fix(security): reject the request if it's rejected by access controller

src/replica/replica.cpp

@@ -174,6 +174,7 @@ void replica::on_client_read(dsn::message_ex *request, bool ignore_throttling)
 {
     if (!_access_controller->allowed(request)) {
         response_client_read(request, ERR_ACL_DENY);
+        return;
     }
 
     CHECK_REQUEST_IF_SPLITTING(read)

src/replica/replica_2pc.cpp

@@ -43,7 +43,8 @@ void replica::on_client_write(dsn::message_ex *request, bool ignore_throttling)
     _checker.only_one_thread_access();
 
     if (!_access_controller->allowed(request)) {
-        response_client_read(request, ERR_ACL_DENY);
+        response_client_write(request, ERR_ACL_DENY);
+        return;
     }
 
     if (_deny_client_write) {