From f173415d1eeffc0ce6758b97a66f0cb89b7a624e Mon Sep 17 00:00:00 2001
From: Maha Benzekri <maha.benzekri@scality.com>
Date: Thu, 11 Jul 2024 12:49:49 +0200
Subject: [PATCH] logs

---
 config.json                                        | 2 +-
 lib/api/apiUtils/authorization/permissionChecks.js | 1 +
 lib/api/multiObjectDelete.js                       | 2 ++
 3 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/config.json b/config.json
index 3a44b36aed..fe0aaa2ad9 100644
--- a/config.json
+++ b/config.json
@@ -60,7 +60,7 @@
     },
     "clusters": 1,
     "log": {
-        "logLevel": "info",
+        "logLevel": "trace",
         "dumpLevel": "error"
     },
     "healthChecks": {
diff --git a/lib/api/apiUtils/authorization/permissionChecks.js b/lib/api/apiUtils/authorization/permissionChecks.js
index d46cf05949..36a69d2e82 100644
--- a/lib/api/apiUtils/authorization/permissionChecks.js
+++ b/lib/api/apiUtils/authorization/permissionChecks.js
@@ -357,6 +357,7 @@ function processBucketPolicy(requestType, bucket, canonicalID, arn, bucketOwner,
     let processedResult = results[requestType];
     if (!bucketPolicy) {
         processedResult = actionImplicitDenies[requestType] === false && aclPermission;
+        log.info('WE ARE IN THE NO BUCKET POLICY');
     } else {
         const bucketPolicyPermission = checkBucketPolicy(bucketPolicy, requestType, canonicalID, arn,
             bucketOwner, log, request, actionImplicitDenies);
diff --git a/lib/api/multiObjectDelete.js b/lib/api/multiObjectDelete.js
index 855b739aff..6f5fd7e2a5 100644
--- a/lib/api/multiObjectDelete.js
+++ b/lib/api/multiObjectDelete.js
@@ -571,6 +571,7 @@ function multiObjectDelete(authInfo, request, log, callback) {
             };
             return vault.checkPolicies(requestContextParams, authInfo.getArn(),
                 log, (err, authorizationResults) => {
+                    log.info('received authorization results', authorizationResults);
                     // there were no policies so received a blanket AccessDenied
                     if (err?.is.AccessDenied) {
                         objects.forEach(entry => {
@@ -606,6 +607,7 @@ function multiObjectDelete(authInfo, request, log, callback) {
                     }, {});
                     for (let i = 0; i < authorizationResults.length; i++) {
                         const result = authorizationResults[i];
+                        log.info('checking authorization result', result);
                         // result is { isAllowed: true,
                         // arn: arn:aws:s3:::bucket/object,
                         // versionId: sampleversionId } unless not allowed