Simplify message of exception PolicyNotAuthorized

The message is a string, and target and credentials are dicts. Not only do they make the message very ugly and hard for a human to parse, but they are giving information that is typically unnecessary and won't be understood by most users. Closes-Bug: #1673859 Change-Id: Iabd7d6ebb0fda1c631bb219846643a065fa4fb31
2017-03-24 16:00:28 +08:00 · 2017-03-24 16:00:28 +08:00 · 4cc14178ef
commit 4cc14178ef
parent 6da8fe15be
2 changed files with 5 additions and 5 deletions
--- a/oslo_policy/policy.py
+++ b/oslo_policy/policy.py
@ -296,9 +296,7 @@ class PolicyNotAuthorized(Exception):
    """Default exception raised for policy enforcement failure."""

    def __init__(self, rule, target, creds):
-        msg = (_('%(target)s is disallowed by policy rule %(rule)s '
-                 'with %(creds)s ') %
-               {'rule': rule, 'target': target, 'creds': creds})
+        msg = _("%(rule)s is disallowed by policy") % {'rule': rule}
        super(PolicyNotAuthorized, self).__init__(msg)


--- a/oslo_policy/tests/test_policy.py
+++ b/oslo_policy/tests/test_policy.py
@ -724,8 +724,10 @@ class CheckFunctionTestCase(base.PolicyBaseTestCase):
        # raised.
        self.enforcer.set_rules(dict(default=_checks.FalseCheck()))

-        self.assertRaises(policy.PolicyNotAuthorized, self.enforcer.enforce,
-                          'rule', 'target', 'creds', True)
+        self.assertRaisesRegex(policy.PolicyNotAuthorized,
+                               " is disallowed by policy",
+                               self.enforcer.enforce,
+                               'rule', 'target', 'creds', True)

    def test_check_raise_custom_exception(self):
        self.enforcer.set_rules(dict(default=_checks.FalseCheck()))