@@ -5,14 +5,13 @@ import (
55 "database/sql"
66 "fmt"
77
8+ "github.com/google/uuid"
89 "golang.org/x/xerrors"
910
1011 "cdr.dev/slog"
11-
12- "github.com/google/uuid"
13-
1412 "github.com/coder/coder/coderd/database"
1513 "github.com/coder/coder/coderd/rbac"
14+ "github.com/open-policy-agent/opa/topdown"
1615)
1716
1817var _ database.Store = (* querier )(nil )
@@ -44,11 +43,18 @@ func logNotAuthorizedError(ctx context.Context, logger slog.Logger, err error) e
4443 // Only log the errors if it is an UnauthorizedError error.
4544 internalError := new (rbac.UnauthorizedError )
4645 if err != nil && xerrors .As (err , & internalError ) {
47- logger .Debug (ctx , "unauthorized" ,
48- slog .F ("internal" , internalError .Internal ()),
49- slog .F ("input" , internalError .Input ()),
50- slog .Error (err ),
51- )
46+ // A common false flag is when the user cancels the request. This can be checked
47+ // by checking if the error is a topdown.Error and if the error code is
48+ // topdown.CancelErr. If the error is not a topdown.Error, or the code is not
49+ // topdown.CancelErr, then we should log it.
50+ e := new (topdown.Error )
51+ if ! xerrors .As (err , & e ) || e .Code != topdown .CancelErr {
52+ logger .Debug (ctx , "unauthorized" ,
53+ slog .F ("internal" , internalError .Internal ()),
54+ slog .F ("input" , internalError .Input ()),
55+ slog .Error (err ),
56+ )
57+ }
5258 }
5359 return NotAuthorizedError {
5460 Err : err ,
0 commit comments