Add error message to forbidden status code in cli (#153)

Co-authored-by: CarlTern <[email protected]>

internal/client/deb_client_test.go

@@ -138,12 +138,12 @@ func TestPost(t *testing.T) {
 		bytes.NewBuffer(jsonData),
 		0,
 	)
-	if err != nil {
-		t.Fatal("failed to assert that no client error occurred. Error:", err)
+	if !strings.Contains(err.Error(), "Forbidden. You don't have the necessary access to perform this action.") {
+		t.Fatal("failed to assert that client throws forbidden error", err)
 	}
-	defer res.Body.Close()
-	if res.StatusCode != http.StatusForbidden {
-		t.Error("failed to assert that status code was 403")
+	if res != nil {
+		t.Error("res should be nil with forbidden")
+		defer res.Body.Close()
 	}
 }
 
@@ -163,12 +163,12 @@ func TestPostWithTimeout(t *testing.T) {
 		bytes.NewBuffer(jsonData),
 		10,
 	)
-	if err != nil {
-		t.Fatal("failed to assert that no client error occurred. Error:", err)
+	if !strings.Contains(err.Error(), "Forbidden. You don't have the necessary access to perform this action.") {
+		t.Fatal("failed to assert that client throws forbidden error", err)
 	}
-	defer res.Body.Close()
-	if res.StatusCode != http.StatusForbidden {
-		t.Error("failed to assert that status code was 403")
+	if res != nil {
+		t.Error("res should be nil with forbidden")
+		defer res.Body.Close()
 	}
 }
 

internal/client/request.go

@@ -85,6 +85,12 @@ func newRequest(method string, url string, jwtToken string, format string, body
 func interpret(res *http.Response, request func() (*http.Response, error), debClient *DebClient, retry bool) (*http.Response, error) {
 	if res == nil {
 		return nil, NoResErr
+	} else if res.StatusCode == http.StatusForbidden {
+		errMsg := `Forbidden. You don't have the necessary access to perform this action. 
+		Make sure your access token has proper access https://portal.debricked.com/administration-47/how-do-i-generate-an-access-token-130
+		For enterprise users: Contact your Debricked company admin or repository admin to request proper access https://portal.debricked.com/administration-47/how-do-i-use-role-based-access-control-324`
+
+		return nil, errors.New(errMsg)
 	} else if res.StatusCode == http.StatusUnauthorized {
 		errMsg := `Unauthorized. Specify access token. 
 Read more on https://portal.debricked.com/administration-47/how-do-i-generate-an-access-token-130`
@@ -122,7 +128,10 @@ func (debClient *DebClient) authenticate() error {
 		return reqErr
 	}
 
-	defer res.Body.Close()
+	if res != nil {
+		defer res.Body.Close()
+	}
+
 	var tokenData map[string]string
 	body, _ := io.ReadAll(res.Body)
 	err := json.Unmarshal(body, &tokenData)

internal/upload/batch.go

@@ -256,7 +256,7 @@ func (uploadBatch *uploadBatch) initUpload() ([]string, error) {
 		}
 	}
 
-	errStr := fmt.Sprintf("failed to initialize a scan due to badly formatted files, initial upload file %s got the following error: %s", entryFile, err.Error())
+	errStr := fmt.Sprintf("Failed to initialize a scan for %s. Got the following error: %s", entryFile, err.Error())
 
 	return files, errors.New(errStr)
 }

internal/upload/batch_test.go

@@ -44,7 +44,7 @@ func TestUploadWithBadFiles(t *testing.T) {
 	output := buf.String()
 
 	assert.Empty(t, output)
-	assert.ErrorContains(t, err, "failed to initialize a scan due to badly formatted files")
+	assert.ErrorContains(t, err, "Failed to initialize a scan for")
 }
 
 func TestInitAnalysisWithoutAnyFiles(t *testing.T) {
@@ -101,7 +101,7 @@ func TestInitUploadBadFile(t *testing.T) {
 	files, err := batch.initUpload()
 
 	assert.Empty(t, files)
-	assert.ErrorContains(t, err, "failed to initialize a scan due to badly formatted files")
+	assert.ErrorContains(t, err, "Failed to initialize a scan for")
 	assert.ErrorContains(t, err, "testdata/misc/requirements.txt")
 	assert.ErrorContains(t, err, "tried to upload empty file")
 }