From e8a29b89d0df7f009939d39b68037d731ec9b325 Mon Sep 17 00:00:00 2001
From: Dmitry Vyukov <dvyukov@google.com>
Date: Tue, 20 Mar 2018 11:33:18 +0100
Subject: dashboard/app: don't log un-signed-in users as errors

Un-signed-in users are redirected to login page.
And maybe they have access after sign-in.
Otherwise the error will be logged aftger sign-in.
---
 dashboard/app/handler.go | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

(limited to 'dashboard/app/handler.go')

diff --git a/dashboard/app/handler.go b/dashboard/app/handler.go
index f31b68b5e..d7f503349 100644
--- a/dashboard/app/handler.go
+++ b/dashboard/app/handler.go
@@ -67,11 +67,10 @@ func checkAccessLevel(c context.Context, r *http.Request, level AccessLevel) err
 	if accessLevel(c, r) >= level {
 		return nil
 	}
-	userID := "not-signed-in"
 	if u := user.Current(c); u != nil {
-		userID = fmt.Sprintf("%q [%q]", u.Email, u.AuthDomain)
+		// Log only if user is signed in. Not-signed-in users are redirected to login page.
+		log.Errorf(c, "unauthorized access: %q [%q] access level %v", u.Email, u.AuthDomain, level)
 	}
-	log.Errorf(c, "unauthorized access: %v access level %v", userID, level)
 	return ErrAccess
 }
 
-- 
cgit mrf-deployment