Correct the returned error from not authorized

Emyrk · Emyrk · commit 306c5913f65b · 2023-02-13T22:38:18.000-06:00
diff --git a/coderd/database/dbauthz/dbauthz.go b/coderd/database/dbauthz/dbauthz.go
@@ -55,6 +55,15 @@ func logNotAuthorizedError(ctx context.Context, logger slog.Logger, err error) e
 				slog.F("input", internalError.Input()),
 				slog.Error(err),
 			)
+		} else {
+			// For some reason rego changes a cancelled context to a topdown.CancelErr. We
+			// expect to check for cancelled context errors if the user cancels the request,
+			// so we should change the error to a context.Canceled error.
+			//
+			// NotAuthorizedError is == to sql.ErrNoRows, which is not correct
+			// if it's actually a cancelled context.
+			internalError.SetInternal(context.Canceled)
+			return internalError
 		}
 	}
 	return NotAuthorizedError{
diff --git a/coderd/rbac/error.go b/coderd/rbac/error.go
@@ -61,6 +61,10 @@ func (e *UnauthorizedError) Internal() error {
 	return e.internal
 }
 
+func (e *UnauthorizedError) SetInternal(err error) {
+	e.internal = err
+}
+
 func (e *UnauthorizedError) Input() map[string]interface{} {
 	return map[string]interface{}{
 		"subject": e.subject,

Original file line number	Diff line number	Diff line change
`@@ -55,6 +55,15 @@ func logNotAuthorizedError(ctx context.Context, logger slog.Logger, err error) e`
`55`	`55`	`slog.F("input", internalError.Input()),`
`56`	`56`	`slog.Error(err),`
`57`	`57`	`)`
	`58`	`+ } else {`
	`59`	`+ // For some reason rego changes a cancelled context to a topdown.CancelErr. We`
	`60`	`+ // expect to check for cancelled context errors if the user cancels the request,`
	`61`	`+ // so we should change the error to a context.Canceled error.`
	`62`	`+ //`
	`63`	`+ // NotAuthorizedError is == to sql.ErrNoRows, which is not correct`
	`64`	`+ // if it's actually a cancelled context.`
	`65`	`+ internalError.SetInternal(context.Canceled)`
	`66`	`+ return internalError`
`58`	`67`	`}`
`59`	`68`	`}`
`60`	`69`	`return NotAuthorizedError{`