Exemplo n.º 1
0
 public void Setup()
 {
     _entity = new APIDataUserFlow();
 }
        public static bool ShouldHaveAccessUserFlow(HackneyUser user, AuthorizerRequest authorizerRequest, APIDataUserFlow apiData, string apiName)
        {
            bool groupIsAllowed = apiData.AllowedGroups.Any(x => user.Groups.Contains(x));

            if (!groupIsAllowed ||
                apiData.ApiName != apiName ||
                apiData.Environment != authorizerRequest.Environment ||
                apiData.AwsAccount != authorizerRequest.AwsAccountId)
            {
                LambdaLogger.Log($"User with email {user.Email} is DENIED access for {apiName} " +
                                 $" in {authorizerRequest.Environment} stage. User does not have access to {apiName} " +
                                 $"for {apiData.Environment} stage in the following AWS account {apiData.AwsAccount}. User is in the following" +
                                 $"Google groups: {user.Groups}");
                return(false);
            }

            LambdaLogger.Log($"User with email {user.Email} is ALLOWED access for {apiName} " +
                             $" in {authorizerRequest.Environment} stage. The API, as described in the database," +
                             $"is deployed to the following AWS account {apiData.AwsAccount}");

            return(true);
        }