Coverage for netrun / rbac / exceptions.py: 79%
24 statements
« prev ^ index » next coverage.py v7.12.0, created at 2025-12-18 22:20 +0000
1"""
2RBAC Exceptions - Custom exception classes for RBAC operations
4Extracted from: Intirkast error handling patterns
5"""
8class RBACException(Exception):
9 """Base exception for all RBAC-related errors"""
11 def __init__(self, message: str, status_code: int = 403):
12 self.message = message
13 self.status_code = status_code
14 super().__init__(self.message)
17class InsufficientPermissionsError(RBACException):
18 """
19 Raised when user lacks required role or permission
21 HTTP Status: 403 Forbidden
22 """
24 def __init__(self, required_role: str, user_role: str | None = None):
25 message = f"Insufficient permissions. Required role: {required_role}"
26 if user_role:
27 message += f" (current: {user_role})"
28 super().__init__(message, status_code=403)
31class TenantIsolationError(RBACException):
32 """
33 Raised when attempting cross-tenant access
35 HTTP Status: 403 Forbidden
36 Security Level: CRITICAL
37 """
39 def __init__(self, message: str = "Cross-tenant access denied"):
40 super().__init__(message, status_code=403)
43class ResourceOwnershipError(RBACException):
44 """
45 Raised when attempting to access resource owned by another user
47 HTTP Status: 403 Forbidden
48 """
50 def __init__(self, message: str = "You can only access your own resources"):
51 super().__init__(message, status_code=403)
54class InvalidRoleError(RBACException):
55 """
56 Raised when an invalid role is specified
58 HTTP Status: 400 Bad Request
59 """
61 def __init__(self, role: str):
62 message = f"Invalid role: {role}. Must be one of: viewer, member, admin, owner"
63 super().__init__(message, status_code=400)
66class MissingTenantContextError(RBACException):
67 """
68 Raised when tenant context is required but not set
70 HTTP Status: 400 Bad Request
71 """
73 def __init__(self, message: str = "Tenant context not set. Check authentication middleware."):
74 super().__init__(message, status_code=400)