Unauthorized access sends a 200 response with a 403 error in it
florentdestremau opened this issue · 2 comments
florentdestremau commented
Hi,
I just discovered this bundle yesterday but I noticed that whenever I use a voter to remove access to a particular response, the overall response of my request is a 200, and the body contains a
{
"errors": [
{
"message": "Access Denied.",
"code": 403
}
]
}
This is very not cool to catch 😄. Is there any way to make the controller return a 403 response so that it can be properly catched ?
Thanks !
AntoineLemaire commented
I have the same issue, did you found what's wrong?
Do you also are on SF4?
florentdestremau commented
Symfony 3.4
This issue is invalid as your separate queries should not have a global error code if only of them is unauthorized. So this pretty much looks like a fundamental design this.