From af310854fcf1126c8a90d2ebb1d0b0e561f958b1 Mon Sep 17 00:00:00 2001
From: Andrey Antukh <niwi@niwi.nz>
Date: Tue, 19 Jan 2021 11:29:56 +0100
Subject: [PATCH] :bug: Set proper exception type on notauthorized requests.

---
 backend/src/app/rpc/queries/files.clj    | 4 ++--
 backend/src/app/rpc/queries/projects.clj | 4 ++--
 backend/src/app/rpc/queries/teams.clj    | 4 ++--
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/backend/src/app/rpc/queries/files.clj b/backend/src/app/rpc/queries/files.clj
index ee75e2ca8..0f533fdc6 100644
--- a/backend/src/app/rpc/queries/files.clj
+++ b/backend/src/app/rpc/queries/files.clj
@@ -71,7 +71,7 @@
     (when-not (or (some :can-edit rows)
                   (some :is-admin rows)
                   (some :is-owner rows))
-      (ex/raise :type :validation
+      (ex/raise :type :authorization
                 :code :not-authorized))))
 
 
@@ -82,7 +82,7 @@
                              file-id profile-id
                              file-id profile-id])]
     (when-not (seq rows)
-      (ex/raise :type :validation
+      (ex/raise :type :authorization
                 :code :not-authorized))))
 
 
diff --git a/backend/src/app/rpc/queries/projects.clj b/backend/src/app/rpc/queries/projects.clj
index 5d48a5b3e..1bbd8bc19 100644
--- a/backend/src/app/rpc/queries/projects.clj
+++ b/backend/src/app/rpc/queries/projects.clj
@@ -44,7 +44,7 @@
     (when-not (or (some :can-edit rows)
                   (some :is-admin rows)
                   (some :is-owner rows))
-      (ex/raise :type :validation
+      (ex/raise :type :authorization
                 :code :not-authorized))))
 
 (defn check-read-permissions!
@@ -54,7 +54,7 @@
                              project-id profile-id])]
 
     (when-not (seq rows)
-      (ex/raise :type :validation
+      (ex/raise :type :authorization
                 :code :not-authorized))))
 
 
diff --git a/backend/src/app/rpc/queries/teams.clj b/backend/src/app/rpc/queries/teams.clj
index 17e8dfdcf..f27bc7444 100644
--- a/backend/src/app/rpc/queries/teams.clj
+++ b/backend/src/app/rpc/queries/teams.clj
@@ -32,7 +32,7 @@
     (when-not (or (:can-edit row)
                   (:is-admin row)
                   (:is-owner row))
-      (ex/raise :type :validation
+      (ex/raise :type :authorization
                 :code :not-authorized))
     row))
 
@@ -41,7 +41,7 @@
   (let [row (db/exec-one! conn [sql:team-permissions profile-id team-id])]
     ;; when row is found this means that read permission is granted.
     (when-not row
-      (ex/raise :type :validation
+      (ex/raise :type :authorization
                 :code :not-authorized))
     row))