don't log 'permissions disabled' with every API call if disabled

Josephine-Rutten · Mar 11, 2024 · 29ac456 · 29ac456
1 parent c2ce5cb
commit 29ac456
Showing 1 changed file with 1 addition and 2 deletions.
diff --git a/src/cnaas_nms/tools/security.py b/src/cnaas_nms/tools/security.py
@@ -92,14 +92,13 @@ def authenticate_token(self, token_string: str) -> Token:
     def validate_token(self, token, scopes, request: OAuth2Request) -> Token:
         """Check if token matches the requested scopes and user has permission to execute the API call."""
         if auth_settings.PERMISSIONS_DISABLED:
-            logger.debug("Permissions are disabled. Everyone can do every api call")
             return token
         #  For api call that everyone is always allowed to do
         if scopes is not None and "always_permitted" in scopes:
             return token
         permissions_rules = auth_settings.PERMISSIONS
         if not permissions_rules:
-            logger.debug("No permissions defined, so nobody is permitted to do any api calls.")
+            logger.warning("No permissions defined, so nobody is permitted to do any api calls.")
             raise PermissionError()
         user_info = get_oauth_token_info(token)
         permissions = get_permissions_user(permissions_rules, user_info)