[#1563] tree: Wrap only ChainRouterError erros with ObjectAccessDenied

* Such wrapping helps to differentiate logical check errors and server internal errors. Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
2024-12-16 14:17:37 +03:00 · 2024-12-16 14:17:37 +03:00 · 6e82661c35
commit 6e82661c35
parent 1a091ea7bb
1 changed files with 7 additions and 0 deletions
--- a/pkg/services/tree/signature.go
+++ b/pkg/services/tree/signature.go
@ -9,6 +9,7 @@ import (
 	"fmt"

 	core "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/core/container"
+	checkercore "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/common/ape"
 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/api/refs"
 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/bearer"
 	apistatus "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/client/status"
@ -70,6 +71,12 @@ func (s *Service) verifyClient(ctx context.Context, req message, cid cidSDK.ID,
 }

 func apeErr(err error) error {
+	var chRouterErr *checkercore.ChainRouterError
+	if !errors.As(err, &chRouterErr) {
+		errServerInternal := &apistatus.ServerInternal{}
+		apistatus.WriteInternalServerErr(errServerInternal, err)
+		return errServerInternal
+	}
 	errAccessDenied := &apistatus.ObjectAccessDenied{}
 	errAccessDenied.WriteReason(err.Error())
 	return errAccessDenied