github.com/authzed/spicedb@v1.32.1-0.20240520085336-ebda56537386/internal/relationships/errors.go (about) 1 package relationships 2 3 import ( 4 "fmt" 5 6 "google.golang.org/grpc/codes" 7 "google.golang.org/grpc/status" 8 9 v1 "github.com/authzed/authzed-go/proto/authzed/api/v1" 10 11 core "github.com/authzed/spicedb/pkg/proto/core/v1" 12 "github.com/authzed/spicedb/pkg/spiceerrors" 13 "github.com/authzed/spicedb/pkg/tuple" 14 "github.com/authzed/spicedb/pkg/typesystem" 15 ) 16 17 // ErrInvalidSubjectType indicates that a write was attempted with a subject type which is not 18 // allowed on relation. 19 type ErrInvalidSubjectType struct { 20 error 21 tuple *core.RelationTuple 22 relationType *core.AllowedRelation 23 } 24 25 // NewInvalidSubjectTypeError constructs a new error for attempting to write an invalid subject type. 26 func NewInvalidSubjectTypeError(update *core.RelationTuple, relationType *core.AllowedRelation) ErrInvalidSubjectType { 27 return ErrInvalidSubjectType{ 28 error: fmt.Errorf( 29 "subjects of type `%s` are not allowed on relation `%s#%s`", 30 typesystem.SourceForAllowedRelation(relationType), 31 update.ResourceAndRelation.Namespace, 32 update.ResourceAndRelation.Relation, 33 ), 34 tuple: update, 35 relationType: relationType, 36 } 37 } 38 39 // GRPCStatus implements retrieving the gRPC status for the error. 40 func (err ErrInvalidSubjectType) GRPCStatus() *status.Status { 41 return spiceerrors.WithCodeAndDetails( 42 err, 43 codes.InvalidArgument, 44 spiceerrors.ForReason( 45 v1.ErrorReason_ERROR_REASON_INVALID_SUBJECT_TYPE, 46 map[string]string{ 47 "definition_name": err.tuple.ResourceAndRelation.Namespace, 48 "relation_name": err.tuple.ResourceAndRelation.Relation, 49 "subject_type": typesystem.SourceForAllowedRelation(err.relationType), 50 }, 51 ), 52 ) 53 } 54 55 // ErrCannotWriteToPermission indicates that a write was attempted on a permission. 56 type ErrCannotWriteToPermission struct { 57 error 58 tuple *core.RelationTuple 59 } 60 61 // NewCannotWriteToPermissionError constructs a new error for attempting to write to a permission. 62 func NewCannotWriteToPermissionError(update *core.RelationTuple) ErrCannotWriteToPermission { 63 return ErrCannotWriteToPermission{ 64 error: fmt.Errorf( 65 "cannot write a relationship to permission `%s` under definition `%s`", 66 update.ResourceAndRelation.Relation, 67 update.ResourceAndRelation.Namespace, 68 ), 69 tuple: update, 70 } 71 } 72 73 // GRPCStatus implements retrieving the gRPC status for the error. 74 func (err ErrCannotWriteToPermission) GRPCStatus() *status.Status { 75 return spiceerrors.WithCodeAndDetails( 76 err, 77 codes.InvalidArgument, 78 spiceerrors.ForReason( 79 v1.ErrorReason_ERROR_REASON_CANNOT_UPDATE_PERMISSION, 80 map[string]string{ 81 "definition_name": err.tuple.ResourceAndRelation.Namespace, 82 "permission_name": err.tuple.ResourceAndRelation.Relation, 83 }, 84 ), 85 ) 86 } 87 88 // ErrCaveatNotFound indicates that a caveat referenced in a relationship update was not found. 89 type ErrCaveatNotFound struct { 90 error 91 tuple *core.RelationTuple 92 } 93 94 // NewCaveatNotFoundError constructs a new caveat not found error. 95 func NewCaveatNotFoundError(update *core.RelationTuple) ErrCaveatNotFound { 96 return ErrCaveatNotFound{ 97 error: fmt.Errorf( 98 "the caveat `%s` was not found for relationship `%s`", 99 update.Caveat.CaveatName, 100 tuple.MustString(update), 101 ), 102 tuple: update, 103 } 104 } 105 106 // GRPCStatus implements retrieving the gRPC status for the error. 107 func (err ErrCaveatNotFound) GRPCStatus() *status.Status { 108 return spiceerrors.WithCodeAndDetails( 109 err, 110 codes.FailedPrecondition, 111 spiceerrors.ForReason( 112 v1.ErrorReason_ERROR_REASON_UNKNOWN_CAVEAT, 113 map[string]string{ 114 "caveat_name": err.tuple.Caveat.CaveatName, 115 }, 116 ), 117 ) 118 }