From 4076c0d741d41d429ed547480879fa0f1ee47037 Mon Sep 17 00:00:00 2001
From: Preetha Appan <preetha@hashicorp.com>
Date: Mon, 31 Jul 2017 17:23:20 -0500
Subject: [PATCH] Return nil instead of empty list when returning a
 PermissionDenied error, updated unit test

---
 agent/consul/filter.go      | 6 +++---
 agent/consul/filter_test.go | 1 -
 2 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/agent/consul/filter.go b/agent/consul/filter.go
index ba6a01f7dc..88be1b99c3 100644
--- a/agent/consul/filter.go
+++ b/agent/consul/filter.go
@@ -26,7 +26,7 @@ func FilterDirEnt(acl acl.ACL, ent structs.DirEntries) (structs.DirEntries, erro
 	df := dirEntFilter{acl: acl, ent: ent}
 	filtered := ent[:FilterEntries(&df)]
 	if len(filtered) == 0 {
-		return filtered, errPermissionDenied
+		return nil, errPermissionDenied
 	}
 	return filtered, nil
 }
@@ -53,7 +53,7 @@ func FilterKeys(acl acl.ACL, keys []string) ([]string, error) {
 	kf := keyFilter{acl: acl, keys: keys}
 	filteredKeys := keys[:FilterEntries(&kf)]
 	if len(filteredKeys) == 0 {
-		return filteredKeys, errPermissionDenied
+		return nil, errPermissionDenied
 	}
 	return filteredKeys, nil
 }
@@ -85,7 +85,7 @@ func FilterTxnResults(acl acl.ACL, results structs.TxnResults) (structs.TxnResul
 	rf := txnResultsFilter{acl: acl, results: results}
 	filtered := results[:FilterEntries(&rf)]
 	if len(filtered) == 0 {
-		return filtered, errPermissionDenied
+		return nil, errPermissionDenied
 	}
 	return filtered, nil
 }
diff --git a/agent/consul/filter_test.go b/agent/consul/filter_test.go
index 161595e36b..eb5218d53a 100644
--- a/agent/consul/filter_test.go
+++ b/agent/consul/filter_test.go
@@ -72,7 +72,6 @@ func TestFilter_Keys(t *testing.T) {
 		},
 		tcase{
 			in:  []string{"abe", "lincoln"},
-			out: []string{},
 			err: errPermissionDenied,
 		},
 		tcase{