def _TranslateApitoolsException(self, e, key_name=None):
"""Translates apitools exceptions into their gsutil equivalents.
Args:
e: Any exception in TRANSLATABLE_APITOOLS_EXCEPTIONS.
key_name: Optional key name in request that caused the exception.
Returns:
CloudStorageApiServiceException for translatable exceptions, None
otherwise.
"""
if isinstance(e, apitools_exceptions.HttpError):
message = self._GetMessageFromHttpError(e)
if e.status_code == 400:
# It is possible that the Project ID is incorrect. Unfortunately the
# JSON API does not give us much information about what part of the
# request was bad.
return BadRequestException(message or 'Bad Request',
status=e.status_code)
elif e.status_code == 401:
if 'Login Required' in str(e):
return AccessDeniedException(
message or 'Access denied: login required.',
status=e.status_code)
elif 'insufficient_scope' in str(e):
# If the service includes insufficient scope error detail in the
# response body, this check can be removed.
return AccessDeniedException(
_INSUFFICIENT_OAUTH2_SCOPE_MESSAGE,
status=e.status_code,
body=self._GetAcceptableScopesFromHttpError(e))
elif e.status_code == 403:
if 'The account for the specified project has been disabled' in str(
e):
return AccessDeniedException(message
or 'Account disabled.',
status=e.status_code)
elif 'Daily Limit for Unauthenticated Use Exceeded' in str(e):
return AccessDeniedException(
message or 'Access denied: quota exceeded. '
'Is your project ID valid?',
status=e.status_code)
elif 'User Rate Limit Exceeded' in str(e):
return AccessDeniedException(
'Rate limit exceeded. Please retry this '
'request later.',
status=e.status_code)
elif 'Access Not Configured' in str(e):
return AccessDeniedException(
'Access Not Configured. Please go to the Google Cloud Platform '
'Console (https://cloud.google.com/console#/project) for your '
'project, select APIs & services, and enable the Google Cloud '
'KMS API.',
status=e.status_code)
elif 'insufficient_scope' in str(e):
# If the service includes insufficient scope error detail in the
# response body, this check can be removed.
return AccessDeniedException(
_INSUFFICIENT_OAUTH2_SCOPE_MESSAGE,
status=e.status_code,
body=self._GetAcceptableScopesFromHttpError(e))
else:
return AccessDeniedException(message or e.message
or key_name,
status=e.status_code)
elif e.status_code == 404:
return NotFoundException(message or e.message,
status=e.status_code)
elif e.status_code == 409 and key_name:
return ServiceException('The key %s already exists.' %
key_name,
status=e.status_code)
elif e.status_code == 412:
return PreconditionException(message, status=e.status_code)
return ServiceException(message, status=e.status_code)
def _TranslateApitoolsException(self, e, service_account_id=None):
"""Translates apitools exceptions into their gsutil equivalents.
Args:
e: Any exception in TRANSLATABLE_APITOOLS_EXCEPTIONS.
service_account_id: Optional service account ID that caused the exception.
Returns:
CloudStorageApiServiceException for translatable exceptions, None
otherwise.
"""
if isinstance(e, apitools_exceptions.HttpError):
message = self._GetMessageFromHttpError(e)
if e.status_code == 400:
# It is possible that the Project ID is incorrect. Unfortunately the
# JSON API does not give us much information about what part of the
# request was bad.
return BadRequestException(message or 'Bad Request',
status=e.status_code)
elif e.status_code == 401:
if 'Login Required' in str(e):
return AccessDeniedException(
message or 'Access denied: login required.',
status=e.status_code)
elif 'insufficient_scope' in str(e):
# If the service includes insufficient scope error detail in the
# response body, this check can be removed.
return AccessDeniedException(
_INSUFFICIENT_OAUTH2_SCOPE_MESSAGE,
status=e.status_code,
body=self._GetAcceptableScopesFromHttpError(e))
elif e.status_code == 403:
# Messaging for when the the originating credentials don't have access
# to impersonate a service account.
if 'The caller does not have permission' in str(e):
return AccessDeniedException(
'Service account impersonation failed. Please go to the Google '
'Cloud Platform Console (https://cloud.google.com/console), '
'select IAM & admin, then Service Accounts, and grant your '
'originating account the Service Account Token Creator role on '
'the target service account.')
# The server's errors message when IAM Credentials API aren't enabled
# are pretty great so we just display them.
if 'IAM Service Account Credentials API has not been used' in str(
e):
return AccessDeniedException(message)
if 'The account for the specified project has been disabled' in str(
e):
return AccessDeniedException(message
or 'Account disabled.',
status=e.status_code)
elif 'Daily Limit for Unauthenticated Use Exceeded' in str(e):
return AccessDeniedException(
message or 'Access denied: quota exceeded. '
'Is your project ID valid?',
status=e.status_code)
elif 'User Rate Limit Exceeded' in str(e):
return AccessDeniedException(
'Rate limit exceeded. Please retry this '
'request later.',
status=e.status_code)
elif 'Access Not Configured' in str(e):
return AccessDeniedException(
'Access Not Configured. Please go to the Google Cloud Platform '
'Console (https://cloud.google.com/console#/project) for your '
'project, select APIs & services, and enable the Google Cloud '
'IAM Credentials API.',
status=e.status_code)
elif 'insufficient_scope' in str(e):
# If the service includes insufficient scope error detail in the
# response body, this check can be removed.
return AccessDeniedException(
_INSUFFICIENT_OAUTH2_SCOPE_MESSAGE,
status=e.status_code,
body=self._GetAcceptableScopesFromHttpError(e))
else:
return AccessDeniedException(message or e.message
or service_account_id,
status=e.status_code)
elif e.status_code == 404:
return NotFoundException(message or e.message,
status=e.status_code)
elif e.status_code == 409 and service_account_id:
return ServiceException('The key %s already exists.' %
service_account_id,
status=e.status_code)
elif e.status_code == 412:
return PreconditionException(message, status=e.status_code)
return ServiceException(message, status=e.status_code)
def MockCreateVersionedBucket(self, bucket_name):
"""Creates a simple bucket without exercising the API directly."""
if bucket_name in self.buckets:
raise ServiceException('Bucket %s already exists.' % bucket_name,
status=409)
self.buckets[bucket_name] = MockBucket(bucket_name, versioned=True)