[arvados] created: 2.4.2-31-g261b87de1

[git repository hosting]

        at  261b87de11082ceefa48de0a6b1579f1c97b589c (commit)


commit 261b87de11082ceefa48de0a6b1579f1c97b589c
Author: Tom Clegg <tom at curii.com>
Date:   Tue Sep 20 13:44:12 2022 -0400

    19428: Fix failing request on normal failed user lookup case.
    
    refs #19428
    
    Arvados-DCO-1.1-Signed-off-by: Tom Clegg <tom at curii.com>

diff --git a/services/keep-web/handler.go b/services/keep-web/handler.go
index 4c6145463..be9232da4 100644
--- a/services/keep-web/handler.go
+++ b/services/keep-web/handler.go
@@ -6,6 +6,7 @@ package main
 
 import (
 	"encoding/json"
+	"errors"
 	"fmt"
 	"html"
 	"html/template"
@@ -490,7 +491,11 @@ func (h *handler) ServeHTTP(wOrig http.ResponseWriter, r *http.Request) {
 		http.Error(w, "session cache: "+err.Error(), http.StatusInternalServerError)
 	}
 	tokenUser, err = h.Config.Cache.GetTokenUser(arv.ApiToken)
-	if err != nil {
+	if e := (interface{ HTTPStatus() int })(nil); errors.As(err, &e) && e.HTTPStatus() == http.StatusForbidden {
+		// Ignore expected error looking up user record when
+		// using a scoped token that allows getting
+		// collections/X but not users/current
+	} else if err != nil {
 		http.Error(w, "user lookup: "+err.Error(), http.StatusInternalServerError)
 	}
 

-----------------------------------------------------------------------


hooks/post-receive
--