Some authorization errors do not have source locations attached

Question

Some authorization errors do not have source locations attached

Opened this issue 5 months ago · 0 comments

cdisselkoen commented 5 months ago

Before opening, please confirm:

I have searched for duplicate or closed issues.
I have read the guide for submitting bug reports.
I have done my best to include a minimal, self-contained set of instructions for consistently reproducing the issue.

Bug Category

Policy Evaluation

Describe the bug

#485 claimed to provide source locations for evaluation errors. However, in at least some cases, public AuthorizationErrors backed by EvaluationError do not have source locations. We should investigate why this is; to my knowledge, these errors should have source locations attached.

Expected behavior

Authorization errors resulting from policy-evaluation errors should have source locations attached (for policies parsed from the Cedar policy syntax, not the JSON format).

Reproduction steps

Grep for TODO(#485) in the code. This TODO was left in the code even though #485 was resolved. As of this writing, the TODO is at cedar-policy/src/tests.rs:3626.
Uncomment the two lines that check for source locations, and rename the variable _err to err.
cargo test --all-features
The tests fail.

Code Snippet

No response

Log output

No response

Additional configuration

No response

Operating System

No response

Additional information and screenshots

No response