Forward Entitlements Exception Message
Type of change
-
Bug Fix -
Feature -
Enhancement
Does this introduce a change in the core logic?
- [YES]
Does this introduce a change in the cloud provider implementation, if so which cloud?
-
AWS -
Azure -
GCP -
IBM
Does this introduce a breaking change?
- [NO]
What is the current behavior?
When interacting with the storage service an entitlement exception caused from invalid data partition id returns a 403 error along with a generic error message that does not provide a lot of understanding to the invoker of the API what went wrong.
What is the new/expected behavior?
This PR aims to add error message propagation from entitlements to storage to client. We saw the need for this when an invalid data partition id led the user to see a 403 "Access Denied" "User not Authorized to perform this action" message. This led the user to believe the error came from their token.
Upon further investigation we found logs in partition service and the entitlements service which showed the error was from an invalid data partition Id.
The change in Entitlements: osdu/platform/security-and-compliance/entitlements!530 (merged) Now let's entitlement return a more descriptive message that indicates of an issue with an invalid data partition id. This PR leverages the change in entitlement and uses the error response body, to pass the message along to the client.
Have you added/updated Unit Tests and Integration Tests?
Yes