Introduced a permission denied exception

glpatcern · glpatcern · commit 6d463631402e · 2024-10-03T10:42:40.000+02:00
diff --git a/cs3client/exceptions/__init__.py b/cs3client/exceptions/__init__.py
@@ -19,6 +19,15 @@ def __init__(self, message: str = "Operation not permitted"):
         super().__init__(message)
 
 
+class PermissionDeniedException(IOError):
+    """
+    Standard permission denied message
+    """
+
+    def __init__(self, message: str = "Permission denied"):
+        super().__init__(message)
+
+
 class NotFoundException(IOError):
     """
     Standard file missing message
@@ -47,15 +56,6 @@ def __init__(self, message: str = "Lock mismatch"):
         super().__init__(message)
 
 
-class UnknownException(Exception):
-    """
-    Standard exception to be thrown when we get an error that is unknown, e.g. not defined in the cs3api
-    """
-
-    def __init__(self, message: str = ""):
-        super().__init__(message)
-
-
 class AlreadyExistsException(IOError):
     """
     Standard error thrown when attempting to create a resource that already exists
@@ -72,3 +72,13 @@ class UnimplementedException(Exception):
 
     def __init__(self, message: str = "Not implemented"):
         super().__init__(message)
+
+
+class UnknownException(Exception):
+    """
+    Standard exception to be thrown when we get an error that is unknown, e.g. not defined in the cs3api
+    """
+
+    def __init__(self, message: str = ""):
+        super().__init__(message)
+
diff --git a/cs3client/statuscodehandler.py b/cs3client/statuscodehandler.py
@@ -12,7 +12,7 @@
 import cs3.rpc.v1beta1.code_pb2 as cs3code
 import cs3.rpc.v1beta1.status_pb2 as cs3status
 
-from .exceptions import AuthenticationException, NotFoundException, \
+from .exceptions import AuthenticationException, PermissionDeniedException, NotFoundException, \
     UnknownException, AlreadyExistsException, FileLockedException, UnimplementedException
 from .config import Config
 
@@ -38,6 +38,15 @@ def _log_authentication_error(
             f'trace="{status.trace}" reason="{status_msg}"'
         )
 
+    def _log_permission_denied_info(
+            self, status: cs3status.Status, operation: str, status_msg: str, msg: Optional[str] = None
+    ) -> None:
+        self._log.info(
+            f'msg="Permission denied on {operation}" {msg + " " if msg else ""}'
+            f'userid="{self._config.auth_client_id if self._config.auth_client_id else "no_id_set"}" '
+            f'trace="{status.trace}" reason="{status_msg}"'
+        )
+
     def _log_unknown_error(self, status: cs3status.Status, operation: str, status_msg: str, msg: Optional[str] = None) -> None:
         self._log.error(
             f'msg="Failed to {operation}, unknown error" {msg + " " if msg else ""}'
@@ -90,6 +99,9 @@ def handle_errors(self, status: cs3status.Status, operation: str, msg: Optional[
         if status.code == cs3code.CODE_UNAUTHENTICATED:
             self._log_authentication_error(status, operation, status_message, msg)
             raise AuthenticationException
+        if status.code == cs3code.CODE_PERMISSION_DENIED:
+            self._log_permission_denied_info(status, operation, status_message, msg)
+            raise PermissionDeniedException
         if status.code != cs3code.CODE_OK:
             if "path not found" in str(status.message).lower():
                 self._log.info(f'msg="Invoked {operation} on missing file" ')
