forked from TrueCloudLab/frostfs-s3-gw
[#488] middleware/auth: Add frostfs-to-s3 error transformation
Signed-off-by: Nikita Zinkevich <n.zinkevich@yadro.com>
This commit is contained in:
parent
bc17ab5e47
commit
c2adbd758a
3 changed files with 9 additions and 4 deletions
|
|
@ -492,7 +492,7 @@ func TestCreateBucketWithoutPermissions(t *testing.T) {
|
||||||
hc.h.ape.(*apeMock).err = errors.New("no permissions")
|
hc.h.ape.(*apeMock).err = errors.New("no permissions")
|
||||||
|
|
||||||
box, _ := createAccessBox(t)
|
box, _ := createAccessBox(t)
|
||||||
createBucketAssertS3Error(hc, bktName, box, s3errors.ErrInternalError)
|
createBucketAssertS3Error(hc, bktName, box, apierr.ErrInternalError)
|
||||||
|
|
||||||
_, err := hc.tp.ContainerID(bktName)
|
_, err := hc.tp.ContainerID(bktName)
|
||||||
require.Errorf(t, err, "container exists after failed creation, but shouldn't")
|
require.Errorf(t, err, "container exists after failed creation, but shouldn't")
|
||||||
|
|
|
||||||
|
|
@ -10,7 +10,6 @@ import (
|
||||||
"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/acl"
|
"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/acl"
|
||||||
apierr "git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/errors"
|
apierr "git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/errors"
|
||||||
"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/creds/accessbox"
|
"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/creds/accessbox"
|
||||||
frosterr "git.frostfs.info/TrueCloudLab/frostfs-s3-gw/internal/frostfs/errors"
|
|
||||||
"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/internal/logs"
|
"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/internal/logs"
|
||||||
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/bearer"
|
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/bearer"
|
||||||
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object"
|
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object"
|
||||||
|
|
@ -57,8 +56,8 @@ func Auth(center Center, log *zap.Logger) Func {
|
||||||
reqLogOrDefault(ctx, log).Debug(logs.CouldntReceiveAccessBoxForGateKeyRandomKeyWillBeUsed, zap.Error(err))
|
reqLogOrDefault(ctx, log).Debug(logs.CouldntReceiveAccessBoxForGateKeyRandomKeyWillBeUsed, zap.Error(err))
|
||||||
} else {
|
} else {
|
||||||
reqLogOrDefault(ctx, log).Error(logs.FailedToPassAuthentication, zap.Error(err))
|
reqLogOrDefault(ctx, log).Error(logs.FailedToPassAuthentication, zap.Error(err))
|
||||||
err = frosterr.UnwrapErr(err)
|
err = apierr.TransformToS3Error(err)
|
||||||
if _, ok := err.(apierr.Error); !ok {
|
if err.(apierr.Error).ErrCode == apierr.ErrInternalError {
|
||||||
err = apierr.GetAPIError(apierr.ErrAccessDenied)
|
err = apierr.GetAPIError(apierr.ErrAccessDenied)
|
||||||
}
|
}
|
||||||
if _, wrErr := WriteErrorResponse(w, GetReqInfo(r.Context()), err); wrErr != nil {
|
if _, wrErr := WriteErrorResponse(w, GetReqInfo(r.Context()), err); wrErr != nil {
|
||||||
|
|
|
||||||
|
|
@ -862,6 +862,12 @@ func TestAuthenticate(t *testing.T) {
|
||||||
|
|
||||||
chiRouter.cfg.Center.(*centerMock).err = frostfs.ErrGatewayTimeout
|
chiRouter.cfg.Center.(*centerMock).err = frostfs.ErrGatewayTimeout
|
||||||
createBucketErr(chiRouter, "", "bkt-3", nil, apierr.ErrGatewayTimeout)
|
createBucketErr(chiRouter, "", "bkt-3", nil, apierr.ErrGatewayTimeout)
|
||||||
|
|
||||||
|
chiRouter.cfg.Center.(*centerMock).err = apierr.GetAPIError(apierr.ErrInternalError)
|
||||||
|
createBucketErr(chiRouter, "", "bkt-3", nil, apierr.ErrAccessDenied)
|
||||||
|
|
||||||
|
chiRouter.cfg.Center.(*centerMock).err = apierr.GetAPIError(apierr.ErrBadRequest)
|
||||||
|
createBucketErr(chiRouter, "", "bkt-3", nil, apierr.ErrBadRequest)
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestFrostFSIDValidation(t *testing.T) {
|
func TestFrostFSIDValidation(t *testing.T) {
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue