Merge pull request #6276 from 2403905/issue-6037

fix the wrong status code when appRoleAssignments is forbidden #6037

changelog/unreleased/fix-status-code-appRoleAssignments.md

@@ -0,0 +1,7 @@
+Bugfix: Fix the wrong status code when appRoleAssignments is forbidden
+
+Fix the wrong status code when appRoleAssignments is forbidden in the CreateAppRoleAssignment and
+DeleteAppRoleAssignment methods.
+
+https://github.com/owncloud/ocis/issues/6037
+https://github.com/owncloud/ocis/pull/6276

services/graph/pkg/service/v0/approleassignments.go

@@ -10,6 +10,7 @@ import (
  settingsmsg "github.com/owncloud/ocis/v2/protogen/gen/ocis/messages/settings/v0"
  settingssvc "github.com/owncloud/ocis/v2/protogen/gen/ocis/services/settings/v0"
  "github.com/owncloud/ocis/v2/services/graph/pkg/service/v0/errorcode"
+ merrors "go-micro.dev/v4/errors"
 )
 
 const principalTypeUser = "User"
@@ -67,6 +68,10 @@ func (g Graph) CreateAppRoleAssignment(w http.ResponseWriter, r *http.Request) {
  RoleId: appRoleAssignment.AppRoleId,
  })
  if err != nil {
+ if merr, ok := merrors.As(err); ok && merr.Code == http.StatusForbidden {
+ errorcode.NotAllowed.Render(w, r, http.StatusForbidden, err.Error())
+ return
+ }
  errorcode.GeneralException.Render(w, r, http.StatusInternalServerError, err.Error())
  return
  }
@@ -108,6 +113,10 @@ func (g Graph) DeleteAppRoleAssignment(w http.ResponseWriter, r *http.Request) {
  Id: appRoleAssignmentID,
  })
  if err != nil {
+ if merr, ok := merrors.As(err); ok && merr.Code == http.StatusForbidden {
+ errorcode.NotAllowed.Render(w, r, http.StatusForbidden, err.Error())
+ return
+ }
  errorcode.GeneralException.Render(w, r, http.StatusInternalServerError, err.Error())
  return
  }