User tenancy - forbidden explanation
Project: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/commit/20213b2a Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/tree/20213b2a Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/diff/20213b2a Branch: refs/heads/master Commit: 20213b2a5ca84c8bcf0cb7d66a0f69668bcc0036 Parents: 54200a5 Author: nir-sopher <n...@qwilt.com> Authored: Wed Jul 12 12:07:22 2017 +0300 Committer: Jeremy Mitchell <mitchell...@gmail.com> Committed: Wed Jul 19 15:55:31 2017 -0600 ---------------------------------------------------------------------- traffic_ops/app/lib/API/User.pm | 4 ++-- traffic_ops/app/t/api/1.2/tenant_access.t | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/blob/20213b2a/traffic_ops/app/lib/API/User.pm ---------------------------------------------------------------------- diff --git a/traffic_ops/app/lib/API/User.pm b/traffic_ops/app/lib/API/User.pm index 0da0ac1..ebaceda 100644 --- a/traffic_ops/app/lib/API/User.pm +++ b/traffic_ops/app/lib/API/User.pm @@ -125,7 +125,7 @@ sub show { while ( my $row = $rs_data->next ) { if (!$tenant_utils->is_user_resource_accessible($tenants_data, $row->tenant_id)) { - return $self->forbidden(); + return $self->forbidden("Forbidden: User is not available for your tenant."); } push( @data, { @@ -178,7 +178,7 @@ sub update { my $tenants_data = $tenant_utils->create_tenants_data_from_db(); if (!$tenant_utils->is_user_resource_accessible($tenants_data, $user->tenant_id)) { #no access to resource tenant - return $self->forbidden(); + return $self->forbidden("Forbidden: User is not available for your tenant."); } if (!$tenant_utils->is_user_resource_accessible($tenants_data, $tenant_id)) { #no access to target tenancy http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/blob/20213b2a/traffic_ops/app/t/api/1.2/tenant_access.t ---------------------------------------------------------------------- diff --git a/traffic_ops/app/t/api/1.2/tenant_access.t b/traffic_ops/app/t/api/1.2/tenant_access.t index fddef17..302cb3e 100644 --- a/traffic_ops/app/t/api/1.2/tenant_access.t +++ b/traffic_ops/app/t/api/1.2/tenant_access.t @@ -558,7 +558,7 @@ sub test_user_resource_write_block_access { $response2edit2->{"tenantId"} = $tenants_data->{$resource_tenant}->{'id'}; ok $t->put_ok('/api/1.2/users/'.$new_userid2 => {Accept => 'application/json'} => json => $response2edit2) ->status_is($is_login_tenant_active ? 400 : 403)->or( sub { diag $t->tx->res->content->asset->{content}; } ) - ->json_is( "/alerts/0/text" => $is_login_tenant_active ? "Invalid tenant. This tenant is not available to you for assignment." : "Forbidden") + ->json_is( "/alerts/0/text" => $is_login_tenant_active ? "Invalid tenant. This tenant is not available to you for assignment." : "Forbidden: User is not available for your tenant.") , 'Cannot change user tenant to the target resource tenant: login tenant:'.$login_tenant.' resource tenant: '.$resource_tenant.'?'; logout_from_tenant_admin();
