Return forbidden return code for RestrictedRole operations This fixes the http error code of the operations of the restricted role which currently result in bad_request (400) instead of forbidden (403). Tested: ``` $ redfishtool -r ${bmc}:18080 -u ${user} -p ${pass} -S Always raw POST /redfish/v1/AccountService/Accounts -d '{"UserName":"service","Password":"newPwd1","RoleId":"Operator"}' redfishtool: Transport: Response Error: status_code: 403 -- Forbidden--user not authorized to perform action redfishtool: raw: Error sending POST to resource, aborting $ redfishtool -r ${bmc}:18080 -u ${user} -p ${pass} -S Always raw PATCH /redfish/v1/AccountService/Accounts/${user} -d '{"Password":"NewTestPwd123"}' redfishtool: Transport: Response Error: status_code: 403 -- Forbidden--user not authorized to perform action $ redfishtool -r ${bmc}:18080 -u ${user} -p ${pass} -S Always raw PATCH /redfish/v1/AccountService/Accounts/${user} -d '{"UserName":"new-service"}' redfishtool: Transport: Response Error: status_code: 403 -- Forbidden--user not authorized to perform action $ redfishtool -r ${bmc}:18080 -u ${user} -p ${pass} -S Always raw PATCH /redfish/v1/AccountService/Accounts/${user} -d '{"RoleId":"Operator"}' redfishtool: Transport: Response Error: status_code: 403 -- Forbidden--user not authorized to perform action $ redfishtool -r ${bmc}:18080 -u ${user} -p ${pass} -S Always raw DELETE /redfish/v1/AccountService/Accounts/${user} redfishtool: Transport: Response Error: status_code: 403 -- Forbidden--user not authorized to perform action redfishtool: raw: Error sending DELETE to resource, aborting ``` Change-Id: I1b212ccb5a630750eb5d4197970b4fb75fceffd7 Signed-off-by: Myung Bae <myungbae@us.ibm.com>

commit: 7f84d8c6b62da3074e9e7600754313cdd50374a5 [log] [tgz]
author: Myung Bae <myungbae@us.ibm.com> Tue Mar 14 13:44:15 2023 -0700
committer: Ed Tanous <ed@tanous.net> Thu Apr 10 16:49:24 2025 +0000
tree: ec8acfbc580e584c8ad8f03bee3c5e69e50e25a3
parent: 3498f484442ce04f9babbe425d4c572685f6cd9a [diff]
diff --git a/redfish-core/src/error_messages.cpp b/redfish-core/src/error_messages.cpp
index 1be7e02..9637bd4 100644
--- a/redfish-core/src/error_messages.cpp
+++ b/redfish-core/src/error_messages.cpp

@@ -2033,7 +2033,7 @@
 
 void restrictedRole(crow::Response& res, std::string_view arg1)
 {
-    res.result(boost::beast::http::status::bad_request);
+    res.result(boost::beast::http::status::forbidden);
     addMessageToErrorJson(res.jsonValue, restrictedRole(arg1));
 }
 

diff --git a/scripts/parse_registries.py b/scripts/parse_registries.py
index 4ae1793..a07803f 100755
--- a/scripts/parse_registries.py
+++ b/scripts/parse_registries.py

@@ -244,6 +244,7 @@
         "ResourceInStandby": "service_unavailable",
         "ResourceInUse": "service_unavailable",
         "ResourceNotFound": "not_found",
+        "RestrictedRole": "forbidden",
         "ServiceDisabled": "service_unavailable",
         "ServiceInUnknownState": "service_unavailable",
         "ServiceShuttingDown": "service_unavailable",
commit	7f84d8c6b62da3074e9e7600754313cdd50374a5	[log] [tgz]
author	Myung Bae <myungbae@us.ibm.com>	Tue Mar 14 13:44:15 2023 -0700
committer	Ed Tanous <ed@tanous.net>	Thu Apr 10 16:49:24 2025 +0000
tree	ec8acfbc580e584c8ad8f03bee3c5e69e50e25a3
parent	3498f484442ce04f9babbe425d4c572685f6cd9a [diff]