Fix the issue with the query command not recognizing the latest IAM definition (#221)

Author: kmcquade

policy_sentry/command/create_template.py

@@ -8,7 +8,7 @@
 import click_log
 from policy_sentry.writing.template import create_actions_template, create_crud_template
 
-logger = logging.getLogger()
+logger = logging.getLogger(__name__)
 click_log.basic_config(logger)
 
 

policy_sentry/command/initialize.py

@@ -120,9 +120,9 @@ def create_policy_sentry_config_directory():
     """
     print("Creating the database...")
     logger.debug(f"We will store the new database here: {DATASTORE_FILE_PATH}")
-    # If the database file already exists
-
+    # If the database file already exists, remove it
     if os.path.exists(LOCAL_DATASTORE_FILE_PATH):
+        logger.debug(f"The database at {DATASTORE_FILE_PATH} already exists. Removing and replacing it.")
         os.remove(LOCAL_DATASTORE_FILE_PATH)
     elif os.path.exists(CONFIG_DIRECTORY):
         pass

policy_sentry/command/query.py

@@ -26,7 +26,7 @@
     get_condition_key_details,
 )
 
-logger = logging.getLogger()
+logger = logging.getLogger(__name__)
 click_log.basic_config(logger)
 
 

policy_sentry/command/write_policy.py

@@ -10,7 +10,7 @@
 from policy_sentry.util.file import read_yaml_file
 from policy_sentry.writing.sid_group import SidGroup
 
-logger = logging.getLogger()
+logger = logging.getLogger(__name__)
 click_log.basic_config(logger)
 
 

policy_sentry/shared/constants.py

@@ -3,6 +3,9 @@
 """
 from pathlib import Path
 import os
+import logging
+
+logger = logging.getLogger()
 
 # General Folders
 HOME = str(Path.home())
@@ -19,13 +22,21 @@
 BASE_DOCUMENTATION_URL = "https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_actions-resources-contextkeys.html"
 
 # Data json file
+# On initialization, load the IAM data
 BUNDLED_DATASTORE_FILE_PATH = os.path.join(
     str(Path(os.path.dirname(__file__))), "data", "iam-definition.json"
 )
 LOCAL_DATASTORE_FILE_PATH = os.path.join(CONFIG_DIRECTORY, "iam-definition.json")
+# Check for the existence of the local datastore first.
 if os.path.exists(LOCAL_DATASTORE_FILE_PATH):
+    # If it exists, leverage that datastore instead of the one bundled with the python package
+    logger.info(f"The IAM definition at {LOCAL_DATASTORE_FILE_PATH} exists. "
+                f"Leveraging that IAM definition instead of the definition bundled with the python package. "
+                f"To leverage the bundled definition, remove the folder $HOME/.policy_sentry/")
     DATASTORE_FILE_PATH = LOCAL_DATASTORE_FILE_PATH
 else:
+    # Otherwise, leverage the datastore inside the python package
+    logger.debug("Leveraging the bundled IAM Definition.")
     DATASTORE_FILE_PATH = BUNDLED_DATASTORE_FILE_PATH
 
 # Overrides

policy_sentry/shared/iam_data.py

@@ -1,15 +1,14 @@
 """Used for loading the IAM data"""
-import os
 import json
 import logging
 import functools
+from policy_sentry.shared.constants import DATASTORE_FILE_PATH
 
+logger = logging.getLogger()
 # On initialization, load the IAM data
-iam_definition_path = os.path.join(
-    os.path.abspath(os.path.dirname(__file__)), "data", "iam-definition.json"
-)
+iam_definition_path = DATASTORE_FILE_PATH
+logger.info(f"Leveraging the IAM definition at {iam_definition_path}")
 iam_definition = json.load(open(iam_definition_path, "r"))
-logger = logging.getLogger(__name__)
 
 
 @functools.lru_cache(maxsize=1024)

policy_sentry/writing/validate.py

@@ -4,7 +4,7 @@
 import logging
 from schema import Optional, Schema, And, Use, SchemaError
 
-logger = logging.getLogger("__main__." + __name__)
+logger = logging.getLogger(__name__)
 
 
 def check(conf_schema, conf):