def create_gateway(volume_id, email, gateway_type, gateway_name, host, port,
**kwargs):
if "encryption_password" in kwargs.keys():
del kwargs['encryption_password']
# verify gateway type...
if gateway_type not in [GATEWAY_TYPE_UG, GATEWAY_TYPE_RG, GATEWAY_TYPE_AG]:
raise Exception("Unrecognized Gateway type %s" % gateway_type)
gateway_type_str = GATEWAY_TYPE_TO_STR[gateway_type]
caller_user = _check_authenticated(kwargs)
# user and volume must both exist
user, volume = _read_user_and_volume(email, volume_id)
if user == None:
raise Exception("No such user '%s'" % email)
if (volume == None or volume.deleted):
raise Exception("No such volume '%s'" % volume_id)
# if the caller user doesn't own this Volume (or isn't an admin), (s)he must have a valid access request
if not caller_user.is_admin and caller_user.owner_id != volume.owner_id:
# caller user must be the same as the user
if caller_user.owner_id != user.owner_id:
raise Exception("Caller can only create gateways for itself.")
# if the volume is not public, then there needs to be a volume access request that is granted to this user.
if not volume.private:
# check access status
access_request = VolumeAccessRequest.GetAccess(
user.owner_id, volume.volume_id)
if access_request == None:
# user has not been given permission to access this volume
raise Exception(
"User '%s' is not allowed to access Volume '%s'" %
(caller_user.email, volume.name))
if access_request.status != VolumeAccessRequest.STATUS_GRANTED:
# user has not been given permission to create a gateway here
raise Exception(
"User '%s' is not allowed to create a Gateway in Volume '%s'"
% (caller_user.email, volume.name))
else:
# verify caps
requested_caps = kwargs.get("caps", None)
if requested_caps is not None and requested_caps != access_request.gateway_caps:
raise Exception(
"User '%s' is not allowed to set Gateway capabilities '%s'"
% requested_caps)
# verify the caller is allowed to create this kind of gateway
if not access_request.is_gateway_type_allowed(gateway_type):
raise Exception(
"User '%s' is not allowed to create %s Gateways" %
(gateway_type_str))
# user is allowed to create this gateway in this Volume...
# verify quota
gateway_quota = user.get_gateway_quota(gateway_type)
if gateway_quota == 0:
gateway_type_str = GATEWAY_TYPE_TO_STR[gateway_type]
raise Exception("User '%s' cannot own %s Gateways" %
(email, gateway_type_str))
if gateway_quota > 0:
gateway_ids = list_gateways_by_user(user.email,
caller_user=user,
keys_only=True)
if len(gateway_ids) > gateway_quota:
gateway_type_str = GATEWAY_TYPE_TO_STR[gateway_type]
raise Exception(
"User '%s' has exceeded quota (%s) for %s Gateways" %
(email, gateway_quota, gateway_type_str))
gateway_key = Gateway.Create(user,
volume,
gateway_type=gateway_type,
name=gateway_name,
host=host,
port=port,
**kwargs)
gw = gateway_key.get()
# reversion volume cert?
if gw is not None:
storagetypes.deferred.defer(Volume.Reversion, volume_id)
return gw
if writer_gateways_qry.count() > 0:
# there's already a writer
raise Exception("Archive volume '%s' already has a writer" %
(volume.name))
# sanity check: name can't be numeric
tmp = None
try:
tmp = int(gateway_name)
except:
pass
if tmp is not None:
raise Exception("Invalid gateway name: cannot be numeric")
gateway_key = Gateway.Create(user, volume, gateway_cert, driver_text)
# put cert bundle as well
if cert_bundle is not None:
rc = VolumeCertBundle.Put(volume_id, cert_bundle_bin)
if not rc:
raise Exception("Invalid volume cert bundle")
gw = gateway_key.get()
return gw
# ----------------------------------
def read_gateway(g_name_or_id):
return Gateway.Read(g_name_or_id)