def gateway_check_consistent( config, gateway, gateway_type, user_email, volume_name, **attrs ): """ Ensure that an existing gateway is consistent with the given fields. * We must have a user certificate on-file * We must have a volume certificate on-file Return a dict with inconsistent fields (empty dict indicates consistent) """ # sanity check ignore = [] for key in attrs.keys(): if key not in gateway.keys(): ignore.append(key) user_cert = certs.get_user_cert( config, user_email ) if user_cert is None: raise Exception("No certificate found for user '%s'" % user_email) volume_cert = certs.get_volume_cert( config, volume_name ) if volume_cert is None: raise Exception("No certificate found for volume '%s'" % volume_name ) type_aliases = object_stub.load_gateway_type_aliases( config ) type_id = type_aliases.get( gateway_type, None ) if type_id is None: raise Exception("Invalid gateway type '%s'" % gateway_type ) inconsistent = {} if not gateway.has_key('volume_id'): raise Exception("Missing volume_id:\n%s" % json.dumps(gateway,indent=4,sort_keys=True)) if not gateway.has_key('owner_id'): raise Exception("Missing owner_id:\n%s" % json.dumps(gateway,indent=4,sort_keys=True)) # validate if gateway['volume_id'] != volume_cert.volume_id: log.debug("Gateway mismatch: does not match volume") inconsistent['volume_id'] = volume_cert.volume_id if gateway['owner_id'] != user_cert.user_id: log.debug("Gateway mismatch: does not match user") inconsistent['owner_id'] = user_cert.user_id for key in attrs.keys(): if key in ignore: continue if gateway[key] != attrs[key]: # special case: caps if key == "caps": if object_stub.Gateway.parse_gateway_caps(attrs[key], None)[0] == gateway[key]: # not inconsistent continue inconsistent[key] = attrs[key] return inconsistent
def list_gateways_by_type( config, volume_id, gateway_type_str ): """ Find all the gateways for a given volume with a particular type. The type should be a type alias, like "UG" or "RG" or "AG" Return the list of gateway certs on success. Raise on error """ gateway_cert_paths = certs.list_gateway_cert_paths( config ) ret = [] type_aliases = object_stub.load_gateway_type_aliases( config ) if type_aliases is None: raise Exception("Missing gateway type aliases") gateway_type = type_aliases.get(gateway_type_str, None) if gateway_type is None: raise ValueError("Unknown gateway type alias '%s'" % gateway_type_str ) for path in gateway_cert_paths: gateway_cert = None try: with open(path, "r") as f: cert_bin = f.read() gateway_cert = ms_pb2.ms_gateway_cert() gateway_cert.ParseFromString( cert_bin ) except Exception, e: log.exception(e) log.error("Failed to load '%s'" % path) return None if gateway_cert.volume_id != volume_id: continue if gateway_cert.gateway_type != gateway_type: continue log.debug("%s is type %s" % (gateway_cert.name, gateway_type)) ret.append( gateway_cert )
def list_gateways_by_type(config, volume_id, gateway_type_str): """ Find all the gateways for a given volume with a particular type. The type should be a type alias, like "UG" or "RG" or "AG" Return the list of gateway certs on success. Raise on error """ gateway_cert_paths = certs.list_gateway_cert_paths(config) ret = [] type_aliases = object_stub.load_gateway_type_aliases(config) if type_aliases is None: raise Exception("Missing gateway type aliases") gateway_type = type_aliases.get(gateway_type_str, None) if gateway_type is None: raise ValueError("Unknown gateway type alias '%s'" % gateway_type_str) for path in gateway_cert_paths: gateway_cert = None try: with open(path, "r") as f: cert_bin = f.read() gateway_cert = ms_pb2.ms_gateway_cert() gateway_cert.ParseFromString(cert_bin) except Exception, e: log.exception(e) log.error("Failed to load '%s'" % path) return None if gateway_cert.volume_id != volume_id: continue if gateway_cert.gateway_type != gateway_type: continue log.debug("%s is type %s" % (gateway_cert.name, gateway_type)) ret.append(gateway_cert)
def gateway_check_consistent(config, gateway, gateway_type, user_email, volume_name, **attrs): """ Ensure that an existing gateway is consistent with the given fields. * We must have a user certificate on-file * We must have a volume certificate on-file Return a dict with inconsistent fields (empty dict indicates consistent) """ # sanity check ignore = [] for key in attrs.keys(): if key not in gateway.keys(): ignore.append(key) user_cert = certs.get_user_cert(config, user_email) if user_cert is None: raise Exception("No certificate found for user '%s'" % user_email) volume_cert = certs.get_volume_cert(config, volume_name) if volume_cert is None: raise Exception("No certificate found for volume '%s'" % volume_name) type_aliases = object_stub.load_gateway_type_aliases(config) type_id = type_aliases.get(gateway_type, None) if type_id is None: raise Exception("Invalid gateway type '%s'" % gateway_type) inconsistent = {} if not gateway.has_key('volume_id'): raise Exception("Missing volume_id:\n%s" % json.dumps(gateway, indent=4, sort_keys=True)) if not gateway.has_key('owner_id'): raise Exception("Missing owner_id:\n%s" % json.dumps(gateway, indent=4, sort_keys=True)) # validate if gateway['volume_id'] != volume_cert.volume_id: log.debug("Gateway mismatch: does not match volume") inconsistent['volume_id'] = volume_cert.volume_id if gateway['owner_id'] != user_cert.user_id: log.debug("Gateway mismatch: does not match user") inconsistent['owner_id'] = user_cert.user_id for key in attrs.keys(): if key in ignore: continue if gateway[key] != attrs[key]: # special case: caps if key == "caps": if object_stub.Gateway.parse_gateway_caps( attrs[key], None)[0] == gateway[key]: # not inconsistent continue inconsistent[key] = attrs[key] return inconsistent