From 71b742388cb24855dabf5be0cd3e4be1e0e12f49 Mon Sep 17 00:00:00 2001
From: Sebastian Sdorra <sebastian.sdorra@cloudogu.com>
Date: Wed, 25 May 2016 10:03:04 +0200
Subject: [PATCH] do not swallow the ScmSecurityException in PermissionFilter

---
 .../scm/web/filter/PermissionFilter.java      | 32 ++++++-------------
 1 file changed, 9 insertions(+), 23 deletions(-)

diff --git a/scm-core/src/main/java/sonia/scm/web/filter/PermissionFilter.java b/scm-core/src/main/java/sonia/scm/web/filter/PermissionFilter.java
index defa83a1b7..7a3ded673d 100644
--- a/scm-core/src/main/java/sonia/scm/web/filter/PermissionFilter.java
+++ b/scm-core/src/main/java/sonia/scm/web/filter/PermissionFilter.java
@@ -161,33 +161,24 @@ public abstract class PermissionFilter extends HttpFilter
 
         if (hasPermission(repository, writeRequest))
         {
-          if (logger.isTraceEnabled())
-          {
-            logger.trace("{} access to repository {} for user {} granted",
-              getActionAsString(writeRequest), repository.getName(),
-              getUserName(subject));
-          }
+          logger.trace("{} access to repository {} for user {} granted",
+            getActionAsString(writeRequest), repository.getName(),
+            getUserName(subject));
 
           chain.doFilter(request, response);
         }
         else
         {
-          if (logger.isInfoEnabled())
-          {
-            logger.info("{} access to repository {} for user {} denied",
-              getActionAsString(writeRequest), repository.getName(),
-              getUserName(subject));
-          }
-
+          logger.info("{} access to repository {} for user {} denied",
+            getActionAsString(writeRequest), repository.getName(),
+            getUserName(subject));
+          
           sendAccessDenied(request, response, subject);
         }
       }
       else
       {
-        if (logger.isDebugEnabled())
-        {
-          logger.debug("repository not found");
-        }
+        logger.debug("repository not found");
 
         response.sendError(HttpServletResponse.SC_NOT_FOUND);
       }
@@ -210,12 +201,7 @@ public abstract class PermissionFilter extends HttpFilter
     }
     catch (ScmSecurityException ex)
     {
-      if (logger.isWarnEnabled())
-      {
-        logger.warn("user {} has not enough permissions",
-          subject.getPrincipal());
-      }
-
+      logger.warn("user " + subject.getPrincipal() +  " has not enough permissions", ex);
       sendAccessDenied(request, response, subject);
     }