fix: update code for access denied error

2025-04-11 02:45:46 -04:00 · 2025-04-11 02:45:46 -04:00 · a1dc3cfdec
parent 7a4ec9cf23
commit a1dc3cfdec
3 changed files with 7 additions and 6 deletions
--- a/api/controllers/web/error.py
+++ b/api/controllers/web/error.py
@ -127,8 +127,8 @@ class WebAppAuthRequiredError(BaseHTTPException):
    code = 401


-class WebAppAuthFailedError(BaseHTTPException):
-    error_code = "web_app_auth_failed"
+class WebAppAuthAccessDeniedError(BaseHTTPException):
+    error_code = "web_app_access_denied"
    description = "You do not have permission to access this web app."
    code = 401

--- a/api/controllers/web/wraps.py
+++ b/api/controllers/web/wraps.py
@ -4,7 +4,8 @@ from flask import request
 from flask_restful import Resource  # type: ignore
 from werkzeug.exceptions import BadRequest, NotFound, Unauthorized

-from controllers.web.error import WebAppAuthFailedError, WebAppAuthRequiredError
+from controllers.web.error import (WebAppAuthAccessDeniedError,
+                                   WebAppAuthRequiredError)
 from extensions.ext_database import db
 from libs.passport import PassportService
 from models.model import App, EndUser, Site
@ -103,7 +104,7 @@ def _validate_user_accessibility(decoded, app_code, app_web_auth_enabled: bool,
            raise WebAppAuthRequiredError()

        if not EnterpriseService.is_user_allowed_to_access_webapp(user_id, app_code=app_code):
-            raise WebAppAuthFailedError()
+            raise WebAppAuthAccessDeniedError()


 class WebApiResource(Resource):
--- a/api/services/webapp_auth_service.py
+++ b/api/services/webapp_auth_service.py
@ -5,7 +5,7 @@ from typing import Any, Optional, cast
 from werkzeug.exceptions import NotFound, Unauthorized

 from configs import dify_config
-from controllers.web.error import WebAppAuthFailedError
+from controllers.web.error import WebAppAuthAccessDeniedError
 from extensions.ext_database import db
 from libs.helper import TokenManager
 from libs.passport import PassportService
@ -115,7 +115,7 @@ class WebAppAuthService:
            if app_settings.access_mode != "public" and not EnterpriseService.is_user_allowed_to_access_webapp(
                account.id, app_code=app_code
            ):
-                raise WebAppAuthFailedError()
+                raise WebAppAuthAccessDeniedError()

    @classmethod
    def _get_account_jwt_token(cls, account: Account, site: Site, end_user_id: str) -> str: