From b8d61b959919d872def1f337422a9e65929d900f Mon Sep 17 00:00:00 2001 From: Abdul Raheem Siddiqui Date: Tue, 26 Dec 2023 10:38:00 -0500 Subject: [PATCH] Use appropriate HTTP code when forbidden --- api/handlers/handlers.go | 6 +++--- api/handlers/processes_handlers.go | 6 +++--- api/jobs/database_postgres.go | 1 - 3 files changed, 6 insertions(+), 7 deletions(-) diff --git a/api/handlers/handlers.go b/api/handlers/handlers.go index 917dd72..bd4902f 100644 --- a/api/handlers/handlers.go +++ b/api/handlers/handlers.go @@ -169,7 +169,7 @@ func (rh *RESTHandler) Execution(c echo.Context) error { // admins are allowed to execute all processes, else you need to have a role with same name as processId if !utils.StringInSlice(rh.Config.AdminRoleName, roles) && !utils.StringInSlice(processID, roles) { - return c.JSON(http.StatusUnauthorized, errResponse{Message: "unauthorized"}) + return c.JSON(http.StatusForbidden, errResponse{Message: "Forbidden"}) } } @@ -306,7 +306,7 @@ func (rh *RESTHandler) JobDismissHandler(c echo.Context) error { roles := strings.Split(c.Request().Header.Get("X-ProcessAPI-User-Roles"), ",") if (*j).SUBMITTER() != c.Request().Header.Get("X-ProcessAPI-User-Email") && !utils.StringInSlice(rh.Config.AdminRoleName, roles) { - return c.JSON(http.StatusUnauthorized, errResponse{Message: "unauthorized"}) + return c.JSON(http.StatusForbidden, errResponse{Message: "Forbidden"}) } } @@ -628,7 +628,7 @@ func (rh *RESTHandler) JobStatusUpdateHandler(c echo.Context) error { // only service accounts or admins can post status updates if !utils.StringInSlice(rh.Config.ServiceRoleName, roles) && !utils.StringInSlice(rh.Config.AdminRoleName, roles) { - return c.JSON(http.StatusUnauthorized, errResponse{Message: "unauthorized"}) + return c.JSON(http.StatusForbidden, errResponse{Message: "Forbidden"}) } } diff --git a/api/handlers/processes_handlers.go b/api/handlers/processes_handlers.go index 32a824c..a20bb85 100644 --- a/api/handlers/processes_handlers.go +++ b/api/handlers/processes_handlers.go @@ -117,7 +117,7 @@ func (rh *RESTHandler) AddProcessHandler(c echo.Context) error { // non-admins are not allowed if !utils.StringInSlice(rh.Config.AdminRoleName, roles) { - return c.JSON(http.StatusUnauthorized, errResponse{Message: "unauthorized"}) + return c.JSON(http.StatusForbidden, errResponse{Message: "Forbidden"}) } } @@ -178,7 +178,7 @@ func (rh *RESTHandler) UpdateProcessHandler(c echo.Context) error { // non-admins are not allowed if !utils.StringInSlice(rh.Config.AdminRoleName, roles) { - return c.JSON(http.StatusUnauthorized, errResponse{Message: "unauthorized"}) + return c.JSON(http.StatusForbidden, errResponse{Message: "Forbidden"}) } } @@ -249,7 +249,7 @@ func (rh *RESTHandler) DeleteProcessHandler(c echo.Context) error { // non-admins are not allowed if !utils.StringInSlice(rh.Config.AdminRoleName, roles) { - return c.JSON(http.StatusUnauthorized, errResponse{Message: "unauthorized"}) + return c.JSON(http.StatusForbidden, errResponse{Message: "Forbidden"}) } } diff --git a/api/jobs/database_postgres.go b/api/jobs/database_postgres.go index 9fd4c2f..032e2a5 100644 --- a/api/jobs/database_postgres.go +++ b/api/jobs/database_postgres.go @@ -14,7 +14,6 @@ type PostgresDB struct { } // Initialize the database. -// Creates intermediate directories if not exist. func NewPostgresDB(dbConnString string) (*PostgresDB, error) { h, err := sql.Open("postgres", dbConnString)