Alerting: Fix fine-grained rule access control to use 403 for authorization error (#79239)

* use 403 for authorization error * update silences API * add ForbiddenError to rule API responses
2025-02-25 18:55:37 -06:00 · 2023-12-07 13:43:58 -05:00
parent aa12c6c772
commit 2be7605794
17 changed files with 629 additions and 444 deletions
--- a/pkg/services/ngalert/accesscontrol/models.go
+++ b/pkg/services/ngalert/accesscontrol/models.go
@@ -8,7 +8,7 @@ import (
 )

 var (
-	errAuthorizationGeneric = errutil.Unauthorized("alerting.unauthorized")
+	errAuthorizationGeneric = errutil.Forbidden("alerting.unauthorized")
 )

 func NewAuthorizationErrorWithPermissions(action string, eval accesscontrol.Evaluator) error {