From 40a6a0e92d2667f1de5d2a0da458387d6f147e59 Mon Sep 17 00:00:00 2001
From: Marcel Raddatz <marcel@raddatz.cloud>
Date: Mon, 6 Apr 2026 19:46:24 +0200
Subject: [PATCH] fix(security): use generic forbidden message to avoid leaking
 required role

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 .../java/com/recipeapp/common/HouseholdRoleInterceptor.java     | 2 +-
 .../java/com/recipeapp/common/HouseholdRoleInterceptorTest.java | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/backend/src/main/java/com/recipeapp/common/HouseholdRoleInterceptor.java b/backend/src/main/java/com/recipeapp/common/HouseholdRoleInterceptor.java
index ac3de06..5adea8a 100644
--- a/backend/src/main/java/com/recipeapp/common/HouseholdRoleInterceptor.java
+++ b/backend/src/main/java/com/recipeapp/common/HouseholdRoleInterceptor.java
@@ -35,7 +35,7 @@ public class HouseholdRoleInterceptor implements HandlerInterceptor {
 
         String actualRole = householdResolver.resolveRole(auth.getName());
         if (!annotation.value().equals(actualRole)) {
-            throw new ForbiddenException("Requires household role: " + annotation.value());
+            throw new ForbiddenException("Insufficient permissions");
         }
 
         return true;
diff --git a/backend/src/test/java/com/recipeapp/common/HouseholdRoleInterceptorTest.java b/backend/src/test/java/com/recipeapp/common/HouseholdRoleInterceptorTest.java
index aaf85ac..3b0754c 100644
--- a/backend/src/test/java/com/recipeapp/common/HouseholdRoleInterceptorTest.java
+++ b/backend/src/test/java/com/recipeapp/common/HouseholdRoleInterceptorTest.java
@@ -62,7 +62,7 @@ class HouseholdRoleInterceptorTest {
 
         assertThatThrownBy(() -> interceptor.preHandle(request, response, handlerMethod))
                 .isInstanceOf(ForbiddenException.class)
-                .hasMessageContaining("planner");
+                .hasMessage("Insufficient permissions");
     }
 
     @Test