fix error

permitio · Jan 14, 2024 · de28893 · de28893
1 parent fb85aa7
commit de28893
Show file tree

Hide file tree

Showing 3 changed files with 86 additions and 13 deletions.
diff --git a/permit/enforcement/enforcer.py b/permit/enforcement/enforcer.py
@@ -228,6 +228,16 @@ async def check(
  data=json.dumps(input),
  ) as response:
  if response.status != 200:
+ if response.status == 501:
+ raise PermitConnectionError(
+ f"Permit SDK got error: {response.status}, \n \
+ and cannot connect to the PDP container, make sure you are not using ABAC policy."
+ f"Also, please check your configuration and make"
+ f" sure it's running at {self._base_url} and accepting requests. \n \
+ Read more about setting up the PDP at "
+ f"https://docs.permit.io/reference/SDKs/Python/quickstart_python"
+ )
+
  error_json: dict = await response.json()
  logger.error(
  "error in permit.check({}, {}, {}):\n{}\n{}".format(
@@ -240,7 +250,7 @@ async def check(
  )
  raise PermitConnectionError(
  f"Permit SDK got unexpected status code: {response.status}, please check your Permit SDK class init and PDP container are configured correctly. \n\
- Read more about setting up the PDP at https://docs.permit.io/reference/SDKs/Python/quickstart_python"
+ Read more about setting up the PDP at https://docs.permit.io/category/python"
  )
 
  content: dict = await response.json()
@@ -259,19 +269,22 @@ async def check(
  # )
  return decision
  except aiohttp.ClientError as err:
- logger.error(
- "error in permit.check({}, {}, {}):\n{}".format(
- normalized_user,
- action,
- self._resource_repr(normalized_resource),
- err,
+ if isinstance(err, PermitConnectionError):
+ raise err
+ else:
+ logger.error(
+ "error in permit.check({}, {}, {}):\n{}".format(
+ normalized_user,
+ action,
+ self._resource_repr(normalized_resource),
+ err,
+ )
+ )
+ raise PermitConnectionError(
+ f"Permit SDK got error: {err}, \n \
+ and cannot connect to the PDP container, please check your configuration and make sure it's running at {self._base_url} and accepting requests. \n \
+ Read more about setting up the PDP at https://docs.permit.io/reference/SDKs/Python/quickstart_python"
  )
- )
- raise PermitConnectionError(
- f"Permit SDK got error: {err}, \n \
- and cannot connect to the PDP container, please check your configuration and make sure it's running at {self._base_url} and accepting requests. \n \
- Read more about setting up the PDP at https://docs.permit.io/reference/SDKs/Python/quickstart_python"
- )
 
  def _normalize_resource(self, resource: ResourceInput) -> ResourceInput:
  normalized_resource: ResourceInput = resource.copy()

diff --git a/tests/conftest.py b/tests/conftest.py
@@ -47,3 +47,30 @@ def permit(permit_config: PermitConfig) -> Permit:
 @pytest.fixture
 def sync_permit(permit_config: PermitConfig) -> SyncPermit:
  return SyncPermit(permit_config)
+
+
+@pytest.fixture
+def permit_config_cloud() -> PermitConfig:
+ token = os.getenv("PDP_API_KEY", "")
+ pdp_address = os.getenv("PDP_URL", "https://cloudpdp.api.permit.io")
+ api_url = os.getenv("PDP_CONTROL_PLANE", "https://api.permit.io")
+
+ if not token:
+ pytest.fail("PDP_API_KEY is not configured, test cannot run!")
+
+ return PermitConfig(
+ **{
+ "token": token,
+ "pdp": pdp_address,
+ "api_url": api_url,
+ "log": {
+ "level": "debug",
+ "enable": True,
+ },
+ }
+ )
+
+
+@pytest.fixture
+def permit_cloud(permit_config_cloud: PermitConfig) -> Permit:
+ return Permit(permit_config_cloud)
diff --git a/tests/test_abac_pdp.py b/tests/test_abac_pdp.py
@@ -0,0 +1,33 @@
+from permit import Permit, PermitConnectionError, TenantCreate, UserCreate
+
+
+def abac_user(user: UserCreate):
+ return user.dict(exclude={"first_name", "last_name"})
+
+
+async def test_abac_pdp_cloud_error(permit_cloud: Permit):
+
+ user_test = UserCreate(
+ **dict(
+ key="maya@permit.io",
+ email="maya@permit.io",
+ first_name="Maya",
+ last_name="Barak",
+ attributes={"age": 23},
+ )
+ )
+ TESLA = TenantCreate(key="tesla", name="Tesla Inc")
+
+ try:
+ resp = await permit_cloud.check(
+ abac_user(user_test),
+ "sign",
+ {
+ "type": "document",
+ "tenant": TESLA.key,
+ "attributes": {"private": False},
+ },
+ )
+
+ except Exception as error:
+ assert isinstance(error, PermitConnectionError)