MF-1678 - Fetching users returns an invalid status code response (#1679)

* fix: get /users authorize err code

Signed-off-by: Arvindh <arvindh91@gmail.com>

* add: test case for forbidden request in GET /users

Signed-off-by: Arvindh <arvindh91@gmail.com>

* update: api docs of GET /users

Signed-off-by: Arvindh <arvindh91@gmail.com>

* add: test case for forbidden request in GET /users

Signed-off-by: Arvindh <arvindh91@gmail.com>

Signed-off-by: Arvindh <arvindh91@gmail.com>

api/openapi/users.yml

@@ -48,9 +48,9 @@ paths:
         '400':
           description: Failed due to malformed query parameters.
         '401':
-          description: |
-            Missing or invalid access token provided.
-            This endpoint is available only for administrators.
+          description: Missing or invalid access token provided.
+        '403':
+          description: This endpoint is available only for administrators.
         '404':
           description: A non-existent entity request.
         '422':

users/service.go

@@ -252,7 +252,7 @@ func (svc usersService) ListUsers(ctx context.Context, token string, pm PageMeta
 	}
 
 	if err := svc.authorize(ctx, id.id, "authorities", "member"); err != nil {
-		return UserPage{}, errors.Wrap(errors.ErrAuthentication, err)
+		return UserPage{}, err
 	}
 	return svc.users.RetrieveAll(ctx, pm.Status, pm.Offset, pm.Limit, nil, pm.Email, pm.Metadata)
 }

users/service_test.go

@@ -246,6 +246,11 @@ func TestListUsers(t *testing.T) {
 			size:  0,
 			err:   nil,
 		},
+		"list users with unauthorized token": {
+			token: unauthzToken,
+			size:  0,
+			err:   errors.ErrAuthorization,
+		},
 		"list user with emtpy token": {
 			token: "",
 			size:  0,
@@ -257,6 +262,11 @@ func TestListUsers(t *testing.T) {
 			limit:  nUsers,
 			size:   nUsers - 6,
 		},
+		"list using non-existent user": {
+			token: token,
+			email: nonExistingUser.Email,
+			err:   errors.ErrNotFound,
+		},
 	}
 
 	for desc, tc := range cases {