Return 403 instead of 500 when policy check fails

This patch fixes an issue where a 500 response is sent instead of a 403
when a request is made using the wrong scope.  e.g.  Using project
scope instead of system scope.

Story: 2009170
Task: 43200

Change-Id: Id399d2220118efe1033426c658d1834cbff02f94
This commit is contained in:
Douglas Mendizábal 2021-09-01 15:57:54 -05:00
parent aa7bf8863f
commit 200bff896c

View File

@ -96,7 +96,7 @@ def generate_safe_exception_message(operation_name, excep):
try:
raise excep
except policy.PolicyNotAuthorized:
except (policy.PolicyNotAuthorized, policy.InvalidScope):
message = u._(
'{operation} attempt not allowed - '
'please review your '