From: Tom Clegg <tom@curii.com>
Date: Tue, 20 Sep 2022 17:44:12 +0000 (-0400)
Subject: 19428: Fix failing request on normal failed user lookup case.
X-Git-Tag: 2.5.0~71
X-Git-Url: https://git.arvados.org/arvados.git/commitdiff_plain/28d7ed94b33411909941c72289bc227a38e80cda

19428: Fix failing request on normal failed user lookup case.

refs #19428

Arvados-DCO-1.1-Signed-off-by: Tom Clegg <tom@curii.com>
---

diff --git a/services/keep-web/handler.go b/services/keep-web/handler.go
index b04add1c49..0c75ac56cf 100644
--- a/services/keep-web/handler.go
+++ b/services/keep-web/handler.go
@@ -6,6 +6,7 @@ package keepweb
 
 import (
 	"encoding/json"
+	"errors"
 	"fmt"
 	"html"
 	"html/template"
@@ -490,7 +491,11 @@ func (h *handler) ServeHTTP(wOrig http.ResponseWriter, r *http.Request) {
 		http.Error(w, "session cache: "+err.Error(), http.StatusInternalServerError)
 	}
 	tokenUser, err = h.Cache.GetTokenUser(arv.ApiToken)
-	if err != nil {
+	if e := (interface{ HTTPStatus() int })(nil); errors.As(err, &e) && e.HTTPStatus() == http.StatusForbidden {
+		// Ignore expected error looking up user record when
+		// using a scoped token that allows getting
+		// collections/X but not users/current
+	} else if err != nil {
 		http.Error(w, "user lookup: "+err.Error(), http.StatusInternalServerError)
 	}