use of com.amazonaws.auth.policy.internal.JsonPolicyReader in project cloudbreak by hortonworks.
the class AwsCredentialVerifier method getRequiredActions.
private List<RequiredAction> getRequiredActions(String policies) throws IOException {
List<RequiredAction> requiredActions = new ArrayList<>();
Policy policy = new JsonPolicyReader().createPolicyFromJsonString(policies);
for (Statement statement : policy.getStatements()) {
RequiredAction requiredAction = new RequiredAction();
List<Action> actions = statement.getActions();
if (actions != null) {
List<String> actionNames = actions.stream().map(e -> e.getActionName()).collect(Collectors.toList());
requiredAction.setActionNames(actionNames);
}
List<Condition> conditions = statement.getConditions();
if (conditions != null) {
for (Condition condition : conditions) {
ContextEntry contextEntry = new ContextEntry();
contextEntry.setContextKeyName(condition.getConditionKey());
contextEntry.setContextKeyType(ContextKeyTypeEnum.String);
contextEntry.setContextKeyValues(condition.getValues());
requiredAction.getConditions().add(contextEntry);
}
}
String resourceString = statement.getResources().stream().findFirst().get().getId();
requiredAction.setResourceArn(resourceString);
Optional<RequiredAction> first = requiredActions.stream().filter(e -> e.getConditions().equals(requiredAction.getConditions()) && e.getResourceArn().equals(requiredAction.getResourceArn())).findFirst();
if (first.isPresent()) {
requiredActions.remove(first.get());
requiredAction.getActionNames().addAll(first.get().getActionNames());
requiredAction.getConditions().addAll(first.get().getConditions());
requiredActions.add(requiredAction);
} else {
requiredActions.add(requiredAction);
}
}
return requiredActions;
}
Aggregations