policies: pass direct exception from expression policies

This commit is contained in:
Jens Langhammer 2021-01-16 15:41:19 +01:00
parent 33f208657c
commit f8b4b92e8d
3 changed files with 12 additions and 2 deletions

View file

@ -1,6 +1,14 @@
"""policy exceptions""" """policy exceptions"""
from typing import Optional
from authentik.lib.sentry import SentryIgnoredException from authentik.lib.sentry import SentryIgnoredException
class PolicyException(SentryIgnoredException): class PolicyException(SentryIgnoredException):
"""Exception that should be raised during Policy Evaluation, and can be recovered from.""" """Exception that should be raised during Policy Evaluation, and can be recovered from."""
src_exc: Optional[Exception] = None
def __init__(self, src_exc: Optional[Exception] = None) -> None:
super().__init__()
self.src_exc = src_exc

View file

@ -55,7 +55,7 @@ class PolicyEvaluator(BaseEvaluator):
def handle_error(self, exc: Exception, expression_source: str): def handle_error(self, exc: Exception, expression_source: str):
"""Exception Handler""" """Exception Handler"""
raise PolicyException(str(exc)) from exc raise PolicyException(exc)
def evaluate(self, expression_source: str) -> PolicyResult: def evaluate(self, expression_source: str) -> PolicyResult:
"""Parse and evaluate expression. Policy is expected to return a truthy object. """Parse and evaluate expression. Policy is expected to return a truthy object.

View file

@ -83,8 +83,10 @@ class PolicyProcess(Process):
result=policy_result, result=policy_result,
) )
except PolicyException as exc: except PolicyException as exc:
# Either use passed original exception or whatever we have
src_exc = exc.src_exc if exc.src_exc else exc
error_string = "".join(format_tb(src_exc.__traceback__)) + str(src_exc)
# Create policy exception event # Create policy exception event
error_string = "".join(format_tb(exc.__traceback__)) + str(exc)
self.create_event(EventAction.POLICY_EXCEPTION, message=error_string) self.create_event(EventAction.POLICY_EXCEPTION, message=error_string)
LOGGER.debug("P_ENG(proc): error", exc=exc) LOGGER.debug("P_ENG(proc): error", exc=exc)
policy_result = PolicyResult(False, str(exc)) policy_result = PolicyResult(False, str(exc))