func allBindings()

in internal/policygen/iam.go [96:138]

• 33 lines of code
• 9 McCabe index (conditional complexity)

func allBindings(rn runner.Runner, resources []*states.Resource) (map[root]roleBindings, error) {

	// All roles associated with a root resource (organization, folder or project).
	var allBindings = make(map[root]roleBindings)

	typeToIDField := map[string]string{
		"project":      "project",
		"folder":       "folder",
		"organization": "org_id",
	}

	for rootType, idField := range typeToIDField {
		iamMembers, err := members(rn, resources, rootType, idField)
		if err != nil {
			return nil, err
		}

		iamBindings, err := bindings(rn, resources, rootType, idField)
		if err != nil {
			return nil, err
		}

		// Add iamBindings to iamMembers.
		// If iamMembers have members for the same root and role, replace it with the value from iamBindings.
		for root, bindings := range iamBindings {
			for role, members := range bindings {
				// Init the roleBindings map if it didn't exist.
				if _, ok := iamMembers[root]; !ok {
					iamMembers[root] = make(roleBindings)
				}
				iamMembers[root][role] = members
			}
		}
		for root, bindings := range iamMembers {
			for role, members := range bindings {
				// Remove duplicated members for the same role.
				bindings[role] = unique(members)
			}
			allBindings[root] = bindings
		}
	}
	return allBindings, nil
}