diff --git a/client/status/object.go b/client/status/object.go index 43a6a8eb..4222eea9 100644 --- a/client/status/object.go +++ b/client/status/object.go @@ -64,3 +64,44 @@ func (x LockNonRegularObject) ToStatusV2() *status.Status { x.v2.SetMessage("locking non-regular object is forbidden") return &x.v2 } + +// ObjectAccessDenied describes status of the failure because of the access control violation. +// Instances provide Status and StatusV2 interfaces. +type ObjectAccessDenied struct { + v2 status.Status +} + +func (x ObjectAccessDenied) Error() string { + return errMessageStatusV2( + globalizeCodeV2(object.StatusAccessDenied, object.GlobalizeFail), + x.v2.Message(), + ) +} + +// implements local interface defined in FromStatusV2 func. +func (x *ObjectAccessDenied) fromStatusV2(st *status.Status) { + x.v2 = *st +} + +// ToStatusV2 implements StatusV2 interface method. +// If the value was returned by FromStatusV2, returns the source message. +// Otherwise, returns message with +// * code: ACCESS_DENIED; +// * string message: "access to object operation denied"; +// * details: empty. +func (x ObjectAccessDenied) ToStatusV2() *status.Status { + x.v2.SetCode(globalizeCodeV2(object.StatusAccessDenied, object.GlobalizeFail)) + x.v2.SetMessage("access to object operation denied") + return &x.v2 +} + +// WriteReason writes human-readable access rejection reason. +func (x *ObjectAccessDenied) WriteReason(reason string) { + object.WriteAccessDeniedDesc(&x.v2, reason) +} + +// Reason returns human-readable access rejection reason returned by the server. +// Returns empty value is reason is not presented. +func (x ObjectAccessDenied) Reason() string { + return object.ReadAccessDeniedDesc(x.v2) +} diff --git a/client/status/object_test.go b/client/status/object_test.go new file mode 100644 index 00000000..2e34ecfa --- /dev/null +++ b/client/status/object_test.go @@ -0,0 +1,26 @@ +package apistatus_test + +import ( + "testing" + + apistatus "github.com/nspcc-dev/neofs-sdk-go/client/status" + "github.com/stretchr/testify/require" +) + +func TestObjectAccessDenied_WriteReason(t *testing.T) { + const reason = "any reason" + + var st apistatus.ObjectAccessDenied + + res := st.Reason() + require.Empty(t, res) + detailNum := apistatus.ToStatusV2(st).NumberOfDetails() + require.Zero(t, detailNum) + + st.WriteReason(reason) + + res = st.Reason() + require.Equal(t, reason, res) + detailNum = apistatus.ToStatusV2(st).NumberOfDetails() + require.EqualValues(t, 1, detailNum) +} diff --git a/client/status/v2.go b/client/status/v2.go index 0fb5b672..b8bf0cbe 100644 --- a/client/status/v2.go +++ b/client/status/v2.go @@ -34,6 +34,7 @@ type StatusV2 interface { // Object failures: // * object.StatusLocked: *ObjectLocked; // * object.StatusLockNonRegularObject: *LockNonRegularObject. +// * object.StatusAccessDenied: *ObjectAccessDenied. func FromStatusV2(st *status.Status) Status { var decoder interface { fromStatusV2(*status.Status) @@ -59,6 +60,8 @@ func FromStatusV2(st *status.Status) Status { decoder = new(ObjectLocked) case object.StatusLockNonRegularObject: decoder = new(LockNonRegularObject) + case object.StatusAccessDenied: + decoder = new(ObjectAccessDenied) } } diff --git a/client/status/v2_test.go b/client/status/v2_test.go index 6fe71972..5bae75f3 100644 --- a/client/status/v2_test.go +++ b/client/status/v2_test.go @@ -71,6 +71,16 @@ func TestToStatusV2(t *testing.T) { }), codeV2: 2051, }, + { + status: (statusConstructor)(func() apistatus.Status { + var st apistatus.ObjectAccessDenied + + st.WriteReason("any reason") + + return st + }), + codeV2: 2048, + }, } { var st apistatus.Status @@ -161,6 +171,16 @@ func TestFromStatusV2(t *testing.T) { }), codeV2: 2051, }, + { + status: (statusConstructor)(func() apistatus.Status { + var st apistatus.ObjectAccessDenied + + st.WriteReason("any reason") + + return st + }), + codeV2: 2048, + }, } { var st apistatus.Status