Skip to content

Commit

Permalink
Update policy generator and return errors on empty policies
Browse files Browse the repository at this point in the history
  • Loading branch information
@reweeden
reweeden committed Oct 21, 2022
1 parent 85b7e8b commit de662fd
Show file tree
Hide file tree
Showing 3 changed files with 15 additions and 2 deletions.
13 changes: 13 additions & 0 deletions lambda/app.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -976,6 +976,19 @@ def s3credentials():
policy = b_map.to_iam_policy(groups)
log.debug("policy: %s", policy)

if policy is None:
template_vars = {
"contentstring": "You do not have permission to access any data.",
"title": "Could not access data",
"requestid": get_request_id()
}
return make_html_response(
template_vars,
authorizer.get_success_response_headers(),
403,
"error.html"
)

app_name = app.current_request.headers.get("app-name", "")
role_session_name = get_role_session_name(user_profile.user_id, app_name)

Expand Down
2 changes: 1 addition & 1 deletion requirements/requirements.in
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,5 +2,5 @@ cachetools
cfnresponse
chalice
flatdict
git+https://github.com/asfadmin/rain-api-core.git@6acd2cb943cb552c525bc5320297f62b812a33ba
git+https://github.com/asfadmin/rain-api-core.git@5acfb6403df35e302ad6d7ccdc050a51e4c827a7
netaddr
2 changes: 1 addition & 1 deletion requirements/requirements.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ pyyaml==6.0
# via
# chalice
# rain-api-core
rain-api-core @ git+https://github.com/asfadmin/rain-api-core.git@6acd2cb943cb552c525bc5320297f62b812a33ba
rain-api-core @ git+https://github.com/asfadmin/rain-api-core.git@5acfb6403df35e302ad6d7ccdc050a51e4c827a7
# via -r requirements/requirements.in
readchar==4.0.3
# via inquirer
Expand Down

0 comments on commit de662fd

Please sign in to comment.