auths_sdk/domains/compliance/
error.rs1use auths_core::error::AuthsErrorInfo;
2use thiserror::Error;
3
4#[derive(Debug, Error)]
6#[non_exhaustive]
7pub enum ApprovalError {
8 #[error("decision is not RequiresApproval")]
10 NotApprovalRequired,
11
12 #[error("approval request not found: {hash}")]
14 RequestNotFound {
15 hash: String,
17 },
18
19 #[error("approval request expired at {expires_at}")]
21 RequestExpired {
22 expires_at: chrono::DateTime<chrono::Utc>,
24 },
25
26 #[error("approval already used (JTI: {jti})")]
28 ApprovalAlreadyUsed {
29 jti: String,
31 },
32
33 #[error("approval partially applied — attestation stored but nonce/cleanup failed: {0}")]
35 PartialApproval(String),
36
37 #[error("storage error: {0}")]
39 ApprovalStorage(#[source] crate::error::SdkStorageError),
40}
41
42impl AuthsErrorInfo for ApprovalError {
43 fn error_code(&self) -> &'static str {
44 match self {
45 Self::NotApprovalRequired => "AUTHS-E5701",
46 Self::RequestNotFound { .. } => "AUTHS-E5702",
47 Self::RequestExpired { .. } => "AUTHS-E5703",
48 Self::ApprovalAlreadyUsed { .. } => "AUTHS-E5704",
49 Self::PartialApproval(_) => "AUTHS-E5705",
50 Self::ApprovalStorage(_) => "AUTHS-E5706",
51 }
52 }
53
54 fn suggestion(&self) -> Option<&'static str> {
55 match self {
56 Self::NotApprovalRequired => Some(
57 "This operation does not require approval; run it directly without the --approve flag",
58 ),
59 Self::RequestNotFound { .. } => {
60 Some("Run `auths approval list` to see pending requests")
61 }
62 Self::RequestExpired { .. } => Some("Submit a new approval request"),
63 Self::ApprovalAlreadyUsed { .. } => Some("Submit a new approval request"),
64 Self::PartialApproval(_) => Some("Check approval status and retry if needed"),
65 Self::ApprovalStorage(_) => Some("Check file permissions and disk space"),
66 }
67 }
68}