Skip to content

Commit

Permalink
Additional debug logging for ACL lookups (#937)
Browse files Browse the repository at this point in the history 
Resolves #935
  • Loading branch information
@acoburn
acoburn authored Jun 30, 2020
1 parent d7c0009 commit a8a8a25
Showing 1 changed file with 5 additions and 0 deletions.
5 changes: 5 additions & 0 deletions auth/webac/src/main/java/org/trellisldp/webac/WebAcService.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -218,6 +218,7 @@ public AuthorizedModes getAuthorizedModes(final IRI identifier, final Session se
return new AuthorizedModes(null, allModes);
}

LOGGER.debug("Looking up ACL for agent [{}] on resource [{}]", session.getAgent(), identifier);
final AuthorizedModes cachedModes = cache.get(generateCacheKey(identifier, session.getAgent()), k ->
getAuthz(identifier, session.getAgent()));
return session.getDelegatedBy().map(delegate -> {
Expand All @@ -241,6 +242,10 @@ public static String generateCacheKey(final IRI identifier, final IRI agent) {

private AuthorizedModes getAuthz(final IRI identifier, final IRI agent) {
final AuthorizedModes authModes = getModesFor(identifier, agent);

if (authModes.getAccessModes().isEmpty()) {
LOGGER.debug("Agent [{}] has no access to resource [{}]", agent, identifier);
}
final Set<IRI> modes = new HashSet<>(authModes.getAccessModes());
// consider membership resources, if relevant
if (checkMembershipResources && hasWritableMode(modes)) {
Expand Down

0 comments on commit a8a8a25

Please sign in to comment.