3 O4\@s^ddlmZddlmZddlmZddlmZeddZGddde Z Gd d d eZ d S) )Enum) namedtuple) string_types) is_instrinsic PolicyEntryz data typec@sNeZdZdZdZdddZddZdd Zd d Zd d Z ddZ ddZ dS)FunctionPoliciesa Class encapsulating the policies property of AWS::Serverless::Function. This class strictly encapsulates the data and does not take opinions on how to handle them. There are three types of policies: - Policy Statements - AWS or Custom Managed Policy names/arns - Policy Templates This class is capable of parsing and detecting the type of the policy. Optionally, if policy template information is provided to this class, it will detect Policy Templates too. ZPoliciesNcCs||_|j||_dS)a Initialize with policies data from resource's properties :param dict resource_properties: Dictionary containing properties of this resource :param policy_template_processor: Optional Instance of PolicyTemplateProcessor that can conclusively detect if a given policy is a template or not. If not provided, then this class will not detect policy templates. N)_policy_template_processor _get_policiespolicies)selfresource_propertiesZpolicy_template_processorr /Users/sshvans/Documents/Work/Quickstart/python-virtual-environments/env/lib/python3.6/site-packages/samtranslator/model/function_policies.py__init__s zFunctionPolicies.__init__ccsx|jD] }|VqWdS)z Iterator method that "yields" the next policy entry on subsequent calls to this method. :yields namedtuple("data", "type"): Yields a named tuple containing the policy data and its type N)r )r Z policy_tupler r rget*s zFunctionPolicies.getcCs t|jS)N)lenr )r r r r__len__4szFunctionPolicies.__len__cCsfd}|j|r||j}|s gSt|ts0|g}g}x,|D]$}|j|}t||d}|j|q:W|S)a Returns a list of policies from the resource properties. This method knows how to interpret and handle polymorphic nature of the policies property. Policies can be one of the following: * Managed policy name: string * List of managed policy names: list of strings * IAM Policy document: dict containing Statement key * List of IAM Policy documents: list of IAM Policy Document * Policy Template: dict with only one key where key is in list of supported policy template names * List of Policy Templates: list of Policy Template :param dict resource_properties: Dictionary of resource properties containing the policies property. It is assumed that this is already a dictionary and contains policies key. :return list of PolicyEntry: List of policies, where each item is an instance of named tuple `PolicyEntry` N)datatype)_contains_policiesPOLICIES_PROPERTY_NAME isinstancelist _get_typerappend)r r r resultpolicyZ policy_typeentryr r rr 7s      zFunctionPolicies._get_policiescCs|dk ot|to|j|kS)z Is there policies data in this resource? :param dict resource_properties: Properties of the resource :return: True if we can process this resource. False, otherwise N)rdictr)r r r r rr`s z#FunctionPolicies._contains_policiescCsFt|tst|rtjSt|tr0d|kr0tjS|j|r@tjStj S)z Returns the type of the given policy :param string or dict policy: Policy data :return PolicyTypes: Type of the given policy. None, if type could not be inferred Z Statement) rrr PolicyTypesMANAGED_POLICYrPOLICY_STATEMENT_is_policy_templatePOLICY_TEMPLATEUNKNOWN)r rr r rrks  zFunctionPolicies._get_typecCs<|jdk o:t|to:t|dko:|jjt|jddkS)a Is the given policy data a policy template? Policy templates is a dictionary with one key which is the name of the template. :param dict policy: Policy data :return: True, if this is a policy template. False if it is not NrT)rrrrZhasrkeys)r rr r rr"s   z$FunctionPolicies._is_policy_template)N) __name__ __module__ __qualname____doc__rrrrr rrr"r r r rr s   ) rc@s eZdZdZdZdZdZdZdS)rzG Enum of different policy types supported by SAM & this plugin Zmanaged_policyZpolicy_statementZpolicy_templateunknownN)r'r(r)r*r r!r#r$r r r rrs rN) enumr collectionsrsixrZsamtranslator.model.intrinsicsrrobjectrrr r r rs