1 files changed, 17 insertions, 5 deletions

diff --git a/moon_authz/moon_authz/api/authorization.py b/moon_authz/moon_authz/api/authorization.py
index e939604b..84114466 100644
--- a/moon_authz/moon_authz/api/authorization.py
+++ b/moon_authz/moon_authz/api/authorization.py
@@ -89,16 +89,28 @@ class Authz(Resource):
         # Context.update_target(context)
         if not self.context.pdp_set:
             raise exceptions.PdpUnknown
+        if current_header_id not in self.context.pdp_set:
+            raise Exception('Invalid index')
         current_pdp = self.context.pdp_set[current_header_id]
         category_list = list()
-        category_list.extend(current_pdp["meta_rules"]["subject_categories"])
-        category_list.extend(current_pdp["meta_rules"]["object_categories"])
-        category_list.extend(current_pdp["meta_rules"]["action_categories"])
+        if 'meta_rules' not in current_pdp:
+            raise exceptions.PdpContentError
+        try:
+            category_list.extend(current_pdp["meta_rules"]["subject_categories"])
+            category_list.extend(current_pdp["meta_rules"]["object_categories"])
+            category_list.extend(current_pdp["meta_rules"]["action_categories"])
+        except Exception:
+            raise exceptions.MetaRuleContentError
+        if 'target' not in current_pdp:
+            raise exceptions.PdpContentError
         for category in category_list:
             scope = list(current_pdp['target'][category])
             scopes_list.append(scope)
         # policy_id = self.cache.get_policy_from_meta_rules("admin", current_header_id)
-
+        if self.context.current_policy_id not in self.cache.rules:
+            raise exceptions.PolicyUnknown
+        if 'rules' not in self.cache.rules[self.context.current_policy_id]:
+            raise exceptions.RuleUnknown
         for item in itertools.product(*scopes_list):
             req = list(item)
             for rule in self.cache.rules[self.context.current_policy_id]["rules"]:
@@ -365,4 +377,4 @@ class Authz(Resource):
 
     def head(self, uuid=None, subject_name=None, object_name=None, action_name=None):
         logger.info("HEAD request")
-        return "", 200
\ No newline at end of file
+        return "", 200