From bb7b398fa7f5456cbe2c0b1668f2a6ccfff8574b Mon Sep 17 00:00:00 2001
From: Maidul Islam <maidul98@gmail.com>
Date: Fri, 9 Jun 2023 18:40:41 -0700
Subject: [PATCH] throw unauthorized error instead of 500 for permission denied

---
 backend/src/helpers/secrets.ts | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/backend/src/helpers/secrets.ts b/backend/src/helpers/secrets.ts
index 495d111198..99c3a4fa95 100644
--- a/backend/src/helpers/secrets.ts
+++ b/backend/src/helpers/secrets.ts
@@ -18,6 +18,7 @@ import {
   SecretNotFoundError,
   SecretBlindIndexDataNotFoundError,
   InternalServerError,
+  UnauthorizedRequestError,
 } from "../utils/errors";
 import {
   SECRET_PERSONAL,
@@ -302,7 +303,7 @@ export const createSecretHelper = async ({
   if (authData.authPayload instanceof ServiceTokenData) {
     const { secretPath: serviceTkScopedSecretPath } = authData.authPayload;
     if (secretPath !== serviceTkScopedSecretPath) {
-      throw new Error("Folder Permission Denied");
+      throw UnauthorizedRequestError({ message: "Folder Permission Denied" });
     }
   }
   const folderId = await getFolderIdFromServiceToken(
@@ -454,7 +455,7 @@ export const getSecretsHelper = async ({
   if (authData.authPayload instanceof ServiceTokenData) {
     const { secretPath: serviceTkScopedSecretPath } = authData.authPayload;
     if (secretPath !== serviceTkScopedSecretPath) {
-      throw new Error("Folder Permission Denied");
+      throw UnauthorizedRequestError({ message: "Folder Permission Denied" });
     }
   }
   const folderId = await getFolderIdFromServiceToken(
@@ -551,7 +552,7 @@ export const getSecretHelper = async ({
   if (authData.authPayload instanceof ServiceTokenData) {
     const { secretPath: serviceTkScopedSecretPath } = authData.authPayload;
     if (secretPath !== serviceTkScopedSecretPath) {
-      throw new Error("Folder Permission Denied");
+      throw UnauthorizedRequestError({ message: "Folder Permission Denied" });
     }
   }
   const folderId = await getFolderIdFromServiceToken(
@@ -658,7 +659,7 @@ export const updateSecretHelper = async ({
   if (authData.authPayload instanceof ServiceTokenData) {
     const { secretPath: serviceTkScopedSecretPath } = authData.authPayload;
     if (secretPath !== serviceTkScopedSecretPath) {
-      throw new Error("Folder Permission Denied");
+      throw UnauthorizedRequestError({ message: "Folder Permission Denied" });
     }
   }
   const folderId = await getFolderIdFromServiceToken(
@@ -811,7 +812,7 @@ export const deleteSecretHelper = async ({
   if (authData.authPayload instanceof ServiceTokenData) {
     const { secretPath: serviceTkScopedSecretPath } = authData.authPayload;
     if (secretPath !== serviceTkScopedSecretPath) {
-      throw new Error("Folder Permission Denied");
+      throw UnauthorizedRequestError({ message: "Folder Permission Denied" });
     }
   }
   const folderId = await getFolderIdFromServiceToken(