Skip to content
This repository has been archived by the owner on Nov 9, 2017. It is now read-only.

Commit

Permalink
Log permission check failure as WARN, success as DEBUG
Browse files Browse the repository at this point in the history
  • Loading branch information
@seanf
seanf committed Sep 15, 2014
1 parent f1b10b5 commit a39283b
Showing 1 changed file with 31 additions and 7 deletions.
38 changes: 31 additions & 7 deletions zanata-war/src/main/java/org/zanata/security/ZanataIdentity.java
View file
Expand Up @@ -52,8 +52,8 @@
@BypassInterceptors
@Startup
public class ZanataIdentity extends Identity {
private static final Logger LOGGER = LoggerFactory
.getLogger(ZanataIdentity.class);
private static final Logger log = LoggerFactory.getLogger(
ZanataIdentity.class);

public static final String USER_LOGOUT_EVENT = "user.logout";
public static final String USER_ENTER_WORKSPACE = "user.enter";
Expand Down Expand Up @@ -115,18 +115,42 @@ public void logout() {

@Override
public boolean hasPermission(Object target, String action) {
LOGGER.debug("ENTER hasPermission({}, {})", target, action);
log.trace("ENTER hasPermission({}, {})", target, action);
boolean result = super.hasPermission(target, action);
LOGGER.debug("EXIT hasPermission(): {}", result);
if (result) {
if (log.isDebugEnabled()) {
log.debug("ALLOWED hasPermission({}, {}) for user {}",
target, action, getAccountUsername());
}
} else {
if (log.isWarnEnabled()) {
log.warn("DENIED hasPermission({}, {}) for user {}",
target, action, getAccountUsername());
}
}
log.trace("EXIT hasPermission(): {}", result);
return result;
}

@Override
public boolean hasPermission(String name, String action, Object... arg) {
LOGGER.debug("ENTER hasPermission({})",
Lists.newArrayList(name, action, arg));
if (log.isTraceEnabled()) {
log.trace("ENTER hasPermission({})",
Lists.newArrayList(name, action, arg));
}
boolean result = super.hasPermission(name, action, arg);
LOGGER.debug("EXIT hasPermission(): {}", result);
if (result) {
if (log.isDebugEnabled()) {
log.debug("ALLOWED hasPermission({}, {}, {}) for user {}",
name, action, arg, getAccountUsername());
}
} else {
if (log.isWarnEnabled()) {
log.warn("DENIED hasPermission({}, {}, {}) for user {}",
name, action, arg, getAccountUsername());
}
}
log.trace("EXIT hasPermission(): {}", result);
return result;
}

Expand Down

0 comments on commit a39283b

Please sign in to comment.