GKaszewski/movies-diary
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: add DomainError::Forbidden + centralize error-to-HTTP mapping

Browse Source 
Ownership checks (delete_review, confirm/dismiss watch events) now
return Forbidden instead of Unauthorized. Presentation layer maps
DomainError→StatusCode via domain_error_response helper, replacing
verbose per-handler match arms.
This commit is contained in:
Gabriel Kaszewski
2026-06-02 21:00:22 +02:00
parent 28170c95d4
commit 4067dedb28
8 changed files with 61 additions and 127 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
crates/application/src/diary/delete_review.rs
View File

@@ -17,7 +17,7 @@ pub async fn execute(ctx: &AppContext, cmd: DeleteReviewCommand) -> Result<(), D
.ok_or_else(|| DomainError::NotFound(format!("review {}", cmd.review_id)))?;
if review.user_id() != &requesting_user_id {
return Err(DomainError::Unauthorized("not your review".into()));
return Err(DomainError::Forbidden("not your review".into()));
}
let movie_id = review.movie_id().clone();