diff options
author | 2015-07-02 18:03:24 +0200 | |
---|---|---|
committer | 2015-07-02 18:03:24 +0200 | |
commit | fddda06efce86d6f7c56812cd86141485521d03c (patch) | |
tree | ef2ddb4a7b7c2b5a0847f7f3b53aaadaa0348ba2 /keystone-moon/keystone/contrib/moon/exception.py | |
parent | ec2b74ff230e3a58e0113c13f206efe223180800 (diff) |
Add hierarchical exceptions in Moon.
Change-Id: I609b39980760cf40fed651320e8683578f9bd919
Diffstat (limited to 'keystone-moon/keystone/contrib/moon/exception.py')
-rw-r--r-- | keystone-moon/keystone/contrib/moon/exception.py | 371 |
1 files changed, 328 insertions, 43 deletions
diff --git a/keystone-moon/keystone/contrib/moon/exception.py b/keystone-moon/keystone/contrib/moon/exception.py index 20a7d737..b0ec740b 100644 --- a/keystone-moon/keystone/contrib/moon/exception.py +++ b/keystone-moon/keystone/contrib/moon/exception.py @@ -7,106 +7,391 @@ from keystone.common import dependency from keystone.exception import Error from keystone.i18n import _, _LW + +class MoonErrorMetaClass(type): + + def __init__(cls, name, bases, dct): + super(MoonErrorMetaClass, cls).__init__(name, bases, dct) + cls.hierarchy += "/"+str(name) + + @dependency.requires('moonlog_api') -class TenantError(Error): - message_format = _("There is an error requesting this tenant" - " the server could not comply with the request" - " since it is either malformed or otherwise" - " incorrect. The client is assumed to be in error.") +class MoonError(Error): + __metaclass__ = MoonErrorMetaClass + hierarchy = "" + message_format = _("There is an error requesting the Moon platform.") code = 400 - title = 'Tenant Error' + title = 'Moon Error' logger = "ERROR" def __del__(self): + message = "{} ({})".format(self.hierarchy, self.message_format) if self.logger == "ERROR": - self.moonlog_api.error(self.message_format) + self.moonlog_api.error(message) elif self.logger == "WARNING": - self.moonlog_api.warning(self.message_format) + self.moonlog_api.warning(message) elif self.logger == "CRITICAL": - self.moonlog_api.critical(self.message_format) + self.moonlog_api.critical(message) elif self.logger == "AUTHZ": - self.moonlog_api.authz(self.message_format) - self.moonlog_api.error(self.message_format) + self.moonlog_api.authz(self.hierarchy) + self.moonlog_api.error(message) else: - self.moonlog_api.info(self.message_format) + self.moonlog_api.info(message) + +# Exceptions for Tenant + + +class TenantException(MoonError): + message_format = _("There is an error requesting this tenant.") + code = 400 + title = 'Tenant Error' + logger = "ERROR" -class TenantListEmptyError(TenantError): +class TenantListEmpty(TenantException): message_format = _("The tenant list mapping is empty, you must set the mapping first.") code = 400 title = 'Tenant List Empty Error' + logger = "WARNING" -class TenantNotFoundError(TenantError): +class TenantNotFound(TenantException): message_format = _("The tenant UUID was not found.") code = 400 title = 'Tenant UUID Not Found Error' -class IntraExtensionError(TenantError): - message_format = _("There is an error requesting this IntraExtension.") - code = 400 - title = 'Extension Error' +# Exceptions for IntraExtension -class CategoryNotFound(IntraExtensionError): - message_format = _("The category is unknown.") +class IntraExtensionException(MoonError): + message_format = _("There is an error requesting this IntraExtension.") code = 400 title = 'Extension Error' - logger = "WARNING" -class IntraExtensionUnMapped(TenantError): +class IntraExtensionUnMapped(IntraExtensionException): message_format = _("The Extension is not mapped to a tenant.") code = 400 title = 'Extension UUID Not Found Error' logger = "WARNING" -class IntraExtensionNotFound(IntraExtensionError): +class IntraExtensionNotFound(IntraExtensionException): message_format = _("The Extension for that tenant is unknown.") code = 400 title = 'Extension UUID Not Found Error' logger = "WARNING" -class IntraExtensionNotAuthorized(IntraExtensionError): - message_format = _("User has no authorization for that action.") +class IntraExtensionCreationError(IntraExtensionException): + message_format = _("The arguments for the creation of this Extension were malformed.") code = 400 - title = 'Authorization Error' + title = 'Intra Extension Creation Error' + + +# Authz exceptions + + +class AuthzException(MoonError): + message_format = _("There is an error requesting this Authz IntraExtension.") + code = 400 + title = 'Authz Exception' logger = "AUTHZ" -class AdminIntraExtensionNotFound(IntraExtensionNotFound): - message_format = _("The admin Extension for that tenant is unknown.") +class AuthzPerimeter(AuthzException): + code = 400 + title = 'Perimeter Exception' + + +class AuthzScope(AuthzException): + code = 400 + title = 'Scope Exception' + + +class AuthzMetadata(AuthzException): + code = 400 + title = 'Metadata Exception' + + +class AuthzAssignment(AuthzException): + code = 400 + title = 'Assignment Exception' + + +class AuthzRule(AuthzException): + code = 400 + title = 'Rule Exception' + + +class SubjectUnknown(AuthzPerimeter): + message_format = _("The given subject is unknown.") + code = 400 + title = 'Subject Unknown' + logger = "ERROR" + + +class ObjectUnknown(AuthzPerimeter): + message_format = _("The given object is unknown.") code = 400 - title = 'Admin Extension UUID Not Found Error' + title = 'Object Unknown' + logger = "ERROR" + + +class ActionUnknown(AuthzPerimeter): + message_format = _("The given action is unknown.") + code = 400 + title = 'Action Unknown' + logger = "ERROR" + + +class SubjectCategoryAssignmentOutOfScope(AuthzScope): + message_format = _("The given subject category scope value is out of scope.") + code = 400 + title = 'Subject Category Assignment Out Of Scope' logger = "WARNING" -class AdminIntraExtensionCreationError(IntraExtensionError): - message_format = _("The arguments for the creation of this admin Extension were malformed.") +class ActionCategoryAssignmentOutOfScope(AuthzScope): + message_format = _("The given action category scope value is out of scope.") code = 400 - title = 'Admin Extension Creation Error' + title = 'Action Category Assignment Out Of Scope' + logger = "WARNING" -class AdminIntraExtensionModificationNotAuthorized(IntraExtensionError): - message_format = _("The modification of this admin Extension is not authorizaed.") +class ObjectCategoryAssignmentOutOfScope(AuthzScope): + message_format = _("The given object category scope value is out of scope.") code = 400 - title = 'Admin Extension Creation Error' - logger = "AUTHZ" + title = 'Object Category Assignment Out Of Scope' + logger = "WARNING" -class AuthIntraExtensionModificationNotAuthorized(IntraExtensionError): - message_format = _("The modification of this authz Extension is not authorizaed.") + +class SubjectCategoryAssignmentUnknown(AuthzAssignment): + message_format = _("The given subject category assignment value is unknown.") code = 400 - title = 'Authz Extension Creation Error' - logger = "AUTHZ" + title = 'Subject Category Assignment Unknown' + logger = "ERROR" + + +class ObjectCategoryAssignmentUnknown(AuthzAssignment): + message_format = _("The given object category assignment value is unknown.") + code = 400 + title = 'Object Category Assignment Unknown' + logger = "ERROR" -class AuthzIntraExtensionNotFound(IntraExtensionNotFound): - message_format = _("The authz Extension for that tenant is unknown.") +class ActionCategoryAssignmentUnknown(AuthzAssignment): + message_format = _("The given action category assignment value is unknown.") code = 400 - title = 'Authz Extension UUID Not Found Error' + title = 'Action Category Assignment Unknown' + logger = "ERROR" + + +class RuleOKNotExisting(AuthzRule): + message_format = _("The positive rule for that request doen't exist.") + code = 400 + title = 'Rule OK Not Existing' logger = "WARNING" + +class RuleKOExisting(AuthzRule): + message_format = _("The request match a negative rule.") + code = 400 + title = 'Rule KO Existing' + logger = "ERROR" + + +class RuleUnknown(AuthzRule): + message_format = _("The rule for that request doesn't exist.") + code = 400 + title = 'Rule Unknown' + logger = "ERROR" + + +# Admin exceptions + + +class AdminException(MoonError): + message_format = _("There is an authorization error requesting this IntraExtension.") + code = 403 + title = 'Admin Exception' + logger = "AUTHZ" + + +class AdminPerimeter(AuthzException): + title = 'Perimeter Exception' + + +class AdminScope(AuthzException): + title = 'Scope Exception' + + +class AdminMetadata(AuthzException): + title = 'Metadata Exception' + + +class AdminAssignment(AuthzException): + title = 'Assignment Exception' + + +class AdminRule(AuthzException): + title = 'Rule Exception' + + +class SubjectReadNotAuthorized(AdminPerimeter): + title = 'Subject Read Not Authorized' + + +class SubjectAddNotAuthorized(AdminPerimeter): + title = 'Subject Add Not Authorized' + + +class SubjectDelNotAuthorized(AdminPerimeter): + title = 'Subject Del Not Authorized' + + +class ObjectReadNotAuthorized(AdminPerimeter): + title = 'Object Read Not Authorized' + + +class ObjectAddNotAuthorized(AdminPerimeter): + title = 'Object Add Not Authorized' + + +class ObjectDelNotAuthorized(AdminPerimeter): + title = 'Object Del Not Authorized' + + +class ActionReadNotAuthorized(AdminPerimeter): + title = 'Action Read Not Authorized' + + +class ActionAddNotAuthorized(AdminPerimeter): + title = 'Action Add Not Authorized' + + +class ActionDelNotAuthorized(AdminPerimeter): + title = 'Action Del Not Authorized' + + +class SubjectCategoryScopeReadNotAuthorized(AuthzException): + title = 'Subject Category Scope Read Not Authorized' + + +class SubjectCategoryScopeAddNotAuthorized(AuthzException): + title = 'Subject Category Scope Add Not Authorized' + + +class SubjectCategoryScopeDelNotAuthorized(AuthzException): + title = 'Subject Category Scope Del Not Authorized' + + +class ObjectCategoryScopeReadNotAuthorized(AuthzException): + title = 'Object Category Scope Read Not Authorized' + + +class ObjectCategoryScopeAddNotAuthorized(AuthzException): + title = 'Object Category Scope Add Not Authorized' + + +class ObjectCategoryScopeDelNotAuthorized(AuthzException): + title = 'Object Category Scope Del Not Authorized' + + +class ActionCategoryScopeReadNotAuthorized(AuthzException): + title = 'Action Category Scope Read Not Authorized' + + +class ActionCategoryScopeAddNotAuthorized(AuthzException): + title = 'Action Category Scope Add Not Authorized' + + +class ActionCategoryScopeDelNotAuthorized(AuthzException): + title = 'Action Category Scope Del Not Authorized' + + +class SubjectCategoryReadNotAuthorized(AdminMetadata): + title = 'Subject Category Read Not Authorized' + logger = "AUTHZ" + + +class SubjectCategoryAddNotAuthorized(AdminMetadata): + title = 'Subject Category Add Not Authorized' + + +class SubjectCategoryDelNotAuthorized(AdminMetadata): + title = 'Subject Category Del Not Authorized' + + +class ObjectCategoryReadNotAuthorized(AdminMetadata): + title = 'Object Category Read Not Authorized' + + +class ObjectCategoryAddNotAuthorized(AdminMetadata): + title = 'Object Category Add Not Authorized' + + +class ObjectCategoryDelNotAuthorized(AdminMetadata): + title = 'Object Category Del Not Authorized' + + +class ActionCategoryReadNotAuthorized(AdminMetadata): + title = 'Action Category Read Not Authorized' + + +class ActionCategoryAddNotAuthorized(AdminMetadata): + title = 'Action Category Add Not Authorized' + + +class ActionCategoryDelNotAuthorized(AdminMetadata): + title = 'Action Category Del Not Authorized' + + +class SubjectCategoryAssignmentReadNotAuthorized(AdminAssignment): + title = 'Subject Category Assignment Read Not Authorized' + + +class SubjectCategoryAssignmentAddNotAuthorized(AdminAssignment): + title = 'Subject Category Assignment Add Not Authorized' + + +class SubjectCategoryAssignmentDelNotAuthorized(AdminAssignment): + title = 'Subject Category Assignment Del Not Authorized' + + +class ObjectCategoryAssignmentReadNotAuthorized(AdminAssignment): + title = 'Object Category Assignment Read Not Authorized' + + +class ObjectCategoryAssignmentAddNotAuthorized(AdminAssignment): + title = 'Object Category Assignment Add Not Authorized' + + +class ObjectCategoryAssignmentDelNotAuthorized(AdminAssignment): + title = 'Object Category Assignment Del Not Authorized' + + +class ActionCategoryAssignmentReadNotAuthorized(AdminAssignment): + title = 'Action Category Assignment Read Not Authorized' + + +class ActionCategoryAssignmentAddNotAuthorized(AdminAssignment): + title = 'Action Category Assignment Add Not Authorized' + + +class ActionCategoryAssignmentDelNotAuthorized(AdminAssignment): + title = 'Action Category Assignment Del Not Authorized' + + +class RuleReadNotAuthorized(AdminRule): + title = 'Rule Read Not Authorized' + + +class RuleAddNotAuthorized(AdminRule): + title = 'Rule Add Not Authorized' + + +class RuleDelNotAuthorized(AdminRule): + title = 'Rule Del Not Authorized' |