def performRemediationOperation()

in hq/app/services/IamRemediationService.scala [131:175]

• 37 lines of code
• 7 McCabe index (conditional complexity)

  def performRemediationOperation(remediationOperation: RemediationOperation, now: DateTime, notificationTopicArn: String, tableName: String)
    (implicit ec: ExecutionContext): Attempt[String] = {
    val awsAccount = remediationOperation.vulnerableCandidate.awsAccount
    val iamUser = remediationOperation.vulnerableCandidate.iamUser
    val problemCreationDate = remediationOperation.problemCreationDate
    // if successful, this record will be added to the database
    val thisRemediationActivity = IamRemediationActivity(
      awsAccount.id,
      iamUser.username,
      now,
      remediationOperation.iamRemediationActivityType,
      remediationOperation.iamProblem,
      remediationOperation.problemCreationDate
    )

    (remediationOperation.iamRemediationActivityType, remediationOperation.iamProblem) match {
    // Outdated credentials
      case (Warning, OutdatedCredential) =>
        val notification = AnghammaradNotifications.outdatedCredentialWarning(awsAccount, iamUser, problemCreationDate, now)
        for {
          snsId <- AnghammaradNotifications.send(notification, notificationTopicArn, snsClient)
          _ <- dynamo.writeRemediationActivity(thisRemediationActivity, tableName)
        } yield snsId

      case (FinalWarning, OutdatedCredential) =>
        val notification = AnghammaradNotifications.outdatedCredentialFinalWarning(awsAccount, iamUser, problemCreationDate, now)
        for {
          snsId <- AnghammaradNotifications.send(notification, notificationTopicArn, snsClient)
          _ <- dynamo.writeRemediationActivity(thisRemediationActivity, tableName)
        } yield snsId

      case (Remediation, OutdatedCredential) =>
        val notification = AnghammaradNotifications.outdatedCredentialRemediation(awsAccount, iamUser, problemCreationDate)
        for {
          // disable the correct credential
          userCredentialInformation <- IAMClient.listUserAccessKeys(awsAccount, iamUser, iamClients)
          credentialToDisable <- lookupCredentialId(problemCreationDate, userCredentialInformation)
          _ <- IAMClient.disableAccessKey(awsAccount, credentialToDisable.username, credentialToDisable.accessKeyId, iamClients)
          // send a notification to say this is what we have done
          notificationId <- AnghammaradNotifications.send(notification, notificationTopicArn, snsClient)
          // save a record of the change
          _ <- dynamo.writeRemediationActivity(thisRemediationActivity,tableName)
        } yield notificationId
    }
  }