Fix enforce crash when matcher functions throw string errors

.github/workflows/build.yml

@@ -108,12 +108,30 @@ jobs:
 
     - name: Install dependencies
       run: |
-        luarocks install lualogging
-        luarocks install lrexlib-pcre2
-        luarocks install luaposix
-        luarocks install luasocket
-        luarocks install busted
-        luarocks install busted-htest
+        until luarocks install lualogging
+        do
+          sleep 1
+        done
+        until luarocks install lrexlib-pcre2
+        do
+          sleep 1
+        done
+        until luarocks install luaposix
+        do
+          sleep 1
+        done
+        until luarocks install luasocket
+        do
+          sleep 1
+        done
+        until luarocks install busted
+        do
+          sleep 1
+        done
+        until luarocks install busted-htest
+        do
+          sleep 1
+        done
 
     - name: Run Benchmark
       run: |

examples/keymatch4_model.conf

@@ -0,0 +1,14 @@
+[request_definition]
+r = sub, obj, act
+
+[policy_definition]
+p = sub, obj, act
+
+[role_definition]
+g = _, _
+
+[policy_effect]
+e = some(where (p.eft == allow))
+
+[matchers]
+m = g(r.sub, p.sub) && keyMatch4(r.obj, p.obj) && regexMatch(r.act, p.act)

examples/keymatch4_policy.csv

@@ -0,0 +1,4 @@
+p, alice, /parent/{id}/child/{id}, GET|POST
+p, bob, /parent/{id}/child/{another_id}, GET|POST
+g, alice, alice
+g, bob, bob

src/main/CoreEnforcer.lua

@@ -446,7 +446,8 @@ function CoreEnforcer:enforceEx(...)
                 res, err = luaxp.evaluate(tExpString, context)
             end
             if err then
-                error("evaluation error: " .. err.message)
+                local errMsg = type(err) == "table" and err.message or tostring(err)
+                error("evaluation error: " .. errMsg)
             end
 
             local c = true
@@ -491,7 +492,8 @@ function CoreEnforcer:enforceEx(...)
 
         local res, err = luaxp.run(compiledExpression, context)
         if err then
-            error("evaluation error: " .. err.message)
+            local errMsg = type(err) == "table" and err.message or tostring(err)
+            error("evaluation error: " .. errMsg)
         end
 
         if res then

tests/main/enforcer_spec.lua

@@ -94,6 +94,21 @@ describe("Enforcer tests", function ()
         assert.is.True(e:enforce("alice", "/alice_data2/123/using/456", "GET"))
     end)
 
+    it("keyMatch4 test", function ()
+        local model  = path .. "/examples/keymatch4_model.conf"
+        local policy  = path .. "/examples/keymatch4_policy.csv"
+
+        local e = Enforcer:new(model, policy)
+        -- Test alice with matching IDs (same placeholder value)
+        assert.is.True(e:enforce("alice", "/parent/123/child/123", "GET"))
+        assert.is.True(e:enforce("alice", "/parent/456/child/456", "POST"))
+        -- Test alice with non-matching IDs (different placeholder values)
+        assert.is.False(e:enforce("alice", "/parent/123/child/456", "GET"))
+        -- Test bob with different IDs (different placeholders, should work)
+        assert.is.True(e:enforce("bob", "/parent/123/child/456", "GET"))
+        assert.is.True(e:enforce("bob", "/parent/789/child/012", "POST"))
+    end)
+
     it("priority test", function ()
         local model  = path .. "/examples/priority_model.conf"
         local policy  = path .. "/examples/priority_policy.csv"