auth fix: don't ignore permission exception in parseEntry()

Change-Id: I115127904df3e4d3a18ded6b4638bdbde87bd2a5

hugegraph-api/src/main/java/com/baidu/hugegraph/api/job/GremlinAPI.java

@@ -73,7 +73,7 @@ public class GremlinAPI extends API {
     @Status(Status.CREATED)
     @Consumes(APPLICATION_JSON)
     @Produces(APPLICATION_JSON_WITH_CHARSET)
-    @RolesAllowed({"admin", "$owner=$graph $action=gremlin_job_execute"})
+    @RolesAllowed({"admin", "$owner=$graph $action=gremlin_execute"})
     public Map<String, Id> post(@Context GraphManager manager,
                                 @PathParam("graph") String graph,
                                 GremlinRequest request) {

hugegraph-core/src/main/java/com/baidu/hugegraph/backend/tx/GraphTransaction.java

@@ -32,6 +32,8 @@
 import java.util.function.Consumer;
 import java.util.function.Function;
 
+import javax.ws.rs.ForbiddenException;
+
 import org.apache.commons.collections.CollectionUtils;
 import org.apache.tinkerpop.gremlin.structure.Edge;
 import org.apache.tinkerpop.gremlin.structure.Element;
@@ -1815,6 +1817,12 @@ private HugeVertex parseEntry(BackendEntry entry) {
             HugeVertex vertex = this.serializer.readVertex(graph(), entry);
             assert vertex != null;
             return vertex;
+        } catch (ForbiddenException | SecurityException e) {
+            /*
+             * Can't ignore permission exception here, otherwise users will
+             * be confused to treat as the record does not exist.
+             */
+            throw e;
         } catch (Throwable e) {
             LOG.error("Failed to parse entry: {}", entry, e);
             if (this.ignoreInvalidEntry) {