[#140] apistatus: Support ACCESS_DENIED error

Define `ObjectAccessDenied` type for `ACCESS_DENIED` code. Provide method to write/read human-readable reason. Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2022-02-28 11:39:22 +03:00 · 2022-02-28 11:39:22 +03:00 · 3e94b7c892
commit 3e94b7c892
parent 2b28f91a89
4 changed files with 90 additions and 0 deletions
--- a/client/status/object.go
+++ b/client/status/object.go
@ -64,3 +64,44 @@ func (x LockNonRegularObject) ToStatusV2() *status.Status {
 	x.v2.SetMessage("locking non-regular object is forbidden")
 	return &x.v2
 }
+
+// ObjectAccessDenied describes status of the failure because of the access control violation.
+// Instances provide Status and StatusV2 interfaces.
+type ObjectAccessDenied struct {
+	v2 status.Status
+}
+
+func (x ObjectAccessDenied) Error() string {
+	return errMessageStatusV2(
+		globalizeCodeV2(object.StatusAccessDenied, object.GlobalizeFail),
+		x.v2.Message(),
+	)
+}
+
+// implements local interface defined in FromStatusV2 func.
+func (x *ObjectAccessDenied) fromStatusV2(st *status.Status) {
+	x.v2 = *st
+}
+
+// ToStatusV2 implements StatusV2 interface method.
+// If the value was returned by FromStatusV2, returns the source message.
+// Otherwise, returns message with
+//  * code: ACCESS_DENIED;
+//  * string message: "access to object operation denied";
+//  * details: empty.
+func (x ObjectAccessDenied) ToStatusV2() *status.Status {
+	x.v2.SetCode(globalizeCodeV2(object.StatusAccessDenied, object.GlobalizeFail))
+	x.v2.SetMessage("access to object operation denied")
+	return &x.v2
+}
+
+// WriteReason writes human-readable access rejection reason.
+func (x *ObjectAccessDenied) WriteReason(reason string) {
+	object.WriteAccessDeniedDesc(&x.v2, reason)
+}
+
+// Reason returns human-readable access rejection reason returned by the server.
+// Returns empty value is reason is not presented.
+func (x ObjectAccessDenied) Reason() string {
+	return object.ReadAccessDeniedDesc(x.v2)
+}
--- a/client/status/object_test.go
+++ b/client/status/object_test.go
@ -0,0 +1,26 @@
+package apistatus_test
+
+import (
+	"testing"
+
+	apistatus "github.com/nspcc-dev/neofs-sdk-go/client/status"
+	"github.com/stretchr/testify/require"
+)
+
+func TestObjectAccessDenied_WriteReason(t *testing.T) {
+	const reason = "any reason"
+
+	var st apistatus.ObjectAccessDenied
+
+	res := st.Reason()
+	require.Empty(t, res)
+	detailNum := apistatus.ToStatusV2(st).NumberOfDetails()
+	require.Zero(t, detailNum)
+
+	st.WriteReason(reason)
+
+	res = st.Reason()
+	require.Equal(t, reason, res)
+	detailNum = apistatus.ToStatusV2(st).NumberOfDetails()
+	require.EqualValues(t, 1, detailNum)
+}
--- a/client/status/v2.go
+++ b/client/status/v2.go
@ -34,6 +34,7 @@ type StatusV2 interface {
 // Object failures:
 //   * object.StatusLocked: *ObjectLocked;
 //   * object.StatusLockNonRegularObject: *LockNonRegularObject.
+//   * object.StatusAccessDenied: *ObjectAccessDenied.
 func FromStatusV2(st *status.Status) Status {
 	var decoder interface {
 		fromStatusV2(*status.Status)
@ -59,6 +60,8 @@ func FromStatusV2(st *status.Status) Status {
 			decoder = new(ObjectLocked)
 		case object.StatusLockNonRegularObject:
 			decoder = new(LockNonRegularObject)
+		case object.StatusAccessDenied:
+			decoder = new(ObjectAccessDenied)
 		}
 	}

--- a/client/status/v2_test.go
+++ b/client/status/v2_test.go
@ -71,6 +71,16 @@ func TestToStatusV2(t *testing.T) {
 			}),
 			codeV2: 2051,
 		},
+		{
+			status: (statusConstructor)(func() apistatus.Status {
+				var st apistatus.ObjectAccessDenied
+
+				st.WriteReason("any reason")
+
+				return st
+			}),
+			codeV2: 2048,
+		},
 	} {
 		var st apistatus.Status

@ -161,6 +171,16 @@ func TestFromStatusV2(t *testing.T) {
 			}),
 			codeV2: 2051,
 		},
+		{
+			status: (statusConstructor)(func() apistatus.Status {
+				var st apistatus.ObjectAccessDenied
+
+				st.WriteReason("any reason")
+
+				return st
+			}),
+			codeV2: 2048,
+		},
 	} {
 		var st apistatus.Status