policies: pass direct exception from expression policies
This commit is contained in:
parent
33f208657c
commit
f8b4b92e8d
|
@ -1,6 +1,14 @@
|
|||
"""policy exceptions"""
|
||||
from typing import Optional
|
||||
|
||||
from authentik.lib.sentry import SentryIgnoredException
|
||||
|
||||
|
||||
class PolicyException(SentryIgnoredException):
|
||||
"""Exception that should be raised during Policy Evaluation, and can be recovered from."""
|
||||
|
||||
src_exc: Optional[Exception] = None
|
||||
|
||||
def __init__(self, src_exc: Optional[Exception] = None) -> None:
|
||||
super().__init__()
|
||||
self.src_exc = src_exc
|
||||
|
|
|
@ -55,7 +55,7 @@ class PolicyEvaluator(BaseEvaluator):
|
|||
|
||||
def handle_error(self, exc: Exception, expression_source: str):
|
||||
"""Exception Handler"""
|
||||
raise PolicyException(str(exc)) from exc
|
||||
raise PolicyException(exc)
|
||||
|
||||
def evaluate(self, expression_source: str) -> PolicyResult:
|
||||
"""Parse and evaluate expression. Policy is expected to return a truthy object.
|
||||
|
|
|
@ -83,8 +83,10 @@ class PolicyProcess(Process):
|
|||
result=policy_result,
|
||||
)
|
||||
except PolicyException as exc:
|
||||
# Either use passed original exception or whatever we have
|
||||
src_exc = exc.src_exc if exc.src_exc else exc
|
||||
error_string = "".join(format_tb(src_exc.__traceback__)) + str(src_exc)
|
||||
# Create policy exception event
|
||||
error_string = "".join(format_tb(exc.__traceback__)) + str(exc)
|
||||
self.create_event(EventAction.POLICY_EXCEPTION, message=error_string)
|
||||
LOGGER.debug("P_ENG(proc): error", exc=exc)
|
||||
policy_result = PolicyResult(False, str(exc))
|
||||
|
|
Reference in a new issue