gridsuite · TheMaskedTurtle · Jan 26, 2026 · Jan 19, 2026 · Jan 19, 2026 · Jan 20, 2026
diff --git a/src/main/java/org/gridsuite/explore/server/ExploreController.java b/src/main/java/org/gridsuite/explore/server/ExploreController.java
@@ -603,21 +603,17 @@ public ResponseEntity<String> searchElements(
                 .body(directoryService.searchElements(userInput, directoryUuid, userId));
     }
 
-    @RequestMapping(method = RequestMethod.HEAD, value = "/explore/elements/{elementUuid}")
+    @GetMapping(value = "/explore/elements/{elementUuid}")
     @Operation(summary = "Check if user has a given right on a directory, or a single element by checking its parent")
     @ApiResponses(value = {
         @ApiResponse(responseCode = "200", description = "The user has the right on the element"),
         @ApiResponse(responseCode = "204", description = "The user has not the right on the element"),
     })
-    public ResponseEntity<String> hasRight(@PathVariable("elementUuid") UUID elementUuid,
+    public ResponseEntity<Void> hasRight(@PathVariable("elementUuid") UUID elementUuid,
                                          @RequestParam(name = "permission") PermissionType permission,
                                          @RequestHeader(QUERY_PARAM_USER_ID) String userId) {
-        PermissionResponse permissionResponse = directoryService.checkPermission(List.of(elementUuid), null, userId, permission);
-        if (permissionResponse.hasPermission()) {
-            return ResponseEntity.ok().build();
-        } else {
-            return ResponseEntity.status(HttpStatus.FORBIDDEN).body(permissionResponse.permissionCheckResult());
-        }
+        directoryService.checkPermission(List.of(elementUuid), null, userId, permission);
+        return ResponseEntity.ok().build();
     }
 
     @GetMapping(value = "/explore/directories/{directoryUuid}/permissions", produces = MediaType.APPLICATION_JSON_VALUE)

diff --git a/src/main/java/org/gridsuite/explore/server/dto/PermissionResponse.java b/src/main/java/org/gridsuite/explore/server/dto/PermissionResponse.java
diff --git a/src/main/java/org/gridsuite/explore/server/error/ExploreBusinessErrorCode.java b/src/main/java/org/gridsuite/explore/server/error/ExploreBusinessErrorCode.java
@@ -14,7 +14,6 @@
  * Business error codes emitted by the explore service.
  */
 public enum ExploreBusinessErrorCode implements BusinessErrorCode {
-    EXPLORE_PERMISSION_DENIED("explore.permissionDenied"),
     EXPLORE_MAX_ELEMENTS_EXCEEDED("explore.maxElementsExceeded"),
     EXPLORE_INCORRECT_CASE_FILE("explore.incorrectCaseFile");
 

diff --git a/src/main/java/org/gridsuite/explore/server/error/ExploreExceptionHandler.java b/src/main/java/org/gridsuite/explore/server/error/ExploreExceptionHandler.java
@@ -38,7 +38,7 @@ protected ExploreBusinessErrorCode getBusinessCode(ExploreException ex) {
     @Override
     protected HttpStatus mapStatus(ExploreBusinessErrorCode errorCode) {
         return switch (errorCode) {
-            case EXPLORE_PERMISSION_DENIED, EXPLORE_MAX_ELEMENTS_EXCEEDED -> HttpStatus.FORBIDDEN;
+            case EXPLORE_MAX_ELEMENTS_EXCEEDED -> HttpStatus.FORBIDDEN;
             case EXPLORE_INCORRECT_CASE_FILE -> HttpStatus.UNPROCESSABLE_ENTITY;
         };
     }

diff --git a/src/main/java/org/gridsuite/explore/server/services/AuthorizationService.java b/src/main/java/org/gridsuite/explore/server/services/AuthorizationService.java
@@ -6,20 +6,15 @@
  */
 package org.gridsuite.explore.server.services;
 
-import org.gridsuite.explore.server.error.ExploreException;
-import org.gridsuite.explore.server.dto.PermissionResponse;
 import org.gridsuite.explore.server.dto.PermissionType;
 import org.springframework.stereotype.Service;
 
 import java.util.List;
 import java.util.UUID;
 
-import static org.gridsuite.explore.server.error.ExploreBusinessErrorCode.EXPLORE_PERMISSION_DENIED;
-
 /**
  * @author Abdelsalem Hedhili <abdelsalem.hedhili at rte-france.com>
  */
-
 @Service
 public class AuthorizationService {
 
@@ -30,32 +25,17 @@ public AuthorizationService(DirectoryService directoryService) {
     }
 
     //This method should only be called inside of @PreAuthorize to centralize permission checks
-    public boolean isAuthorized(String userId, List<UUID> elementUuids, UUID targetDirectoryUuid, PermissionType permissionType) {
-        PermissionResponse permissionResponse = directoryService.checkPermission(elementUuids, targetDirectoryUuid, userId, permissionType);
-        if (!permissionResponse.hasPermission()) {
-            throw ExploreException.of(EXPLORE_PERMISSION_DENIED, permissionResponse.permissionCheckResult());
-        }
-        return true;
+    public void isAuthorized(String userId, List<UUID> elementUuids, UUID targetDirectoryUuid, PermissionType permissionType) {
+        directoryService.checkPermission(elementUuids, targetDirectoryUuid, userId, permissionType);
     }
 
     //This method should only be called inside of @PreAuthorize to centralize permission checks
-    public boolean isAuthorizedForDuplication(String userId, UUID elementToDuplicate, UUID targetDirectoryUuid) {
-        PermissionResponse readCheck = directoryService.checkPermission(List.of(elementToDuplicate), null, userId, PermissionType.READ);
-        if (!readCheck.hasPermission()) {
-            throw ExploreException.of(EXPLORE_PERMISSION_DENIED, readCheck.permissionCheckResult());
-        }
-        PermissionResponse writeCheck = directoryService.checkPermission(List.of(targetDirectoryUuid != null ? targetDirectoryUuid : elementToDuplicate), null, userId, PermissionType.WRITE);
-        if (!writeCheck.hasPermission()) {
-            throw ExploreException.of(EXPLORE_PERMISSION_DENIED, writeCheck.permissionCheckResult());
-        }
-        return true;
+    public void isAuthorizedForDuplication(String userId, UUID elementToDuplicate, UUID targetDirectoryUuid) {
+        directoryService.checkPermission(List.of(elementToDuplicate), null, userId, PermissionType.READ);
+        directoryService.checkPermission(List.of(targetDirectoryUuid != null ? targetDirectoryUuid : elementToDuplicate), null, userId, PermissionType.WRITE);
     }
 
-    public boolean isRecursivelyAuthorized(String userId, List<UUID> elementUuids, UUID targetDirectoryUuid) {
-        PermissionResponse permissionResponse = directoryService.checkPermission(elementUuids, targetDirectoryUuid, userId, PermissionType.WRITE, true);
-        if (!permissionResponse.hasPermission()) {
-            throw ExploreException.of(EXPLORE_PERMISSION_DENIED, permissionResponse.permissionCheckResult());
-        }
-        return true;
+    public void isRecursivelyAuthorized(String userId, List<UUID> elementUuids, UUID targetDirectoryUuid) {
+        directoryService.checkPermission(elementUuids, targetDirectoryUuid, userId, PermissionType.WRITE, true);
     }
 }
diff --git a/src/main/java/org/gridsuite/explore/server/services/DirectoryService.java b/src/main/java/org/gridsuite/explore/server/services/DirectoryService.java
@@ -8,14 +8,12 @@
 
 import org.gridsuite.explore.server.dto.ElementAttributes;
 import org.gridsuite.explore.server.dto.PermissionDTO;
-import org.gridsuite.explore.server.dto.PermissionResponse;
 import org.gridsuite.explore.server.dto.PermissionType;
 import org.gridsuite.explore.server.utils.ParametersType;
 import org.springframework.core.ParameterizedTypeReference;
 import org.springframework.http.*;
 import org.springframework.stereotype.Service;
 import org.springframework.util.CollectionUtils;
-import org.springframework.web.client.HttpStatusCodeException;
 import org.springframework.web.client.RestTemplate;
 import org.springframework.web.util.UriComponentsBuilder;
 
@@ -57,8 +55,6 @@ public class DirectoryService implements IDirectoryElementsService {
     private static final String PARAM_DIRECTORY_UUID = "directoryUuid";
     private static final String PARAM_USER_INPUT = "userInput";
 
-    private static final String HEADER_PERMISION_ERROR = "X-Permission-Error";
-
     private final Map<String, IDirectoryElementsService> genericServices;
     private final RestTemplate restTemplate;
     private String directoryServerBaseUri;
@@ -398,39 +394,25 @@ public void moveElementsDirectory(List<UUID> elementsUuids, UUID targetDirectory
         restTemplate.exchange(directoryServerBaseUri + path, HttpMethod.PUT, httpEntity, Void.class);
     }
 
-    public PermissionResponse checkPermission(List<UUID> elementUuids, UUID targetDirectoryUuid, String userId, PermissionType permissionType) {
-        return checkPermission(elementUuids, targetDirectoryUuid, userId, permissionType, false);
+    public void checkPermission(List<UUID> elementUuids, UUID targetDirectoryUuid, String userId, PermissionType permissionType) {
+        checkPermission(elementUuids, targetDirectoryUuid, userId, permissionType, false);
     }
 
     //This method should only be called inside of AuthorizationService to centralize permission checks
-    public PermissionResponse checkPermission(List<UUID> elementUuids, UUID targetDirectoryUuid, String userId, PermissionType permissionType, boolean recursiveCheck) {
+    public void checkPermission(List<UUID> elementUuids, UUID targetDirectoryUuid, String userId, PermissionType permissionType, boolean recursiveCheck) {
         String ids = elementUuids.stream().map(UUID::toString).collect(Collectors.joining(","));
         HttpHeaders headers = new HttpHeaders();
         headers.add(HEADER_USER_ID, userId);
 
-        String path = UriComponentsBuilder.fromPath(ELEMENTS_SERVER_ROOT_PATH)
+        String path = UriComponentsBuilder.fromPath(ELEMENTS_SERVER_ROOT_PATH + "/authorized")
             .queryParam(PARAM_ACCESS_TYPE, permissionType)
             .queryParam(PARAM_IDS, ids)
             .queryParam(PARAM_TARGET_DIRECTORY_UUID, targetDirectoryUuid)
             .queryParam(PARAM_RECURSIVE_CHECK, recursiveCheck)
             .buildAndExpand()
             .toUriString();
 
-        try {
-            restTemplate.exchange(directoryServerBaseUri + path, HttpMethod.HEAD, new HttpEntity<>(headers), Void.class);
-        } catch (HttpStatusCodeException e) {
-            if (HttpStatus.FORBIDDEN.equals(e.getStatusCode())) {
-                String permissionCheckResult = null;
-                HttpHeaders responseHeader = e.getResponseHeaders();
-                if (responseHeader != null && responseHeader.getFirst(HEADER_PERMISION_ERROR) != null) {
-                    permissionCheckResult = responseHeader.getFirst(HEADER_PERMISION_ERROR);
-                }
-                return new PermissionResponse(false, permissionCheckResult);
-            } else {
-                throw e;
-            }
-        }
-        return new PermissionResponse(true, null);
+        restTemplate.exchange(directoryServerBaseUri + path, HttpMethod.GET, new HttpEntity<>(headers), Void.class);
     }
 
     public List<PermissionDTO> getDirectoryPermissions(UUID directoryUuid, String userId) {

diff --git a/src/test/java/org/gridsuite/explore/server/ExploreExceptionHandlerTest.java b/src/test/java/org/gridsuite/explore/server/ExploreExceptionHandlerTest.java
@@ -34,14 +34,14 @@ void setUp() {
     @Test
     void mapsElementNotFoundToNotFoundStatus() {
         MockHttpServletRequest request = new MockHttpServletRequest("GET", "/explore");
-        ExploreException exception = new ExploreException(ExploreBusinessErrorCode.EXPLORE_PERMISSION_DENIED,
+        ExploreException exception = new ExploreException(ExploreBusinessErrorCode.EXPLORE_MAX_ELEMENTS_EXCEEDED,
             "denied");
 
         ResponseEntity<PowsyblWsProblemDetail> response = handler.invokeHandleDomainException(exception, request);
 
         assertThat(response.getStatusCode()).isEqualTo(HttpStatus.FORBIDDEN);
         assertThat(response.getBody()).isNotNull();
-        assertEquals("explore.permissionDenied", response.getBody().getBusinessErrorCode());
+        assertEquals("explore.maxElementsExceeded", response.getBody().getBusinessErrorCode());
     }
 
     private static final class TestExploreExceptionHandler extends ExploreExceptionHandler {