mirror of
https://github.com/meta-llama/llama-stack.git
synced 2025-12-24 09:30:01 +00:00
31f85076ad
• Enhanced AccessDeniedError class to include user, action, and resource context - Added constructor parameters for action, resource, and user - Generate detailed error messages showing user principal, attributes, and attempted resource - Backward compatible with existing usage (falls back to generic message) • Updated exception handling in server.py - Import AccessDeniedError from access_control module - Return proper 403 status codes with detailed error messages - Separate handling for PermissionError (generic) vs AccessDeniedError (detailed) • Enhanced error context at raise sites - Updated routing_tables/common.py to pass action, resource, and user context - Updated agents persistence to include context in access denied errors - Provides better debugging information for access control issues • Added comprehensive unit tests - Created tests/unit/server/test_server.py with 13 test cases - Covers AccessDeniedError with and without context - Tests all exception types (ValidationError, BadRequestError, AuthenticationRequiredError, etc.) - Validates proper HTTP status codes and error message formats Resolves access control error visibility issues where 500 errors were returned instead of proper 403 responses with actionable error messages. Signed-off-by: Akram Ben Aissi <<akram.benaissi@gmail.com>> |
||
|---|---|---|
| .. | ||
| test_access_control.py | ||
| test_auth.py | ||
| test_quota.py | ||
| test_replace_env_vars.py | ||
| test_resolver.py | ||
| test_server.py | ||
| test_sse.py | ||