From 9a05fa2d430b7fd9f7f3cb5e273af79af76180cc Mon Sep 17 00:00:00 2001
From: Artyom Dudarev <ad@virtoway.com>
Date: Mon, 11 Sep 2023 17:42:46 +0300
Subject: [PATCH] PT-13290: Use correct authorization error codes (#59)

---
 .../Schemas/ProfileSchema.cs                              | 8 ++++----
 .../VirtoCommerce.ProfileExperienceApiModule.Data.csproj  | 2 +-
 .../module.manifest                                       | 4 ++--
 3 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/src/VirtoCommerce.ProfileExperienceApiModule.Data/Schemas/ProfileSchema.cs b/src/VirtoCommerce.ProfileExperienceApiModule.Data/Schemas/ProfileSchema.cs
index 46616f27..05d097bd 100644
--- a/src/VirtoCommerce.ProfileExperienceApiModule.Data/Schemas/ProfileSchema.cs
+++ b/src/VirtoCommerce.ProfileExperienceApiModule.Data/Schemas/ProfileSchema.cs
@@ -761,7 +761,7 @@ private async Task CheckAuthAsync(string userId, object resource, bool checkPass
 
                 if (checkPasswordExpired && user.PasswordExpired)
                 {
-                    throw new AuthorizationError($"This user has their password expired. Please change the password using 'changePassword' command.");
+                    throw AuthorizationError.PasswordExpired();
                 }
 
                 var userPrincipal = await signInManager.CreateUserPrincipalAsync(user);
@@ -770,7 +770,7 @@ private async Task CheckAuthAsync(string userId, object resource, bool checkPass
                 {
                     if (user.Logins is null)
                     {
-                        throw new AuthorizationError($"Can't run the operation under anonymous user or the token expired or invalid.");
+                        throw AuthorizationError.AnonymousAccessDenied();
                     }
 
                     foreach (var permission in permissions)
@@ -779,7 +779,7 @@ private async Task CheckAuthAsync(string userId, object resource, bool checkPass
                             null, new PermissionAuthorizationRequirement(permission));
                         if (!permissionAuthorizationResult.Succeeded)
                         {
-                            throw new ForbiddenError($"User doesn't have the required permission '{permission}'.");
+                            throw AuthorizationError.PermissionRequired(permission);
                         }
                     }
                 }
@@ -789,7 +789,7 @@ private async Task CheckAuthAsync(string userId, object resource, bool checkPass
 
                 if (!authorizationResult.Succeeded)
                 {
-                    throw new ForbiddenError($"Access denied");
+                    throw AuthorizationError.Forbidden();
                 }
             }
             catch (AuthorizationError ex)
diff --git a/src/VirtoCommerce.ProfileExperienceApiModule.Data/VirtoCommerce.ProfileExperienceApiModule.Data.csproj b/src/VirtoCommerce.ProfileExperienceApiModule.Data/VirtoCommerce.ProfileExperienceApiModule.Data.csproj
index 742bfb2c..f9a3a198 100644
--- a/src/VirtoCommerce.ProfileExperienceApiModule.Data/VirtoCommerce.ProfileExperienceApiModule.Data.csproj
+++ b/src/VirtoCommerce.ProfileExperienceApiModule.Data/VirtoCommerce.ProfileExperienceApiModule.Data.csproj
@@ -21,7 +21,7 @@
     <PackageReference Include="Microsoft.SourceLink.GitHub" Version="1.0.0" PrivateAssets="All" />
     <PackageReference Include="VirtoCommerce.CoreModule.Core" Version="3.400.0" />
     <PackageReference Include="VirtoCommerce.CustomerModule.Core" Version="3.400.0" />
-    <PackageReference Include="VirtoCommerce.ExperienceApiModule.Core" Version="3.400.0" />
+    <PackageReference Include="VirtoCommerce.ExperienceApiModule.Core" Version="3.411.0" />
     <PackageReference Include="VirtoCommerce.MarketingModule.Core" Version="3.400.0" />
     <PackageReference Include="VirtoCommerce.NotificationsModule.Core" Version="3.400.0" />
     <PackageReference Include="VirtoCommerce.Platform.Security" Version="3.400.0" />
diff --git a/src/VirtoCommerce.ProfileExperienceApiModule.Web/module.manifest b/src/VirtoCommerce.ProfileExperienceApiModule.Web/module.manifest
index 06129df6..6e633545 100644
--- a/src/VirtoCommerce.ProfileExperienceApiModule.Web/module.manifest
+++ b/src/VirtoCommerce.ProfileExperienceApiModule.Web/module.manifest
@@ -7,7 +7,7 @@
   <dependencies>
     <dependency id="VirtoCommerce.Core" version="3.400.0" />
     <dependency id="VirtoCommerce.Customer" version="3.400.0" />
-    <dependency id="VirtoCommerce.ExperienceApi" version="3.400.0" />
+    <dependency id="VirtoCommerce.ExperienceApi" version="3.411.0" />
     <dependency id="VirtoCommerce.Marketing" version="3.400.0" />
     <dependency id="VirtoCommerce.Notifications" version="3.400.0" />
     <dependency id="VirtoCommerce.Pricing" version="3.400.0" />
@@ -33,4 +33,4 @@
     <group>commerce</group>
   </groups>
   <useFullTypeNameInSwagger>false</useFullTypeNameInSwagger>
-</module>
\ No newline at end of file
+</module>