Pull request #686: Bugfix/RED-6034 status code
Merge in RED/persistence-service from bugfix/RED-6034_status_code to master * commit '113947d2165821ab778eacfe537918f52fd9c082': RED-6034 - Possible to assign a file to unauthorized users - update junit test RED-6034 - Possible to assign a file to unauthorized users - change status from 403 to 400
This commit is contained in:
Corina Olariu
commit
c5bac015d5
@ -6,6 +6,7 @@ import org.springframework.stereotype.Service;
|
||||
|
||||
import com.iqser.red.keycloak.commons.KeycloakSecurity;
|
||||
import com.iqser.red.service.persistence.management.v1.processor.acl.custom.dossier.DossierACLService;
|
||||
import com.iqser.red.service.persistence.management.v1.processor.exception.BadRequestException;
|
||||
import com.iqser.red.service.persistence.management.v1.processor.exception.NotAllowedException;
|
||||
import com.iqser.red.service.persistence.management.v1.processor.exception.NotFoundException;
|
||||
import com.iqser.red.service.persistence.service.v1.api.shared.model.dossiertemplate.dossier.file.WorkflowStatus;
|
||||
@ -69,7 +70,7 @@ public class AccessControlService {
|
||||
var isMember = dossier.getMemberIds().contains(userId);
|
||||
var isApprover = dossier.getApproverIds().contains(userId);
|
||||
if (!isMember && !isApprover) {
|
||||
throw new NotAllowedException("User must be dossier member or approver.");
|
||||
throw new BadRequestException("User must be dossier member or approver.");
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -548,7 +548,7 @@ public class FileTest extends AbstractPersistenceServerServiceTest {
|
||||
assertThat(actualMessage).contains(expectedMessage);
|
||||
|
||||
|
||||
exception = Assertions.assertThrows(FeignException.Forbidden.class, () -> {
|
||||
exception = Assertions.assertThrows(FeignException.BadRequest.class, () -> {
|
||||
fileClient.setStatusUnderReview(dossier.getId(), file.getId(), user2);
|
||||
});
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user