@@ -44,18 +44,8 @@ func logNotAuthorizedError(ctx context.Context, logger slog.Logger, err error) e
4444 // Only log the errors if it is an UnauthorizedError error.
4545 internalError := new (rbac.UnauthorizedError )
4646 if err != nil && xerrors .As (err , & internalError ) {
47- // A common false flag is when the user cancels the request. This can be checked
48- // by checking if the error is a topdown.Error and if the error code is
49- // topdown.CancelErr. If the error is not a topdown.Error, or the code is not
50- // topdown.CancelErr, then we should log it.
5147 e := new (topdown.Error )
52- if ! xerrors .As (err , & e ) || e .Code != topdown .CancelErr {
53- logger .Debug (ctx , "unauthorized" ,
54- slog .F ("internal" , internalError .Internal ()),
55- slog .F ("input" , internalError .Input ()),
56- slog .Error (err ),
57- )
58- } else {
48+ if xerrors .As (err , & e ) || e .Code != topdown .CancelErr {
5949 // For some reason rego changes a cancelled context to a topdown.CancelErr. We
6050 // expect to check for cancelled context errors if the user cancels the request,
6151 // so we should change the error to a context.Canceled error.
@@ -65,6 +55,11 @@ func logNotAuthorizedError(ctx context.Context, logger slog.Logger, err error) e
6555 internalError .SetInternal (context .Canceled )
6656 return internalError
6757 }
58+ logger .Debug (ctx , "unauthorized" ,
59+ slog .F ("internal" , internalError .Internal ()),
60+ slog .F ("input" , internalError .Input ()),
61+ slog .Error (err ),
62+ )
6863 }
6964 return NotAuthorizedError {
7065 Err : err ,
0 commit comments