Skip to content

fix(project): handle thrown 403 for inaccessible customer in project get#1988

Merged
martin-helmich merged 1 commit into
masterfrom
fix/project-get-inaccessible-customer
Jul 7, 2026
Merged

fix(project): handle thrown 403 for inaccessible customer in project get#1988
martin-helmich merged 1 commit into
masterfrom
fix/project-get-inaccessible-customer

Conversation

@martin-helmich

Copy link
Copy Markdown
Member

Summary

Follow-up to #1956, which did not resolve #1955.

mw project get still failed with a PermissionDenied error when a user has access to a project but not the customer it belongs to. PR #1956 tried to handle this by checking customer.status === 200 and falling back otherwise, but that check is never reached: the request interceptor in src/lib/apiutil/api_retry.ts overrides the API client's validateStatus: () => true with status < 300 (so axios-retry can retry access-denied POSTs). As a result a 403 rejects the getCustomer promise rather than returning a response object, and usePromise re-throws it during render — killing the whole command.

This change catches the rejection inside the loader, swallowing only 403 responses and re-throwing everything else, and renders no access for the customer row when it is inaccessible. The project's own details are always displayed.

Fixes #1955

🤖 Generated with Claude Code

PR #1956 checked customer.status === 200 to fall back gracefully when the
user has access to a project but not the customer it belongs to. That check
was never reached: the request interceptor in api_retry.ts overrides the API
client's validateStatus with `status < 300`, so a 403 rejects the getCustomer
promise instead of returning a response. usePromise then re-threw the error
during render and the command failed with a PermissionDenied error.

Catch the rejection inside the loader, swallowing only 403 responses and
re-throwing everything else, and display "no access" for the customer row.

Fixes #1955

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
@martin-helmich martin-helmich merged commit 99f21a7 into master Jul 7, 2026
11 checks passed
@martin-helmich martin-helmich deleted the fix/project-get-inaccessible-customer branch July 7, 2026 09:55
mittwald-machine added a commit that referenced this pull request Jul 7, 2026
## [1.20.2](v1.20.1...v1.20.2) (2026-07-07)

### Bug Fixes

* **project:** handle thrown 403 for inaccessible customer in project get ([#1988](#1988)) ([99f21a7](99f21a7)), closes [#1956](#1956) [#1955](#1955)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

mw project get throws PermissionDenied error when customer is not accessible

1 participant