Use appropriate HTTP code when forbidden

Dewberry · Dec 26, 2023 · b8d61b9 · b8d61b9
1 parent d9b4a1c
commit b8d61b9
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 7 deletions.
diff --git a/api/handlers/handlers.go b/api/handlers/handlers.go
@@ -169,7 +169,7 @@ func (rh *RESTHandler) Execution(c echo.Context) error {
 
 		// admins are allowed to execute all processes, else you need to have a role with same name as processId
 		if !utils.StringInSlice(rh.Config.AdminRoleName, roles) && !utils.StringInSlice(processID, roles) {
-			return c.JSON(http.StatusUnauthorized, errResponse{Message: "unauthorized"})
+			return c.JSON(http.StatusForbidden, errResponse{Message: "Forbidden"})
 		}
 	}
 
@@ -306,7 +306,7 @@ func (rh *RESTHandler) JobDismissHandler(c echo.Context) error {
 			roles := strings.Split(c.Request().Header.Get("X-ProcessAPI-User-Roles"), ",")
 
 			if (*j).SUBMITTER() != c.Request().Header.Get("X-ProcessAPI-User-Email") && !utils.StringInSlice(rh.Config.AdminRoleName, roles) {
-				return c.JSON(http.StatusUnauthorized, errResponse{Message: "unauthorized"})
+				return c.JSON(http.StatusForbidden, errResponse{Message: "Forbidden"})
 			}
 		}
 
@@ -628,7 +628,7 @@ func (rh *RESTHandler) JobStatusUpdateHandler(c echo.Context) error {
 
 		// only service accounts or admins can post status updates
 		if !utils.StringInSlice(rh.Config.ServiceRoleName, roles) && !utils.StringInSlice(rh.Config.AdminRoleName, roles) {
-			return c.JSON(http.StatusUnauthorized, errResponse{Message: "unauthorized"})
+			return c.JSON(http.StatusForbidden, errResponse{Message: "Forbidden"})
 		}
 	}
 

diff --git a/api/handlers/processes_handlers.go b/api/handlers/processes_handlers.go
@@ -117,7 +117,7 @@ func (rh *RESTHandler) AddProcessHandler(c echo.Context) error {
 
 		// non-admins are not allowed
 		if !utils.StringInSlice(rh.Config.AdminRoleName, roles) {
-			return c.JSON(http.StatusUnauthorized, errResponse{Message: "unauthorized"})
+			return c.JSON(http.StatusForbidden, errResponse{Message: "Forbidden"})
 		}
 	}
 
@@ -178,7 +178,7 @@ func (rh *RESTHandler) UpdateProcessHandler(c echo.Context) error {
 
 		// non-admins are not allowed
 		if !utils.StringInSlice(rh.Config.AdminRoleName, roles) {
-			return c.JSON(http.StatusUnauthorized, errResponse{Message: "unauthorized"})
+			return c.JSON(http.StatusForbidden, errResponse{Message: "Forbidden"})
 		}
 	}
 
@@ -249,7 +249,7 @@ func (rh *RESTHandler) DeleteProcessHandler(c echo.Context) error {
 
 		// non-admins are not allowed
 		if !utils.StringInSlice(rh.Config.AdminRoleName, roles) {
-			return c.JSON(http.StatusUnauthorized, errResponse{Message: "unauthorized"})
+			return c.JSON(http.StatusForbidden, errResponse{Message: "Forbidden"})
 		}
 	}
 

diff --git a/api/jobs/database_postgres.go b/api/jobs/database_postgres.go
@@ -14,7 +14,6 @@ type PostgresDB struct {
 }
 
 // Initialize the database.
-// Creates intermediate directories if not exist.
 func NewPostgresDB(dbConnString string) (*PostgresDB, error) {
 	h, err := sql.Open("postgres", dbConnString)