feat: add IsForbiddenErr error checking for 403s

Kong · Jan 13, 2023 · b1e27cf · b1e27cf
1 parent e0fcd03
commit b1e27cf
Show file tree

Hide file tree

Showing 2 changed files with 39 additions and 0 deletions.
diff --git a/kong/error.go b/kong/error.go
@@ -37,3 +37,13 @@ func IsNotFoundErr(e error) bool {
 	}
 	return false
 }
+
+// IsForbiddenErr returns true if the error or its cause is
+// a 403 response from Kong.
+func IsForbiddenErr(e error) bool {
+	var apiErr *APIError
+	if errors.As(e, &apiErr) {
+		return apiErr.httpCode == http.StatusForbidden
+	}
+	return false
+}
diff --git a/kong/error_test.go b/kong/error_test.go
@@ -3,6 +3,7 @@ package kong
 import (
 	"errors"
 	"fmt"
+	"net/http"
 	"testing"
 
 	"github.com/stretchr/testify/assert"
@@ -49,3 +50,31 @@ func TestAPIError_Code(T *testing.T) {
 	require.True(ok)
 	assert.True(kongErr.Code() == 404)
 }
+
+func TestIsForbiddenErrE2E(T *testing.T) {
+	assert := assert.New(T)
+
+	// Create the http client with a custom transport
+	// always returning a 403
+	forbiddenTransport := &forbiddenTransport{}
+	httpClient := &http.Client{
+		Transport: forbiddenTransport,
+	}
+	// if KONG_ADMIN_TOKEN is set, a different custom transport would be used
+	T.Setenv("KONG_ADMIN_TOKEN", "")
+
+	client, err := NewTestClient(nil, httpClient)
+	assert.NoError(err)
+	assert.NotNil(client)
+
+	_, err = client.Consumers.ListAll(defaultCtx)
+	assert.NotNil(err)
+	assert.True(IsForbiddenErr(err))
+}
+
+type forbiddenTransport struct{}
+
+func (ft *forbiddenTransport) RoundTrip(req *http.Request) (*http.Response, error) {
+	// Create a new response with 403 status code
+	return nil, NewAPIError(http.StatusForbidden, "Enterprise license missing or expired")
+}