From b0c84815c4df6edae4009507ad524b3fa1eb7450 Mon Sep 17 00:00:00 2001
From: Mika Marttila <mika@oranssi.org>
Date: Thu, 16 Aug 2018 11:21:45 +0300
Subject: [PATCH] Raises on INSUFFICIENT_PERMISSION error from NetSuite
 response

---
 lib/netsuite/errors.rb         |  1 +
 lib/netsuite/response.rb       | 27 +++++++++++++++++++++++++++
 spec/netsuite/response_spec.rb | 17 +++++++++++++++++
 3 files changed, 45 insertions(+)

diff --git a/lib/netsuite/errors.rb b/lib/netsuite/errors.rb
index ec4cfc193..75a1deecf 100644
--- a/lib/netsuite/errors.rb
+++ b/lib/netsuite/errors.rb
@@ -2,6 +2,7 @@ module NetSuite
   class RecordNotFound < StandardError; end
   class InitializationError < StandardError; end
   class ConfigurationError < StandardError; end
+  class PermissionError < StandardError; end
 
   # NOTE not an exception, used as a wrapped around NetSuite SOAP error
   class Error
diff --git a/lib/netsuite/response.rb b/lib/netsuite/response.rb
index a7975fad8..48c03705b 100644
--- a/lib/netsuite/response.rb
+++ b/lib/netsuite/response.rb
@@ -7,6 +7,8 @@ def initialize(attributes = {})
       @header   = attributes[:header]
       @body     = attributes[:body]
       @errors   = attributes[:errors] || []
+
+      raise_on_response_errors
     end
 
     def success!
@@ -16,5 +18,30 @@ def success!
     def success?
       @success
     end
+
+    private
+
+    def status_detail
+      @body &&
+        @body.is_a?(Hash) &&
+        @body[:status] &&
+        @body[:status][:status_detail]
+    end
+
+    def response_error_code
+      if success?
+        nil
+      else
+        status_detail &&
+          status_detail[:code]
+      end
+    end
+
+    def validate_response
+      case raise_on_response_errors
+      when 'INSUFFICIENT_PERMISSION'
+        raise NetSuite::PermissionError, status_detail[:message]
+      end
+    end
   end
 end
diff --git a/spec/netsuite/response_spec.rb b/spec/netsuite/response_spec.rb
index 666653653..ac0c96079 100644
--- a/spec/netsuite/response_spec.rb
+++ b/spec/netsuite/response_spec.rb
@@ -14,6 +14,23 @@
       response = NetSuite::Response.new(:success => true)
       expect(response).to be_success
     end
+
+    it 'throws PermissionError when response failed to INSUFFICIENT_PERMISSION' do
+      expect {
+        NetSuite::Response.new(
+          :success => false,
+          :body => {
+            status: {
+              status_detail: {
+                :@type => 'ERROR',
+                :code => 'INSUFFICIENT_PERMISSION',
+                :message => 'Permission Violation: The subsidiary restrictions on your role prevent you from seeing this record.'
+              }
+            }
+          }
+        )
+      }.to raise_error(NetSuite::PermissionError)
+    end
   end
 
   describe '#body' do