From 820c321f2442a9882c8cc490a54a90ea585ce58d Mon Sep 17 00:00:00 2001 From: iGeeky Date: Wed, 20 Jul 2022 00:13:47 +0800 Subject: [PATCH] fix(wolf-rbac): Return 403 error code when the user does not have permission. --- apisix/plugins/wolf-rbac.lua | 2 +- t/plugin/wolf-rbac.t | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/apisix/plugins/wolf-rbac.lua b/apisix/plugins/wolf-rbac.lua index 1a2e9867fce0..1eb3d1987edd 100644 --- a/apisix/plugins/wolf-rbac.lua +++ b/apisix/plugins/wolf-rbac.lua @@ -324,7 +324,7 @@ function _M.rewrite(conf, ctx) core.log.error(" check_url_permission(", core.json.delay_encode(perm_item), ") failed, res: ",core.json.delay_encode(res)) - return 401, fail_response("Invalid user permission", + return 403, fail_response("Invalid user permission", { username = username, nickname = nickname } ) end diff --git a/t/plugin/wolf-rbac.t b/t/plugin/wolf-rbac.t index 954f9c1ca114..134a37f3350a 100644 --- a/t/plugin/wolf-rbac.t +++ b/t/plugin/wolf-rbac.t @@ -115,12 +115,12 @@ done for _, data in ipairs(data) do local code, body = t(data.url, ngx.HTTP_PUT, data.data) - ngx.say(code..body) + ngx.say(body) end } } --- response_body eval -"201passed\n" x 3 +"passed\n" x 3 @@ -342,7 +342,7 @@ x-rbac-token: V1#invalid-appid#rbac-token === TEST 16: verify: failed --- request GET /hello1 ---- error_code: 401 +--- error_code: 403 --- more_headers x-rbac-token: V1#wolf-rbac-app#wolf-rbac-token --- response_body