diff --git a/libertas_api/src/error.rs b/libertas_api/src/error.rs index 6567409..c76c929 100644 --- a/libertas_api/src/error.rs +++ b/libertas_api/src/error.rs @@ -22,6 +22,11 @@ impl IntoResponse for ApiError { ), CoreError::Duplicate(e) => (StatusCode::CONFLICT, e), CoreError::Auth(e) => (StatusCode::UNAUTHORIZED, e), + CoreError::Forbidden(e) => (StatusCode::FORBIDDEN, e), + CoreError::Unknown(e) => ( + StatusCode::INTERNAL_SERVER_ERROR, + format!("An unknown error occurred: {}", e), + ), _ => ( StatusCode::INTERNAL_SERVER_ERROR, "An unknown error occurred".to_string(), diff --git a/libertas_api/src/services/authorization_service.rs b/libertas_api/src/services/authorization_service.rs index 6813507..bb5b482 100644 --- a/libertas_api/src/services/authorization_service.rs +++ b/libertas_api/src/services/authorization_service.rs @@ -149,9 +149,15 @@ impl AuthorizationService for AuthorizationServiceImpl { } } - Err(CoreError::Auth( - "User does not have permission to view this media.".into(), - )) + if user_id.is_some() { + return Err(CoreError::Forbidden( + "User does not have permission to view this media.".into(), + )); + } else { + return Err(CoreError::Auth( + "Authentication required for this action".into(), + )); + } } Permission::DeleteMedia(media_id) | Permission::EditMedia(media_id) => { @@ -163,7 +169,7 @@ impl AuthorizationService for AuthorizationServiceImpl { return Ok(()); } - Err(CoreError::Auth( + Err(CoreError::Forbidden( "User does not have permission to modify this media.".into(), )) } @@ -189,7 +195,7 @@ impl AuthorizationService for AuthorizationServiceImpl { return Ok(()); } - Err(CoreError::Auth( + Err(CoreError::Forbidden( "User does not have permission to modify tags for this media.".into(), )) } @@ -206,7 +212,7 @@ impl AuthorizationService for AuthorizationServiceImpl { return Ok(()); } - Err(CoreError::Auth( + Err(CoreError::Forbidden( "User does not have permission to view this album.".into(), )) } @@ -222,7 +228,7 @@ impl AuthorizationService for AuthorizationServiceImpl { return Ok(()); } - Err(CoreError::Auth( + Err(CoreError::Forbidden( "User does not have permission to modify this album.".into(), )) } @@ -237,7 +243,7 @@ impl AuthorizationService for AuthorizationServiceImpl { return Ok(()); } - Err(CoreError::Auth( + Err(CoreError::Forbidden( "User does not have permission to share or delete this album.".into(), )) } @@ -253,7 +259,7 @@ impl AuthorizationService for AuthorizationServiceImpl { return Ok(()); } - Err(CoreError::Auth( + Err(CoreError::Forbidden( "User does not have permission to view this person.".into(), )) } @@ -270,7 +276,7 @@ impl AuthorizationService for AuthorizationServiceImpl { return Ok(()); } - Err(CoreError::Auth( + Err(CoreError::Forbidden( "User does not have permission to modify this person.".into(), )) } @@ -286,7 +292,7 @@ impl AuthorizationService for AuthorizationServiceImpl { return Ok(()); } - Err(CoreError::Auth( + Err(CoreError::Forbidden( "User does not have permission to use this person.".into(), )) } diff --git a/libertas_core/src/error.rs b/libertas_core/src/error.rs index d964e45..a1c85b7 100644 --- a/libertas_core/src/error.rs +++ b/libertas_core/src/error.rs @@ -23,6 +23,9 @@ pub enum CoreError { #[error("Authentication failed: {0}")] Auth(String), + #[error("Forbidden: {0}")] + Forbidden(String), + #[error("An unknown error occurred: {0}")] Unknown(String), }