#11272 closed enhancement (fixed)
Improve error handling and reporting for AuthzPolicy — at Version 5
Reported by: | Ryan J Ollos | Owned by: | Ryan J Ollos |
---|---|---|---|
Priority: | normal | Milestone: | 1.0.2 |
Component: | general | Version: | 1.0-stable |
Severity: | normal | Keywords: | authzpolicy, exception |
Cc: | Jun Omae | Branch: | |
Release Notes: |
A |
||
API Changes: |
|
||
Internal Changes: |
Description (last modified by )
We can improve error handling and reporting for 3 scenarios that may be seen when using the AuthzPolicy.
- When an authz file has duplicated sections, Trac generates an internal error with a traceback:
Traceback (most recent call last): File "/home/user/Workspace/t8976/teo-rjollos.git/trac/web/main.py", line 497, in _dispatch_request dispatcher.dispatch(req) File "/home/user/Workspace/t8976/teo-rjollos.git/trac/web/main.py", line 214, in dispatch resp = chosen_handler.process_request(req) File "/home/user/Workspace/t8976/teo-rjollos.git/trac/wiki/web_ui.py", line 126, in process_request req.perm(page.resource).require('WIKI_VIEW') File "/home/user/Workspace/t8976/teo-rjollos.git/trac/perm.py", line 578, in require if not self._has_permission(action, resource): File "/home/user/Workspace/t8976/teo-rjollos.git/trac/perm.py", line 570, in _has_permission check_permission(action, perm.username, resource, perm) File "/home/user/Workspace/t8976/teo-rjollos.git/trac/perm.py", line 462, in check_permission perm) File "/home/user/Workspace/t8976/teo-rjollos.git/tracopt/perm/authz_policy.py", line 147, in check_permission self.parse_authz() File "/home/user/Workspace/t8976/teo-rjollos.git/tracopt/perm/authz_policy.py", line 176, in parse_authz self.authz = ConfigObj(self.get_authz_file(), encoding='utf8') File "/usr/lib/python2.7/dist-packages/configobj.py", line 1230, in __init__ self._load(infile, configspec) File "/usr/lib/python2.7/dist-packages/configobj.py", line 1320, in _load raise error ConfigObjError: Parsing failed with several errors. First error at line 4.
Though the duplicate sections error is easy to reproduce, the proposed change should trap and present a user-friendly error message when any exception is thrown whileConfigObj
is parsing the file (by trapping all ConfigObjErrors). - When the authz file is not found, Trac generates an internal error with a traceback:
Traceback (most recent call last): File "/home/user/Workspace/t11260/teo-rjollos.git/trac/web/main.py", line 497, in _dispatch_request dispatcher.dispatch(req) File "/home/user/Workspace/t11260/teo-rjollos.git/trac/web/main.py", line 214, in dispatch resp = chosen_handler.process_request(req) File "/home/user/Workspace/t11260/teo-rjollos.git/trac/wiki/web_ui.py", line 126, in process_request req.perm(page.resource).require('WIKI_VIEW') File "/home/user/Workspace/t11260/teo-rjollos.git/trac/perm.py", line 578, in require if not self._has_permission(action, resource): File "/home/user/Workspace/t11260/teo-rjollos.git/trac/perm.py", line 570, in _has_permission check_permission(action, perm.username, resource, perm) File "/home/user/Workspace/t11260/teo-rjollos.git/trac/perm.py", line 462, in check_permission perm) File "/home/user/Workspace/t11260/teo-rjollos.git/tracopt/perm/authz_policy.py", line 149, in check_permission self.parse_authz() File "/home/user/Workspace/t11260/teo-rjollos.git/tracopt/perm/authz_policy.py", line 211, in parse_authz self.authz_mtime = self.get_authz_file_mtime File "/home/user/Workspace/t11260/teo-rjollos.git/tracopt/perm/authz_policy.py", line 178, in get_authz_file_mtime return os.path.getmtime(self.get_authz_file()) File "/home/user/Workspace/t11260/lib/python2.7/genericpath.py", line 54, in getmtime return os.stat(filename).st_mtime OSError: [Errno 2] No such file or directory: '/home/user/Workspace/t11260/tracdev/conf/authzpolicy?.conf'
- If there is an error in the configuration of permission policies, for example:
permission_policies = AuthzPermissionPolicy, DefaultPermissionPolicy, LegacyAttachmentPolicy
(the first entry should beAuthzPolicy
), no error is reported. There should at least be a warning in the logs.
While ExtensionOption throw an exception when the specified implementation of the interface can't be found, OrderedExtensionOption does not. Changing the behavior of
OrderedExtensionOption
will have to be carefully considered.
Change History (6)
comment:1 by , 11 years ago
Description: | modified (diff) |
---|
comment:2 by , 11 years ago
comment:3 by , 11 years ago
Status: | new → assigned |
---|
by , 11 years ago
Attachment: | ConfigurationErrorGeneric.png added |
---|
comment:4 by , 11 years ago
In order to avoid exposing information to users, a generic ConfigurationError
is raised for the scenarios discussed in this ticket.
The latest changes can be found in rjollos.git:t11272.2.
comment:5 by , 11 years ago
API Changes: | modified (diff) |
---|---|
Release Notes: | modified (diff) |
Resolution: | → fixed |
Status: | assigned → closed |
Example of what would be found in the log file:
02:20:52 AM Trac[authz_policy] ERROR: Error parsing authz permission policy file: No such file or directory /home/user/Workspace/t11272/tracdev/conf/authz.con 02:20:52 AM Trac[chrome] ERROR: Error during check of EMAIL_VIEW: ConfigurationError: Look in the Trac log for more information.
Committed to 1.0-stable in [11971-11972], and merged to trunk in [11973].
I made an error and then reverted the committed, so [11969-11970] can be ignored. Should I modify the svn:mergeinfo on the trunk so that these two changesets aren't shown as eligible for merge?
Changes can be found in rjollos.git:t11272. The changes for (3) would best be discussed in #10285, where I already posted comments. I didn't realize the overlap until after I started working on the changes.
I ended up adding assertIs to another test class, so I wonder if we should do something to avoid the code duplication (mentioned in comment:19:ticket:11245) such as:
unittest.TestCase
and add the methods.Feedback welcome and appreciated!