Merge pull request #305 from bcgov/bug/bucket-creds-conflict-error-responses

TimCsaky · web-flow · commit 3c00955d0c6b · 2025-05-06T16:35:39.000-07:00
Create/update bucket endpoints: swap HTTP 403/409 response codes when encountering errors with S3 credentials, reword "bucket credentials mismatch" error message
diff --git a/app/src/controllers/bucket.js b/app/src/controllers/bucket.js
@@ -90,7 +90,7 @@ const controller = {
       log.warn(`Failure to validate bucket credentials: ${e.message}`, {
         function: '_validateCredentials',
       });
-      throw new Problem(409, {
+      throw new Problem(403, {
         detail: 'Unable to validate supplied credentials for the bucket',
       });
     }
@@ -128,7 +128,7 @@ const controller = {
       if (e instanceof UniqueViolationError) {
         // Grant permissions if credentials precisely match
         response = await bucketService.checkGrantPermissions(data).catch(permErr => {
-          next(new Problem(403, { detail: permErr.message, instance: req.originalUrl }));
+          next(new Problem(409, { detail: permErr.message, instance: req.originalUrl }));
         });
       } else {
         next(errorToProblem(SERVICE, e));
diff --git a/app/src/services/bucket.js b/app/src/services/bucket.js
@@ -78,7 +78,8 @@ const service = {
           await bucketPermissionService.addPermissions(bucket.bucketId, perms, data.userId, trx);
         }
       } else {
-        throw new Error('Bucket credential mismatch');
+        throw new Error('The bucket already exists in COMS, but with different credentials. ' +
+          'Please contact your object storage server admin, or whoever added the bucket first.');
       }
 
       if (!etrx) await trx.commit();
diff --git a/app/tests/unit/controllers/bucket.spec.js b/app/tests/unit/controllers/bucket.spec.js
@@ -357,7 +357,7 @@ describe('createBucketChild', () => {
     }));
   });
 
-  it('should return a 409 when bucket can not be validated', async () => {
+  it('should return a 403 when bucket can not be validated', async () => {
     const req = {
       body: { bucketName: 'bucketName', subKey: 'subKey' },
       currentUser: CURRENT_USER,
@@ -404,7 +404,7 @@ describe('createBucketChild', () => {
     }));
 
     expect(next).toHaveBeenCalledTimes(1);
-    expect(next).toHaveBeenCalledWith(new Problem(409, {
+    expect(next).toHaveBeenCalledWith(new Problem(403, {
       detail: 'Unable to validate supplied credentials for the bucket'
     }));
   });

Original file line number	Diff line number	Diff line change
`@@ -78,7 +78,8 @@ const service = {`
`78`	`78`	`await bucketPermissionService.addPermissions(bucket.bucketId, perms, data.userId, trx);`
`79`	`79`	`}`
`80`	`80`	`} else {`
`81`		`- throw new Error('Bucket credential mismatch');`
	`81`	`+ throw new Error('The bucket already exists in COMS, but with different credentials. ' +`
	`82`	`+ 'Please contact your object storage server admin, or whoever added the bucket first.');`
`82`	`83`	`}`
`83`	`84`
`84`	`85`	`if (!etrx) await trx.commit();`