This is an automated email from the ASF dual-hosted git repository.
spacewander pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/apisix.git
The following commit(s) were added to refs/heads/master by this push:
new 1771c51f9 fix(wolf-rbac): Return 403 error code when the user does not
have permission. (#7497)
1771c51f9 is described below
commit 1771c51f94d1c5c4f6542a9d90c7c1d777b992d2
Author: iGeeky <[email protected]>
AuthorDate: Sun Jul 24 19:59:14 2022 +0800
fix(wolf-rbac): Return 403 error code when the user does not have
permission. (#7497)
---
apisix/plugins/wolf-rbac.lua | 2 +-
t/plugin/wolf-rbac.t | 6 +++---
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/apisix/plugins/wolf-rbac.lua b/apisix/plugins/wolf-rbac.lua
index 1a2e9867f..1eb3d1987 100644
--- a/apisix/plugins/wolf-rbac.lua
+++ b/apisix/plugins/wolf-rbac.lua
@@ -324,7 +324,7 @@ function _M.rewrite(conf, ctx)
core.log.error(" check_url_permission(",
core.json.delay_encode(perm_item),
") failed, res: ",core.json.delay_encode(res))
- return 401, fail_response("Invalid user permission",
+ return 403, fail_response("Invalid user permission",
{ username = username, nickname = nickname }
)
end
diff --git a/t/plugin/wolf-rbac.t b/t/plugin/wolf-rbac.t
index 954f9c1ca..134a37f33 100644
--- a/t/plugin/wolf-rbac.t
+++ b/t/plugin/wolf-rbac.t
@@ -115,12 +115,12 @@ done
for _, data in ipairs(data) do
local code, body = t(data.url, ngx.HTTP_PUT, data.data)
- ngx.say(code..body)
+ ngx.say(body)
end
}
}
--- response_body eval
-"201passed\n" x 3
+"passed\n" x 3
@@ -342,7 +342,7 @@ x-rbac-token: V1#invalid-appid#rbac-token
=== TEST 16: verify: failed
--- request
GET /hello1
---- error_code: 401
+--- error_code: 403
--- more_headers
x-rbac-token: V1#wolf-rbac-app#wolf-rbac-token
--- response_body
