All files / lib/backend-operations/appsync-operations/helpers helper-serviceRoles.js

86.21% Statements 25/29
33.33% Branches 1/3
100% Functions 8/8
86.21% Lines 25/29

Press n or j to go to the next uncovered block, b, p or k for the previous block.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117                          27x 27x 27x       4x         4x       4x 4x                                       4x       4x           4x       4x       4x 4x       4x       4x       4x                   4x         4x 4x   4x 4x               4x 4x 4x     27x        
/* 
 * Copyright 2017-2018 Amazon.com, Inc. or its affiliates. All Rights Reserved.
 *
 * Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
 * the License. A copy of the License is located at
 *
 *     http://aws.amazon.com/apache2.0/
 *
 * or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
 * CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
 * and limitations under the License.
*/
"use strict";
const util = require('util')
const nameManager = require('../../../utils/awsmobilejs-name-manager.js')
const dataSourceType = ["AWS_LAMBDA", "AMAZON_DYNAMODB", "AMAZON_ELASTICSEARCH"]
 
////////////////////////constructPutRolePolicyParam////////////////////////
function constructPutRolePolicyParamForDDB(dataSource){
    let result = {
        RoleName: dataSource.serviceRoleDetails.Role.RoleName,
        PolicyName: dataSource.serviceRoleDetails.Role.RoleName,
        PolicyDocument: constructPolicyDocumentForDDB(dataSource)
    }
    return result
}
 
function constructPolicyDocumentForDDB(dataSource){
    let tableArn = dataSource.table.details.TableArn
    let policy = {
        "Version": "2012-10-17",
        "Statement": [
            {
                "Effect": "Allow",
                "Action": [
                    "dynamodb:DeleteItem",
                    "dynamodb:GetItem",
                    "dynamodb:PutItem",
                    "dynamodb:Query",
                    "dynamodb:Scan",
                    "dynamodb:UpdateItem"
                ],
                "Resource": [
                    tableArn,
                    tableArn + '/*'
                ]
            }
        ]
    }
    return JSON.stringify(policy)
}
////////////////////////constructCreateRoleParamForDDB////////////////////////
function constructCreateRoleParamForDDB(tableName, roleNameSuffix){
    let result = {
        RoleName: constructDDBRoleName(tableName, roleNameSuffix), 
        Description: constructDDBDescription(tableName),
        Path: constructDDBPath(tableName), 
        AssumeRolePolicyDocument: constructDDBAssumeRolePolicyDocument(tableName)
    }
    return result
}
 
function constructDDBRoleName(tableName, roleNameSuffix){
    let dataSource = {
        type: 'AMAZON_DYNAMODB', 
        name: tableName
    }
    let RoleName = generateAppSyncServiceRoleName(dataSource, roleNameSuffix)
    return RoleName
}
 
function constructDDBDescription(tableName){
    return 'Allows the AWS AppSync service to access your data source.'
}
 
function constructDDBPath(tableName){
    return "/"
}
 
function constructDDBAssumeRolePolicyDocument(tableName){
    let assumeRolePolicy = {
        "Version" : "2012-10-17",
        "Statement": [ {
           "Effect": "Allow",
           "Principal": {
              "Service": [ "appsync.amazonaws.com" ]
           },
           "Action": [ "sts:AssumeRole" ]
        } ]
     }
    return JSON.stringify(assumeRolePolicy)
}
 
function generateAppSyncServiceRoleName(dataSource, roleNameSuffix)
{
    let dataSourceType = ''
    switch(dataSource.type){
        case 'AMAZON_DYNAMODB':
            dataSourceType = '-ddb-'
        break
        case 'AWS_LAMBDA':
            dataSourceType = '-lmd-'
        break
        case 'AMAZON_ELASTICSEARCH': 
            dataSourceType = '-els-'
        break
    }
    let dataSourceName = '-' + dataSource.name.slice(0, 20)
    let roleName = 'appsync-datasource' + dataSourceType + roleNameSuffix + dataSourceName
    return roleName
}
 
module.exports = {
    constructCreateRoleParamForDDB,
    constructPutRolePolicyParamForDDB
}