policy(minor): improve error handling

This commit is contained in:
Jens Langhammer 2019-10-02 22:28:39 +02:00
parent d44ac6e2a3
commit de0b137b1e
3 changed files with 13 additions and 3 deletions

View file

@ -15,6 +15,7 @@ from django.utils.translation import gettext as _
from model_utils.managers import InheritanceManager from model_utils.managers import InheritanceManager
from structlog import get_logger from structlog import get_logger
from passbook.policy.exceptions import PolicyException
from passbook.core.signals import password_changed from passbook.core.signals import password_changed
from passbook.lib.models import CreatedUpdatedModel, UUIDModel from passbook.lib.models import CreatedUpdatedModel, UUIDModel
@ -245,7 +246,7 @@ class Policy(UUIDModel, CreatedUpdatedModel):
def passes(self, user: User) -> PolicyResult: def passes(self, user: User) -> PolicyResult:
"""Check if user instance passes this policy""" """Check if user instance passes this policy"""
raise NotImplementedError() raise PolicyException()
class FieldMatcherPolicy(Policy): class FieldMatcherPolicy(Policy):
"""Policy which checks if a field of the User model matches/doesn't match a """Policy which checks if a field of the User model matches/doesn't match a

View file

@ -0,0 +1,4 @@
"""policy exceptions"""
class PolicyException(Exception):
"""Exception that should be raised during Policy Evaluation, and can be recovered from."""

View file

@ -5,7 +5,8 @@ from typing import Any, Dict
from structlog import get_logger from structlog import get_logger
from passbook.core.models import Policy, User from passbook.core.models import Policy, User, PolicyResult
from passbook.policy.exceptions import PolicyException
LOGGER = get_logger(__name__) LOGGER = get_logger(__name__)
@ -27,7 +28,11 @@ class PolicyTask(Process):
setattr(self.user, key, value) setattr(self.user, key, value)
LOGGER.debug("Running policy `%s`#%s for user %s...", self.policy.name, LOGGER.debug("Running policy `%s`#%s for user %s...", self.policy.name,
self.policy.pk.hex, self.user) self.policy.pk.hex, self.user)
policy_result = self.policy.passes(self.user) try:
policy_result = self.policy.passes(self.user)
except PolicyException as exc:
LOGGER.debug(exc)
policy_result = PolicyResult(False, str(exc))
# Invert result if policy.negate is set # Invert result if policy.negate is set
if self.policy.negate: if self.policy.negate:
policy_result = not policy_result policy_result = not policy_result