Fix entitlement messages #130
Conversation
tbouron
left a comment
tbouron
left a comment
There was a problem hiding this comment.
Thanks @jcabrerizo, just have one small comment but LGTM otherwise.
Can be merged after that.
| vm.entity.name = vm.name; | ||
| }).catch((error)=> { | ||
| brSnackbar.create('Cannot update entity name: the entity [' + entityId + '] is undefined'); | ||
| if(error.data && error.data.error === 403){ |
There was a problem hiding this comment.
I don't think you need this change as 403 errors are now handled by the Java securityproviser you did @jcabrerizo ;)
There was a problem hiding this comment.
The security provider manages the authentication, but an authenticated user can try execute actions that need an entitlement that s/he hasn't. In this case, the exception thrown send an 403 as status. I tried to left the previous behavior and also manage the unauthorized action. If it doesn't make sense for you @tbouron i can change it.
There was a problem hiding this comment.
Good point about the REST API. But using your argument, it should then be applied to all endpoints, not just this one. I think it can be done globally though, like an interceptor of some kind, but it is outside on the scope of this PR IMO.
So I would remove it for now, but create a JIRA ticket to track this task. How does it sound @jcabrerizo ?
There was a problem hiding this comment.
I've changed the get the message from the error object
tbouron
left a comment
tbouron
left a comment
There was a problem hiding this comment.
Awesome, thanks @jcabrerizo 🎉
2 participants
Now shows the messages from the entitlement control system