fix(wolf-rbac): Return 403 error code when the user does not have per…

…mission. (#7497)
apache · Jul 24, 2022 · 1771c51 · 1771c51
1 parent 3b1cda7
commit 1771c51
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 4 deletions.
diff --git a/apisix/plugins/wolf-rbac.lua b/apisix/plugins/wolf-rbac.lua
@@ -324,7 +324,7 @@ function _M.rewrite(conf, ctx)
         core.log.error(" check_url_permission(",
             core.json.delay_encode(perm_item),
             ") failed, res: ",core.json.delay_encode(res))
-        return 401, fail_response("Invalid user permission",
+        return 403, fail_response("Invalid user permission",
             { username = username, nickname = nickname }
         )
     end

diff --git a/t/plugin/wolf-rbac.t b/t/plugin/wolf-rbac.t
@@ -115,12 +115,12 @@ done
 
             for _, data in ipairs(data) do
                 local code, body = t(data.url, ngx.HTTP_PUT, data.data)
-                ngx.say(code..body)
+                ngx.say(body)
             end
         }
     }
 --- response_body eval
-"201passed\n" x 3
+"passed\n" x 3
 
 
 
@@ -342,7 +342,7 @@ x-rbac-token: V1#invalid-appid#rbac-token
 === TEST 16: verify: failed
 --- request
 GET /hello1
---- error_code: 401
+--- error_code: 403
 --- more_headers
 x-rbac-token: V1#wolf-rbac-app#wolf-rbac-token
 --- response_body