[#140] apistatus: Support ACCESS_DENIED error

Define `ObjectAccessDenied` type for `ACCESS_DENIED` code. Provide
method to write/read human-readable reason.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
This commit is contained in:
Leonard Lyubich 2022-02-28 11:39:22 +03:00 committed by LeL
parent 2b28f91a89
commit 3e94b7c892
4 changed files with 90 additions and 0 deletions

View file

@ -64,3 +64,44 @@ func (x LockNonRegularObject) ToStatusV2() *status.Status {
x.v2.SetMessage("locking non-regular object is forbidden")
return &x.v2
}
// ObjectAccessDenied describes status of the failure because of the access control violation.
// Instances provide Status and StatusV2 interfaces.
type ObjectAccessDenied struct {
v2 status.Status
}
func (x ObjectAccessDenied) Error() string {
return errMessageStatusV2(
globalizeCodeV2(object.StatusAccessDenied, object.GlobalizeFail),
x.v2.Message(),
)
}
// implements local interface defined in FromStatusV2 func.
func (x *ObjectAccessDenied) fromStatusV2(st *status.Status) {
x.v2 = *st
}
// ToStatusV2 implements StatusV2 interface method.
// If the value was returned by FromStatusV2, returns the source message.
// Otherwise, returns message with
// * code: ACCESS_DENIED;
// * string message: "access to object operation denied";
// * details: empty.
func (x ObjectAccessDenied) ToStatusV2() *status.Status {
x.v2.SetCode(globalizeCodeV2(object.StatusAccessDenied, object.GlobalizeFail))
x.v2.SetMessage("access to object operation denied")
return &x.v2
}
// WriteReason writes human-readable access rejection reason.
func (x *ObjectAccessDenied) WriteReason(reason string) {
object.WriteAccessDeniedDesc(&x.v2, reason)
}
// Reason returns human-readable access rejection reason returned by the server.
// Returns empty value is reason is not presented.
func (x ObjectAccessDenied) Reason() string {
return object.ReadAccessDeniedDesc(x.v2)
}

View file

@ -0,0 +1,26 @@
package apistatus_test
import (
"testing"
apistatus "github.com/nspcc-dev/neofs-sdk-go/client/status"
"github.com/stretchr/testify/require"
)
func TestObjectAccessDenied_WriteReason(t *testing.T) {
const reason = "any reason"
var st apistatus.ObjectAccessDenied
res := st.Reason()
require.Empty(t, res)
detailNum := apistatus.ToStatusV2(st).NumberOfDetails()
require.Zero(t, detailNum)
st.WriteReason(reason)
res = st.Reason()
require.Equal(t, reason, res)
detailNum = apistatus.ToStatusV2(st).NumberOfDetails()
require.EqualValues(t, 1, detailNum)
}

View file

@ -34,6 +34,7 @@ type StatusV2 interface {
// Object failures:
// * object.StatusLocked: *ObjectLocked;
// * object.StatusLockNonRegularObject: *LockNonRegularObject.
// * object.StatusAccessDenied: *ObjectAccessDenied.
func FromStatusV2(st *status.Status) Status {
var decoder interface {
fromStatusV2(*status.Status)
@ -59,6 +60,8 @@ func FromStatusV2(st *status.Status) Status {
decoder = new(ObjectLocked)
case object.StatusLockNonRegularObject:
decoder = new(LockNonRegularObject)
case object.StatusAccessDenied:
decoder = new(ObjectAccessDenied)
}
}

View file

@ -71,6 +71,16 @@ func TestToStatusV2(t *testing.T) {
}),
codeV2: 2051,
},
{
status: (statusConstructor)(func() apistatus.Status {
var st apistatus.ObjectAccessDenied
st.WriteReason("any reason")
return st
}),
codeV2: 2048,
},
} {
var st apistatus.Status
@ -161,6 +171,16 @@ func TestFromStatusV2(t *testing.T) {
}),
codeV2: 2051,
},
{
status: (statusConstructor)(func() apistatus.Status {
var st apistatus.ObjectAccessDenied
st.WriteReason("any reason")
return st
}),
codeV2: 2048,
},
} {
var st apistatus.Status