def match()

in qs_cfn_lint_rules/IAMActionWildcard.py [0:0]

• 20 lines of code
• 11 McCabe index (conditional complexity)

    def match(self, cfn):
        """Basic Matching"""
        violation_matches = []
        term_matches = []
        for prop in self.SEARCH_PROPS:
            term_matches += cfn.search_deep_keys(prop)
        for tm in term_matches:
            # if not isinstance(tm[-3], int):
            #     continue
            if get_effect(cfn.template, tm).lower() == 'deny':
                continue
            if tm[-1] == "*" or ("*" in tm[-1] and isinstance(tm[-1], list)):
                violation_matches.append(RuleMatch(tm[:-1], LINT_ERROR_MESSAGE))
            else:
                wild_actions = is_wild(tm[-1])
                for wild_action in wild_actions:
                    expanded_actions = {CAMEL_CASE.get(k,k) for k in get_actions_from_statement({"Action": [wild_action]})}
                    msg = f"{LINT_ERROR_MESSAGE} matching actions for {wild_action} are: {json.dumps(list(expanded_actions))}"
                    if isinstance(tm[-1], list):
                        violation_matches.append(RuleMatch(tm[:-1]+[tm[-1].index(wild_action)], msg, expanded_actions=expanded_actions, expanded_on_newline=True))
                    else:
                        violation_matches.append(RuleMatch(tm[:-1], msg, expanded_actions=expanded_actions, expanded_on_newline=True))
        return violation_matches