driftctl/pkg/middlewares/google_iam_policy_transform...

package middlewares

import (
	"encoding/json"
	"fmt"
	"strings"

	"github.com/snyk/driftctl/enumeration/resource"
	"github.com/snyk/driftctl/enumeration/resource/google"
)

// GoogleStorageBucketIAMPolicyTransformer Transforms Bucket IAM policy in bucket iam binding to ease comparison.
type GoogleStorageBucketIAMPolicyTransformer struct {
	resourceFactory resource.ResourceFactory
	resFieldByType  map[string]string // map of the field to add to resource attribute for all supported type
}

func NewGoogleIAMPolicyTransformer(resourceFactory resource.ResourceFactory) *GoogleStorageBucketIAMPolicyTransformer {
	return &GoogleStorageBucketIAMPolicyTransformer{
		resourceFactory,
		map[string]string{
			google.GoogleStorageBucketIamPolicyResourceType: "bucket",
			google.GoogleProjectIamPolicyResourceType:       "project",
		}}
}

func (m *GoogleStorageBucketIAMPolicyTransformer) Execute(_, resourcesFromState *[]*resource.Resource) error {

	resources := make([]*resource.Resource, 0)

	for _, stateRes := range *resourcesFromState {
		// Ignore all resources with type not in resFieldByType map
		resType := stateRes.ResourceType()
		resField, supported := m.resFieldByType[resType]
		if !supported {
			resources = append(resources, stateRes)
			continue
		}

		resName := *stateRes.Attrs.GetString(resField)
		policyJSON := *stateRes.Attrs.GetString("policy_data")

		policies := policyDataType{}
		err := json.Unmarshal([]byte(policyJSON), &policies)
		if err != nil {
			return err
		}

		for _, policy := range policies.Bindings {
			roleName := policy["role"].(string)
			members := policy["members"].([]interface{})
			for _, member := range members {
				id := fmt.Sprintf("%s/%s/%s", resName, roleName, member)
				resources = append(
					resources,
					m.resourceFactory.CreateAbstractResource(
						fmt.Sprintf("%s_member", strings.TrimSuffix(resType, "_policy")),
						id,
						map[string]interface{}{
							"id":     id,
							resField: resName,
							"role":   roleName,
							"member": member.(string),
						},
					),
				)
			}
		}
	}

	*resourcesFromState = resources

	return nil
}

type policyDataType struct {
	Bindings []map[string]interface{}
}
add support for google_storage_bucket_iam_policy, add tests 2021-09-29 15:43:56 +00:00			`package middlewares`

			`import (`
			`"encoding/json"`
			`"fmt"`
implement iam for project and make middleware generics 2021-10-01 09:02:46 +00:00			`"strings"`
add support for google_storage_bucket_iam_policy, add tests 2021-09-29 15:43:56 +00:00
chore: extract enumeration to it's own submodule 2022-06-28 07:23:29 +00:00			`"github.com/snyk/driftctl/enumeration/resource"`
			`"github.com/snyk/driftctl/enumeration/resource/google"`
add support for google_storage_bucket_iam_policy, add tests 2021-09-29 15:43:56 +00:00			`)`

			`// GoogleStorageBucketIAMPolicyTransformer Transforms Bucket IAM policy in bucket iam binding to ease comparison.`
			`type GoogleStorageBucketIAMPolicyTransformer struct {`
			`resourceFactory resource.ResourceFactory`
implement iam for project and make middleware generics 2021-10-01 09:02:46 +00:00			`resFieldByType map[string]string // map of the field to add to resource attribute for all supported type`
add support for google_storage_bucket_iam_policy, add tests 2021-09-29 15:43:56 +00:00			`}`

implement iam for project and make middleware generics 2021-10-01 09:02:46 +00:00			`func NewGoogleIAMPolicyTransformer(resourceFactory resource.ResourceFactory) *GoogleStorageBucketIAMPolicyTransformer {`
			`return &GoogleStorageBucketIAMPolicyTransformer{`
			`resourceFactory,`
			`map[string]string{`
			`google.GoogleStorageBucketIamPolicyResourceType: "bucket",`
			`google.GoogleProjectIamPolicyResourceType: "project",`
			`}}`
add support for google_storage_bucket_iam_policy, add tests 2021-09-29 15:43:56 +00:00			`}`

			`func (m GoogleStorageBucketIAMPolicyTransformer) Execute(_, resourcesFromState []*resource.Resource) error {`

			`resources := make([]*resource.Resource, 0)`

			`for _, stateRes := range *resourcesFromState {`
use gitignore in tests and remove useless lock in repository 2021-10-19 16:26:03 +00:00			`// Ignore all resources with type not in resFieldByType map`
implement iam for project and make middleware generics 2021-10-01 09:02:46 +00:00			`resType := stateRes.ResourceType()`
			`resField, supported := m.resFieldByType[resType]`
			`if !supported {`
add support for google_storage_bucket_iam_policy, add tests 2021-09-29 15:43:56 +00:00			`resources = append(resources, stateRes)`
			`continue`
			`}`

implement iam for project and make middleware generics 2021-10-01 09:02:46 +00:00			`resName := *stateRes.Attrs.GetString(resField)`
add support for google_storage_bucket_iam_policy, add tests 2021-09-29 15:43:56 +00:00			`policyJSON := *stateRes.Attrs.GetString("policy_data")`

			`policies := policyDataType{}`
			`err := json.Unmarshal([]byte(policyJSON), &policies)`
			`if err != nil {`
			`return err`
			`}`

			`for _, policy := range policies.Bindings {`
implement iam for project and make middleware generics 2021-10-01 09:02:46 +00:00			`roleName := policy["role"].(string)`
			`members := policy["members"].([]interface{})`
transform every bucket iam into members 2021-10-04 17:03:44 +00:00			`for _, member := range members {`
implement iam for project and make middleware generics 2021-10-01 09:02:46 +00:00			`id := fmt.Sprintf("%s/%s/%s", resName, roleName, member)`
transform every bucket iam into members 2021-10-04 17:03:44 +00:00			`resources = append(`
			`resources,`
			`m.resourceFactory.CreateAbstractResource(`
implement iam for project and make middleware generics 2021-10-01 09:02:46 +00:00			`fmt.Sprintf("%s_member", strings.TrimSuffix(resType, "_policy")),`
transform every bucket iam into members 2021-10-04 17:03:44 +00:00			`id,`
			`map[string]interface{}{`
			`"id": id,`
implement iam for project and make middleware generics 2021-10-01 09:02:46 +00:00			`resField: resName,`
transform every bucket iam into members 2021-10-04 17:03:44 +00:00			`"role": roleName,`
implement iam for project and make middleware generics 2021-10-01 09:02:46 +00:00			`"member": member.(string),`
transform every bucket iam into members 2021-10-04 17:03:44 +00:00			`},`
			`),`
			`)`
			`}`
add support for google_storage_bucket_iam_policy, add tests 2021-09-29 15:43:56 +00:00			`}`
			`}`

			`*resourcesFromState = resources`

			`return nil`
			`}`

			`type policyDataType struct {`
implement iam for project and make middleware generics 2021-10-01 09:02:46 +00:00			`Bindings []map[string]interface{}`
add support for google_storage_bucket_iam_policy, add tests 2021-09-29 15:43:56 +00:00			`}`