This is an automated email from the ASF dual-hosted git repository.
snoopdave pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/roller.git
The following commit(s) were added to refs/heads/master by this push:
new 8316ee315 Better error logging around access-denied/
new e71be55e8 Merge branch 'master' of https://github.com/apache/roller
8316ee315 is described below
commit 8316ee315f104b09304b4c5a94be6cf1c1d476d9
Author: David M. Johnson <[email protected]>
AuthorDate: Sun Jul 10 09:57:11 2022 -0400
Better error logging around access-denied/
---
.../ui/struts2/util/UISecurityInterceptor.java | 19 +++++++++----------
1 file changed, 9 insertions(+), 10 deletions(-)
diff --git
a/app/src/main/java/org/apache/roller/weblogger/ui/struts2/util/UISecurityInterceptor.java
b/app/src/main/java/org/apache/roller/weblogger/ui/struts2/util/UISecurityInterceptor.java
index e3c62d2d3..8e97899b8 100644
---
a/app/src/main/java/org/apache/roller/weblogger/ui/struts2/util/UISecurityInterceptor.java
+++
b/app/src/main/java/org/apache/roller/weblogger/ui/struts2/util/UISecurityInterceptor.java
@@ -73,13 +73,12 @@ public class UISecurityInterceptor extends
MethodFilterInterceptor {
// are we also enforcing global permissions?
if (theAction.requiredGlobalPermissionActions() != null
- && !theAction.requiredGlobalPermissionActions()
- .isEmpty()) {
- GlobalPermission perm = new GlobalPermission(
- theAction.requiredGlobalPermissionActions());
+ &&
!theAction.requiredGlobalPermissionActions().isEmpty()) {
+ GlobalPermission perm = new
GlobalPermission(theAction.requiredGlobalPermissionActions());
if (!umgr.checkPermission(perm, authenticatedUser)) {
if (log.isDebugEnabled()) {
- log.debug("DENIED: user does not have permission =
" + perm.toString());
+ log.debug(String.format("DENIED: user %s does not
have permission = %s",
+ authenticatedUser.getUserName(), perm));
}
return UIAction.DENIED;
}
@@ -92,9 +91,9 @@ public class UISecurityInterceptor extends
MethodFilterInterceptor {
.getActionWeblog();
if (actionWeblog == null) {
if (log.isWarnEnabled()) {
- log.warn("User " + authenticatedUser.getUserName()
+
- " unable to process action \"" +
((UIAction) theAction).getActionName() +
- "\" because no weblog was defined (Check
JSP form provides weblog value.)");
+ log.warn(String.format("User %s unable to process
action %s " +
+ "because no weblog was defined (Check JSP
form provides weblog value).",
+ authenticatedUser.getUserName(), ((UIAction)
theAction).getActionName()));
}
return UIAction.DENIED;
}
@@ -109,8 +108,8 @@ public class UISecurityInterceptor extends
MethodFilterInterceptor {
if (!umgr.checkPermission(required,
authenticatedUser)) {
if (log.isDebugEnabled()) {
- log.debug("DENIED: user does not have required
weblog permissions = "
- + required);
+ log.debug(String.format("DENIED: user %s does
not have required weblog permissions %s",
+ authenticatedUser.getUserName(),
required));
}
return UIAction.DENIED;
}
