From 459bdcf04b28491b9ff954600fbff7a1c123f838 Mon Sep 17 00:00:00 2001 From: Leonard Lyubich Date: Thu, 17 Mar 2022 11:25:33 +0300 Subject: [PATCH] [#1247] object/acl: Return `ObjectAccessDenied` status error Return `apistatus.ObjectAccessDenied` error on access violation from ACL service. Write reason in format of the errors from the previous implementation. These errors are returned by storage node's server as NeoFS API statuses. Signed-off-by: Leonard Lyubich --- pkg/services/object/acl/v2/errors.go | 28 +++++++++++----------------- 1 file changed, 11 insertions(+), 17 deletions(-) diff --git a/pkg/services/object/acl/v2/errors.go b/pkg/services/object/acl/v2/errors.go index 5db87fe7..3baaff46 100644 --- a/pkg/services/object/acl/v2/errors.go +++ b/pkg/services/object/acl/v2/errors.go @@ -3,6 +3,8 @@ package v2 import ( "errors" "fmt" + + apistatus "github.com/nspcc-dev/neofs-sdk-go/client/status" ) var ( @@ -15,26 +17,18 @@ var ( ErrInvalidVerb = errors.New("session token verb is invalid") ) -type accessErr struct { - RequestInfo - - failedCheckTyp string -} - -func (a *accessErr) Error() string { - return fmt.Sprintf("access to operation %v is denied by %s check", a.operation, a.failedCheckTyp) -} +const accessDeniedReasonFmt = "access to operation %v is denied by %s check" func basicACLErr(info RequestInfo) error { - return &accessErr{ - RequestInfo: info, - failedCheckTyp: "basic ACL", - } + var errAccessDenied apistatus.ObjectAccessDenied + errAccessDenied.WriteReason(fmt.Sprintf(accessDeniedReasonFmt, info.operation, "basic ACL")) + + return errAccessDenied } func eACLErr(info RequestInfo) error { - return &accessErr{ - RequestInfo: info, - failedCheckTyp: "extended ACL", - } + var errAccessDenied apistatus.ObjectAccessDenied + errAccessDenied.WriteReason(fmt.Sprintf(accessDeniedReasonFmt, info.operation, "extended ACL")) + + return errAccessDenied }