policies: pass direct exception from expression policies
This commit is contained in:
parent
33f208657c
commit
f8b4b92e8d
|
@ -1,6 +1,14 @@
|
||||||
"""policy exceptions"""
|
"""policy exceptions"""
|
||||||
|
from typing import Optional
|
||||||
|
|
||||||
from authentik.lib.sentry import SentryIgnoredException
|
from authentik.lib.sentry import SentryIgnoredException
|
||||||
|
|
||||||
|
|
||||||
class PolicyException(SentryIgnoredException):
|
class PolicyException(SentryIgnoredException):
|
||||||
"""Exception that should be raised during Policy Evaluation, and can be recovered from."""
|
"""Exception that should be raised during Policy Evaluation, and can be recovered from."""
|
||||||
|
|
||||||
|
src_exc: Optional[Exception] = None
|
||||||
|
|
||||||
|
def __init__(self, src_exc: Optional[Exception] = None) -> None:
|
||||||
|
super().__init__()
|
||||||
|
self.src_exc = src_exc
|
||||||
|
|
|
@ -55,7 +55,7 @@ class PolicyEvaluator(BaseEvaluator):
|
||||||
|
|
||||||
def handle_error(self, exc: Exception, expression_source: str):
|
def handle_error(self, exc: Exception, expression_source: str):
|
||||||
"""Exception Handler"""
|
"""Exception Handler"""
|
||||||
raise PolicyException(str(exc)) from exc
|
raise PolicyException(exc)
|
||||||
|
|
||||||
def evaluate(self, expression_source: str) -> PolicyResult:
|
def evaluate(self, expression_source: str) -> PolicyResult:
|
||||||
"""Parse and evaluate expression. Policy is expected to return a truthy object.
|
"""Parse and evaluate expression. Policy is expected to return a truthy object.
|
||||||
|
|
|
@ -83,8 +83,10 @@ class PolicyProcess(Process):
|
||||||
result=policy_result,
|
result=policy_result,
|
||||||
)
|
)
|
||||||
except PolicyException as exc:
|
except PolicyException as exc:
|
||||||
|
# Either use passed original exception or whatever we have
|
||||||
|
src_exc = exc.src_exc if exc.src_exc else exc
|
||||||
|
error_string = "".join(format_tb(src_exc.__traceback__)) + str(src_exc)
|
||||||
# Create policy exception event
|
# Create policy exception event
|
||||||
error_string = "".join(format_tb(exc.__traceback__)) + str(exc)
|
|
||||||
self.create_event(EventAction.POLICY_EXCEPTION, message=error_string)
|
self.create_event(EventAction.POLICY_EXCEPTION, message=error_string)
|
||||||
LOGGER.debug("P_ENG(proc): error", exc=exc)
|
LOGGER.debug("P_ENG(proc): error", exc=exc)
|
||||||
policy_result = PolicyResult(False, str(exc))
|
policy_result = PolicyResult(False, str(exc))
|
||||||
|
|
Reference in a new issue