dimas-b commented on code in PR #864:
URL: https://github.com/apache/polaris/pull/864#discussion_r1929127505
##########
service/common/src/main/java/org/apache/polaris/service/exception/IcebergExceptionMapper.java:
##########
@@ -144,4 +112,56 @@ public static boolean containsAnyAccessDeniedHint(String
message) {
public static Collection<String> getAccessDeniedHints() {
return ImmutableSet.copyOf(ACCESS_DENIED_HINTS);
}
+
+ static int mapExceptionToResponseCode(RuntimeException rex) {
+ // Cloud exceptions
+ if (rex instanceof S3Exception
+ || rex instanceof AzureException
+ || rex instanceof StorageException) {
+ if (doesAnyThrowableContainAccessDeniedHint(rex)) {
+ return Response.Status.FORBIDDEN.getStatusCode();
+ }
+
+ int httpCode =
+ switch (rex) {
+ case S3Exception s3e -> s3e.statusCode();
+ case HttpResponseException hre ->
hre.getResponse().getStatusCode();
+ case StorageException se -> se.getCode();
+ default -> -1;
+ };
+
+ if (300 <= httpCode && httpCode <= 499) {
+ return httpCode;
Review Comment:
401 on the storage side is still a 500 from the client perspective, IMHO,
because it basically means the server is not configured properly.
Update: Actually, 401 -> 403 looks reasonable to me.
a 401 response in the client would mean the client failed to authenticate
against Polaris, which is not the case here.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
