Threshold: parseInt()

in workmail-stop-mail-storm/src/app.js [71:120]

• 20 lines of code
• 4 McCabe index (conditional complexity)

            Threshold: parseInt(process.env.THRESHOLD || DEFAULT_THRESHOLD),

        };
        console.log('Creating alarm for address ' + protectedAddress);
        const alarm = await cloudwatch.putMetricAlarm(params).promise();
        console.log(alarm);
    }
}

async function verifyAlarms(protectedRecipients) {
    // see https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_DescribeAlarms.html for detailed
    // explanation of the parameters
    const params = {
        AlarmNames: protectedRecipients.map(protectedAddress => ALARM_PREFIX + protectedAddress),
        AlarmTypes: ['MetricAlarm'],
    };

    const allAlarms = await cloudwatch.describeAlarms(params).promise();
    console.log('Finished describeAlarms - Results:');
    console.log(allAlarms);

    const protectedAddressesInAlarm = allAlarms.MetricAlarms
        .filter(metricAlarm => metricAlarm.StateValue === 'ALARM')
        .map(metricAlarm => metricAlarm.Dimensions[0].Value);

    return {allAlarms, protectedAddressesInAlarm};
}

exports.lambdaHandler = async (event) => {
    console.log('Event received by lambda function:');
    console.log(JSON.stringify(event)); // see event documentation in https://docs.aws.amazon.com/workmail/latest/adminguide/lambda.html
    console.log('Environment variables:');
    console.log(JSON.stringify(process.env));

    // split on comma, and cleanup whitespace around
    const allProtectedAddresses = (process.env.PROTECTED_ADDRESSES || '')
        .split(',').map(address => address.trim());

    console.log('Email addresses to protect against mail storms: ' + allProtectedAddresses);

    // take only the email address of each recipient
    const recipients = event.envelope.recipients.map(recipient => recipient.address);

    // find the protected recipients among all recipients
    const protectedRecipients = recipients.filter(recipient => allProtectedAddresses.includes(recipient));

    // in this case, we can simply let the email pass, and avoid looking at all alarms
    if (protectedRecipients.length === 0) {
        console.log('No recipient in this email is protected against mail storm. Letting the email pass.');
        return {