From d4cac861a56472ea89c7ddfcf37d422c771502df Mon Sep 17 00:00:00 2001 From: Tom Richards Date: Thu, 2 May 2024 16:40:49 +0100 Subject: [PATCH] Revert "change permission check for `preview` and `admin` to ONLY log for now (rather than 403) - reverting this commit will follow in a sep. PR" This reverts commit 8da0eb574a26e78cd6fe7a77155101549d53ba09. --- .../app/http/GuardianAuthWithExemptions.scala | 17 ++++++----------- 1 file changed, 6 insertions(+), 11 deletions(-) diff --git a/common/app/http/GuardianAuthWithExemptions.scala b/common/app/http/GuardianAuthWithExemptions.scala index 237c2fdbfaa..5542529f241 100644 --- a/common/app/http/GuardianAuthWithExemptions.scala +++ b/common/app/http/GuardianAuthWithExemptions.scala @@ -10,7 +10,6 @@ import common.Environment.stage import conf.Configuration.aws.mandatoryCredentials import model.ApplicationContext import org.apache.pekko.stream.Materializer -import org.slf4j.LoggerFactory import play.api.Mode import play.api.libs.ws.WSClient import play.api.mvc._ @@ -35,8 +34,6 @@ class GuardianAuthWithExemptions( private val outer = this - val logger = LoggerFactory.getLogger(this.getClass) - private val permissions: PermissionsProvider = PermissionsProvider( PermissionsConfig( stage = if (stage == "PROD") "PROD" else "CODE", @@ -105,14 +102,12 @@ class GuardianAuthWithExemptions( if (permissions.hasPermission(requiredPermission, user.email)) { nextFilter(request) } else { -// Future.successful( -// Results.Forbidden( -// s"You do not have permission to access $system. " + -// s"You should contact Central Production to request '$requiredEditorialPermissionName' permission.", -// ), -// ) - logger.warn(s"${user.email} used $system, but didn't have '$requiredEditorialPermissionName' permission.") - nextFilter(request) + Future.successful( + Results.Forbidden( + s"You do not have permission to access $system. " + + s"You should contact Central Production to request '$requiredEditorialPermissionName' permission.", + ), + ) } } }