MLS/RBAC/TERulesDifference: revise unknown rule exceptions to log instead

Change to error logging so the processing continues, as the error is not fatal. Also specify in the message that it is a bug, so users know it isn't their fault.
2025-04-01 00:06:19 +00:00 · 2016-02-01 11:20:32 -05:00 · 2016-02-01 11:20:32 -05:00 · 964a3ea3f5
commit 964a3ea3f5
parent c432719ca3
3 changed files with 12 additions and 6 deletions
--- a/setools/diff/mlsrules.py
+++ b/setools/diff/mlsrules.py
@ -68,7 +68,8 @@ class MLSRulesDifference(Difference):
            if rule.ruletype == "range_transition":
                self._left_range_transitions.append(rule)
            else:
-                raise TypeError("Unknown rule type: {0}".format(rule.ruletype))
+                self.log.error("Unknown rule type: {0} (This is an SETools bug)".
+                               format(rule.ruletype))

        self._right_range_transitions = []
        for rule in self.right_policy.mlsrules():
@ -77,7 +78,8 @@ class MLSRulesDifference(Difference):
            if rule.ruletype == "range_transition":
                self._right_range_transitions.append(rule)
            else:
-                raise TypeError("Unknown rule type: {0}".format(rule.ruletype))
+                self.log.error("Unknown rule type: {0} (This is an SETools bug)".
+                               format(rule.ruletype))

    def _diff_mls_rules(self, left_list, right_list):
        """Common method for comparing type_* rules."""
--- a/setools/diff/rbacrules.py
+++ b/setools/diff/rbacrules.py
@ -91,7 +91,8 @@ class RBACRulesDifference(Difference):
            elif rule.ruletype == "role_transition":
                self._left_role_transitions.append(rule)
            else:
-                raise TypeError("Unknown rule type: {0}".format(rule.ruletype))
+                self.log.error("Unknown rule type: {0} (This is an SETools bug)".
+                               format(rule.ruletype))

        self._right_role_allows = []
        self._right_role_transitions = []
@ -103,7 +104,8 @@ class RBACRulesDifference(Difference):
            elif rule.ruletype == "role_transition":
                self._right_role_transitions.append(rule)
            else:
-                raise TypeError("Unknown rule type: {0}".format(rule.ruletype))
+                self.log.error("Unknown rule type: {0} (This is an SETools bug)".
+                               format(rule.ruletype))

    def _diff_rbac_rules(self, left_list, right_list):
        """Common method for comparing rbac rules."""
--- a/setools/diff/terules.py
+++ b/setools/diff/terules.py
@ -230,7 +230,8 @@ class TERulesDifference(Difference):
            elif rule.ruletype == "type_member":
                self._left_type_members.append(rule)
            else:
-                raise TypeError("Unknown rule type: {0}".format(rule.ruletype))
+                self.log.error("Unknown rule type: {0} (This is an SETools bug)".
+                               format(rule.ruletype))

        self._right_allows = []
        self._right_auditallows = []
@ -257,7 +258,8 @@ class TERulesDifference(Difference):
            elif rule.ruletype == "type_member":
                self._right_type_members.append(rule)
            else:
-                raise TypeError("Unknown rule type: {0}".format(rule.ruletype))
+                self.log.error("Unknown rule type: {0} (This is an SETools bug)".
+                               format(rule.ruletype))

    def _diff_av_rules(self, left_list, right_list):
        """Common method for comparing access vector rules."""