forked from TrueCloudLab/frostfs-node
[#1563] tree: Wrap only ChainRouterError
erros with ObjectAccessDenied
* Such wrapping helps to differentiate logical check errors and server internal errors. Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
This commit is contained in:
parent
1a091ea7bb
commit
6e82661c35
1 changed files with 7 additions and 0 deletions
|
@ -9,6 +9,7 @@ import (
|
||||||
"fmt"
|
"fmt"
|
||||||
|
|
||||||
core "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/core/container"
|
core "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/core/container"
|
||||||
|
checkercore "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/common/ape"
|
||||||
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/api/refs"
|
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/api/refs"
|
||||||
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/bearer"
|
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/bearer"
|
||||||
apistatus "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/client/status"
|
apistatus "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/client/status"
|
||||||
|
@ -70,6 +71,12 @@ func (s *Service) verifyClient(ctx context.Context, req message, cid cidSDK.ID,
|
||||||
}
|
}
|
||||||
|
|
||||||
func apeErr(err error) error {
|
func apeErr(err error) error {
|
||||||
|
var chRouterErr *checkercore.ChainRouterError
|
||||||
|
if !errors.As(err, &chRouterErr) {
|
||||||
|
errServerInternal := &apistatus.ServerInternal{}
|
||||||
|
apistatus.WriteInternalServerErr(errServerInternal, err)
|
||||||
|
return errServerInternal
|
||||||
|
}
|
||||||
errAccessDenied := &apistatus.ObjectAccessDenied{}
|
errAccessDenied := &apistatus.ObjectAccessDenied{}
|
||||||
errAccessDenied.WriteReason(err.Error())
|
errAccessDenied.WriteReason(err.Error())
|
||||||
return errAccessDenied
|
return errAccessDenied
|
||||||
|
|
Loading…
Reference in a new issue