get the ID for the API on API Gateway
+    kwargs, identity = get_role_kwargs(aws_role)
+    api_gateway = boto3.client('apigateway', **kwargs)
+    api_data = api_gateway.get_rest_apis()
+    for item in api_data['items']:
+        if item['name'] == aws_primary_function:
+            break
+    else:
+        raise Exception(f"Could not find api matching name: "
+                        f"{aws_primary_function}")
+
+    # Give the API Gateway access to the lambda functions.
+    account_id = identity['Account']
+    lambda_client = boto3.client('lambda', **kwargs)
+    for label, endpoint in [('root', ''), ('leafs', '/*')]:
+        source_arn = (f"arn:aws:execute-api:{region}:{account_id}:{item['id']}"
+                      f"/*/*/{deployment}{endpoint}")
+        statement_id = f'{aws_primary_function}-access-to-{deployment}-{label}'
+        lambda_client.add_permission(FunctionName=f'{project_name}-{deployment}',
+                                     Action='lambda:InvokeFunction',
+                                     Principal='apigateway.amazonaws.com',
+                                     SourceArn=source_arn,
+                                     StatementId=statement_id)
+    return
+
+
+def main():
+    import sys
+    deployment = sys.argv[1]
+    fix_permissions(deployment)
+
+
+if __name__ == '__main__':
+    main()

indra_db/client/readonly/__init__.py

@@ -1,3 +1,2 @@
-from .interactions import *
-from .pa_statements import *
-from .query import *
+from .util import *
+from .query import *