def remove_volume_access(email, volume_name_or_id, **caller_user_dict):
caller_user = _check_authenticated(caller_user_dict)
user, volume = _read_user_and_volume(email, volume_name_or_id)
# defensive checks...
if user == None:
raise Exception("No such user '%s'" % email)
if volume == None or volume.deleted:
raise Exception("No such volume '%s'" % volume_name_or_id)
if volume.owner_id == caller_user.owner_id or caller_user.is_admin:
# delete the access request...this user cannot create any more gateways
return VolumeAccessRequest.RemoveAccessRequest(user.owner_id,
volume.volume_id)
else:
# can't delete
raise Exception(
"User '%s' is insufficiently privileged to alter access rights for User '%s' in Volume '%s'"
% (caller_user.email, user.email, volume.name))
def remove_user_from_volume(email, volume_name_or_id):
# NOTE: it's assumed that the caller has done the appropriate authentication.
user, volume = _read_user_and_volume(email, volume_name_or_id)
# user and volume must exist
if user is None:
raise Exception("No such user '%s'" % email)
if volume is None or volume.deleted:
raise Exception("No such Volume '%s'" % email)
# delete the volume access request
rc = VolumeAccessRequest.RemoveAccessRequest(user.owner_id,
volume.volume_id)
assert rc is True, "Failed to remove access request for %s in %s" % (
email, volume.name)
storagetypes.deferred.defer(_remove_user_from_volume_helper, user.owner_id,
volume.volume_id)
return True