Rename error struct to match its behavior

The error types maps to status `403 Forbidden`, not `400 Unauthorized`.

Author: jtgeibel

src/controllers/util.rs

@@ -2,7 +2,7 @@ use super::prelude::*;
 
 use crate::middleware::current_user::TrustedUserId;
 use crate::models::{ApiToken, User};
-use crate::util::errors::{internal, AppError, AppResult, ChainError, Unauthorized};
+use crate::util::errors::{internal, AppError, AppResult, ChainError, Forbidden};
 
 #[derive(Debug)]
 pub struct AuthenticatedUser {
@@ -26,7 +26,7 @@ impl AuthenticatedUser {
 }
 
 impl<'a> UserAuthenticationExt for dyn RequestExt + 'a {
-    /// Obtain `AuthenticatedUser` for the request or return an `Unauthorized` error
+    /// Obtain `AuthenticatedUser` for the request or return an `Forbidden` error
     fn authenticate(&self, conn: &PgConnection) -> AppResult<AuthenticatedUser> {
         if let Some(id) = self.extensions().find::<TrustedUserId>() {
             // A trusted user_id was provided by a signed cookie (or a test `MockCookieUser`)
@@ -43,11 +43,11 @@ impl<'a> UserAuthenticationExt for dyn RequestExt + 'a {
                         token_id: Some(token.id),
                     })
                     .chain_error(|| internal("invalid token"))
-                    .chain_error(|| Box::new(Unauthorized) as Box<dyn AppError>)
+                    .chain_error(|| Box::new(Forbidden) as Box<dyn AppError>)
             } else {
                 // Unable to authenticate the user
                 Err(internal("no cookie session or auth header found"))
-                    .chain_error(|| Box::new(Unauthorized) as Box<dyn AppError>)
+                    .chain_error(|| Box::new(Forbidden) as Box<dyn AppError>)
             }
         }
     }

src/router.rs

@@ -187,7 +187,7 @@ impl Handler for R404 {
 mod tests {
     use super::*;
     use crate::util::errors::{
-        bad_request, cargo_err, internal, AppError, ChainError, NotFound, Unauthorized,
+        bad_request, cargo_err, internal, AppError, ChainError, Forbidden, NotFound,
     };
     use crate::util::EndpointResult;
 
@@ -209,7 +209,7 @@ mod tests {
             StatusCode::BAD_REQUEST
         );
         assert_eq!(
-            C(|_| err(Unauthorized)).call(&mut req).unwrap().status(),
+            C(|_| err(Forbidden)).call(&mut req).unwrap().status(),
             StatusCode::FORBIDDEN
         );
         assert_eq!(

src/util/errors.rs

@@ -241,16 +241,16 @@ impl fmt::Display for NotFound {
 }
 
 #[derive(Debug, Clone, Copy)]
-pub struct Unauthorized;
+pub struct Forbidden;
 
-impl AppError for Unauthorized {
+impl AppError for Forbidden {
     fn response(&self) -> Option<AppResponse> {
         let detail = "must be logged in to perform that action";
         Some(json_error(detail, StatusCode::FORBIDDEN))
     }
 }
 
-impl fmt::Display for Unauthorized {
+impl fmt::Display for Forbidden {
     fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
         "must be logged in to perform that action".fmt(f)
     }
@@ -358,7 +358,7 @@ fn chain_error_internal() {
         "outer caused by inner"
     );
     assert_eq!(
-        Err::<(), _>(Unauthorized)
+        Err::<(), _>(Forbidden)
             .chain_error(|| internal("outer"))
             .unwrap_err()
             .to_string(),