-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathserverless.js
executable file
·191 lines (168 loc) · 5.78 KB
/
serverless.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
const { mergeDeepRight } = require('ramda')
const util = require('util')
const { utils } = require('@serverless/core')
const { Component } = require('@serverless/core')
const tencentAuth = require('serverless-tencent-auth-tool')
const tencentcloud = require('tencentcloud-sdk-nodejs')
const CamClient = tencentcloud.cam.v20190116.Client
const camModels = tencentcloud.cam.v20190116.Models
const ClientProfile = require('tencentcloud-sdk-nodejs/tencentcloud/common/profile/client_profile.js')
const HttpProfile = require('tencentcloud-sdk-nodejs/tencentcloud/common/profile/http_profile.js')
class TencentCamPolicy extends Component {
getCamClient(credentials, region) {
// create cam client
const secret_id = credentials.SecretId
const secret_key = credentials.SecretKey
const cred = new tencentcloud.common.Credential(secret_id, secret_key)
const httpProfile = new HttpProfile()
httpProfile.reqTimeout = 30
const clientProfile = new ClientProfile('HmacSHA256', httpProfile)
return new CamClient(cred, region, clientProfile)
}
async default(inputs = {}) {
// login
const auth = new tencentAuth()
this.context.credentials.tencent = await auth.doAuth(this.context.credentials.tencent, {
client: 'tencent-cam-policy',
remark: inputs.fromClientRemark,
project: this.context.instance ? this.context.instance.id : undefined,
action: 'default'
})
this.context.status(`Deploying`)
// Defaults
const defaults = {
name: this.state.name || this.context.resourceId(),
description: '',
region: 'ap-guangzhou',
path: null,
policy: {
version: '2.0',
statement: [
{
action: [],
resource: '*',
effect: 'allow'
}
]
}
}
inputs = mergeDeepRight(defaults, inputs)
// Ensure Document is a string
inputs.policy =
typeof inputs.policy === 'string' ? inputs.policy : JSON.stringify(inputs.policy)
const cam = this.getCamClient(this.context.credentials.tencent, inputs.region)
cam.sdkVersion = 'ServerlessComponent'
const params = {
PolicyName: inputs.name,
PolicyDocument: inputs.policy,
Description: inputs.description
}
let result
let handler
if (this.state && this.state.id) {
params.PolicyId = this.state.id
const updateReq = new camModels.UpdatePolicyRequest()
updateReq.from_json_string(JSON.stringify(params))
handler = util.promisify(cam.UpdatePolicy.bind(cam))
try {
await handler(updateReq)
} catch (e) {
throw 'UpdatePolicyError: ' + e
}
} else {
const createReq = new camModels.CreatePolicyRequest()
createReq.from_json_string(JSON.stringify(params))
handler = util.promisify(cam.CreatePolicy.bind(cam))
try {
result = await handler(createReq)
} catch (error) {
if (error.code && error.code == 'FailedOperation.PolicyNameInUse') {
const req = new camModels.ListPoliciesRequest()
let body
let page = 1
let pagePolicList
let pagePolicyCount = 1
// cam could not get policyId through policyName, has not this type api
// so use ListPolicies api to get policy list
while (pagePolicyCount > 0) {
await utils.sleep(500) // Prevent overclocking
body = {
Rp: 200,
Page: page
}
req.from_json_string(JSON.stringify(body))
handler = util.promisify(cam.ListPolicies.bind(cam))
try {
pagePolicList = await handler(req)
pagePolicyCount = pagePolicList.List.length
for (let j = 0; j < pagePolicList.List.length; j++) {
if (pagePolicList.List[j].PolicyName == params.PolicyName) {
params.PolicyId = pagePolicList.List[j].PolicyId
break // Policyid found, break loop
}
}
if (params.PolicyId) {
break // Policyid found, break loop
}
} catch (e) {
throw 'GetPolicyIdError: ' + e
}
page = page + 1
}
const updateReq = new camModels.UpdatePolicyRequest()
updateReq.from_json_string(JSON.stringify(params))
handler = util.promisify(cam.UpdatePolicy.bind(cam))
try {
await handler(updateReq)
} catch (e) {
throw 'UpdatePolicyError: ' + e
}
} else {
throw error
}
}
}
// Save state and set outputs
const outputs = {}
const policyId = result && result.PolicyId ? result.PolicyId : params.PolicyId
this.state.id = outputs.id = policyId
await this.save()
return outputs
}
/**
* Remove
* @param {Object} [inputs={}]
* @return {Promise}
*/
async remove(inputs = {}) {
// login
const auth = new tencentAuth()
this.context.credentials.tencent = await auth.doAuth(this.context.credentials.tencent, {
client: 'tencent-cam-policy',
remark: inputs.fromClientRemark,
project: this.context.instance ? this.context.instance.id : undefined,
action: 'remove'
})
if (!this.state.id) {
return {}
}
const cam = this.getCamClient(this.context.credentials.tencent, inputs.region)
cam.sdkVersion = 'ServerlessComponent'
const params = {
PolicyId: [this.state.id]
}
const req = new camModels.DeletePolicyRequest()
req.from_json_string(JSON.stringify(params))
const handler = util.promisify(cam.DeletePolicy.bind(cam))
try {
await handler(req)
} catch (error) {
throw error
}
// Clear state
this.state = {}
await this.save()
return {}
}
}
module.exports = TencentCamPolicy