Skip to content

Commit

Permalink
graph: debug logging for requireadmin middleware
Browse files Browse the repository at this point in the history
  • Loading branch information
rhafer committed Sep 7, 2023
1 parent df24465 commit 193e631
Showing 1 changed file with 4 additions and 3 deletions.
7 changes: 4 additions & 3 deletions services/graph/pkg/middleware/requireadmin.go
Original file line number Diff line number Diff line change
Expand Up @@ -12,8 +12,8 @@ import (

// RequireAdmin middleware is used to require the user in context to be an admin / have account management permissions
func RequireAdmin(rm *roles.Manager, logger log.Logger) func(next http.Handler) http.Handler {

return func(next http.Handler) http.Handler {
l := logger.With().Str("middleware", "requireAdmin").Logger()
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
u, ok := revactx.ContextGetUser(r.Context())
if !ok {
Expand All @@ -27,15 +27,16 @@ func RequireAdmin(rm *roles.Manager, logger log.Logger) func(next http.Handler)
// get roles from context
roleIDs, ok := roles.ReadRoleIDsFromContext(r.Context())
if !ok {
logger.Debug().Str("userid", u.Id.OpaqueId).Msg("No roles in context, contacting settings service")
l.Debug().Str("userid", u.Id.OpaqueId).Msg("No roles in context, contacting settings service")
var err error
roleIDs, err = rm.FindRoleIDsForUser(r.Context(), u.Id.OpaqueId)
if err != nil {
logger.Err(err).Str("userid", u.Id.OpaqueId).Msg("failed to get roles for user")
l.Error().Err(err).Str("userid", u.Id.OpaqueId).Msg("Failed to get roles for user")
errorcode.AccessDenied.Render(w, r, http.StatusUnauthorized, "Unauthorized")
return
}
if len(roleIDs) == 0 {
l.Error().Err(err).Str("userid", u.Id.OpaqueId).Msg("No roles assigned to user")
errorcode.AccessDenied.Render(w, r, http.StatusUnauthorized, "Unauthorized")
return
}
Expand Down

0 comments on commit 193e631

Please sign in to comment.