pam launch gateway lookup improvements

keepercommander/commands/pam_launch/launch.py

@@ -381,27 +381,23 @@ def execute(self, params: KeeperParams, **kwargs):
             logging.debug(f"Found gateway: {gateway_info['gateway_name']} ({gateway_info['gateway_uid']})")
             logging.debug(f"Configuration: {gateway_info['config_uid']}")
 
-            # Check if Gateway is online before attempting WebRTC connection
+            # Optionally check if Gateway appears online; if not, log warning and try anyway.
             try:
                 connected_gateways = router_get_connected_gateways(params)
-                connected_gateway_uids = [x.controllerUid for x in connected_gateways.controllers]
-                gateway_uid_bytes = url_safe_str_to_bytes(gateway_info['gateway_uid'])
-
-                if gateway_uid_bytes not in connected_gateway_uids:
-                    raise CommandError(
-                        'pam launch',
-                        f'Gateway "{gateway_info["gateway_name"]}" ({gateway_info["gateway_uid"]}) is currently offline. '
-                        f'Please start the Gateway before attempting to connect. '
-                        f'Use "pam gateway list" to check Gateway status.'
-                    )
-
-                logging.debug(f"✓ Gateway is online and connected")
+                if connected_gateways and connected_gateways.controllers:
+                    connected_gateway_uids = [x.controllerUid for x in connected_gateways.controllers]
+                    gateway_uid_bytes = url_safe_str_to_bytes(gateway_info['gateway_uid'])
+                    if gateway_uid_bytes not in connected_gateway_uids:
+                        logging.warning(
+                            'Gateway "%s" (%s) seems offline - trying to connect anyway.',
+                            gateway_info['gateway_name'], gateway_info['gateway_uid']
+                        )
+                    else:
+                        logging.debug(f"✓ Gateway is online and connected")
+                else:
+                    logging.warning('Gateway seems offline - trying to connect anyway.')
             except Exception as e:
-                # If router is down or there's an error checking status, still try to connect
-                # (the connection attempt will fail later with a more specific error)
-                if isinstance(e, CommandError):
-                    raise
-                logging.warning(f"Could not verify Gateway online status: {e}. Continuing anyway...")
+                logging.debug('Could not verify gateway status: %s. Continuing...', e)
 
             # Launch terminal connection
             result = launch_terminal_connection(params, record_uid, gateway_info, **kwargs)

keepercommander/commands/tunnel/port_forward/tunnel_helpers.py

@@ -20,6 +20,7 @@
 from ....proto import pam_pb2
 
 from ....commands.base import FolderMixin
+from ....commands.pam.config_helper import configuration_controller_get
 from ....commands.pam.pam_dto import GatewayAction, GatewayActionWebRTCSession
 from ....commands.pam.router_helper import router_get_relay_access_creds, get_dag_leafs, \
     get_router_ws_url, router_send_action_to_gateway
@@ -623,6 +624,12 @@ def get_config_uid_from_record(params, vault, record_uid):
 
 
 def get_gateway_uid_from_record(params, vault, record_uid):
+    """Resolve gateway UID for a PAM resource record (pamMachine, etc.).
+
+    Lookup flow: record_uid -> PAM_LINK DAG -> config_uid -> gateway (controller)
+    Gateway is read from config record's pamResources.controllerUid; if missing,
+    falls back to pam/get_configuration_controller API
+    """
     gateway_uid = ''
     pam_config_uid = get_config_uid_from_record(params, vault, record_uid)
     if pam_config_uid:
@@ -633,6 +640,16 @@ def get_gateway_uid_from_record(params, vault, record_uid):
             if value:
                 gateway_uid = value.get('controllerUid', '') or ''
 
+        # Fallback: ask server for controller when config record has no local controllerUid
+        if not gateway_uid:
+            try:
+                config_uid_bytes = url_safe_str_to_bytes(pam_config_uid)
+                controller = configuration_controller_get(params, config_uid_bytes)
+                if controller and controller.controllerUid:
+                    gateway_uid = utils.base64_url_encode(controller.controllerUid)
+            except Exception as e:
+                logging.debug('get_gateway_uid_from_record: get_configuration_controller fallback failed: %s', e)
+
     return gateway_uid