From 16a4466156c4c5caa4a6536ec3f5c5a3b743c5f0 Mon Sep 17 00:00:00 2001
From: Sergei Garin <sergei.garin@enso.org>
Date: Fri, 13 Sep 2024 15:43:02 +0300
Subject: [PATCH] Handle 403 for listGroups and getOrganization (#11044)

Closes: enso-org/cloud-v2#1470

This PR handles 403 responses for certain RemoteBackend endpoints
---
 app/dashboard/src/services/RemoteBackend.ts | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/app/dashboard/src/services/RemoteBackend.ts b/app/dashboard/src/services/RemoteBackend.ts
index d33b9e1ce3..4ba85cbd1a 100644
--- a/app/dashboard/src/services/RemoteBackend.ts
+++ b/app/dashboard/src/services/RemoteBackend.ts
@@ -30,6 +30,8 @@ const STATUS_NOT_FOUND = 404
 const STATUS_SERVER_ERROR = 500
 /** HTTP status indicating that the request was successful, but the user is not authorized to access. */
 const STATUS_NOT_AUTHORIZED = 401
+/** HTTP status indicating that authorized user doesn't have access to the given resource */
+const STATUS_NOT_ALLOWED = 403
 
 /** The number of milliseconds in one day. */
 const ONE_DAY_MS = 86_400_000
@@ -212,7 +214,9 @@ export default class RemoteBackend extends Backend {
   override async listUsers(): Promise<readonly backend.User[]> {
     const path = remoteBackendPaths.LIST_USERS_PATH
     const response = await this.get<ListUsersResponseBody>(path)
-    if (!responseIsSuccessful(response)) {
+    if (response.status === STATUS_NOT_ALLOWED) {
+      return []
+    } else if (!responseIsSuccessful(response)) {
       return await this.throw(response, 'listUsersBackendError')
     } else {
       return (await response.json()).users
@@ -367,8 +371,9 @@ export default class RemoteBackend extends Backend {
   override async getOrganization(): Promise<backend.OrganizationInfo | null> {
     const path = remoteBackendPaths.GET_ORGANIZATION_PATH
     const response = await this.get<backend.OrganizationInfo>(path)
-    if (response.status === STATUS_NOT_FOUND) {
+    if ([STATUS_NOT_ALLOWED, STATUS_NOT_FOUND].includes(response.status)) {
       // Organization info has not yet been created.
+      // or the user is not eligible to create an organization.
       return null
     } else if (!responseIsSuccessful(response)) {
       return await this.throw(response, 'getOrganizationBackendError')
@@ -1047,7 +1052,9 @@ export default class RemoteBackend extends Backend {
   override async listUserGroups(): Promise<backend.UserGroupInfo[]> {
     const path = remoteBackendPaths.LIST_USER_GROUPS_PATH
     const response = await this.get<backend.UserGroupInfo[]>(path)
-    if (!responseIsSuccessful(response)) {
+    if (response.status === STATUS_NOT_ALLOWED) {
+      return [] as const
+    } else if (!responseIsSuccessful(response)) {
       return this.throw(response, 'listUserGroupsBackendError')
     } else {
       return await response.json()