From 8f1f27324786f25a3afd0a35b3633f000b0a9eeb Mon Sep 17 00:00:00 2001
From: shreddedbacon <b@benjackson.email>
Date: Fri, 7 Jun 2024 10:16:58 +1000
Subject: [PATCH] refactor: remove attribute from unauthorized response

---
 services/api/src/util/auth.ts | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/services/api/src/util/auth.ts b/services/api/src/util/auth.ts
index 76289dc70b..a5d430361a 100644
--- a/services/api/src/util/auth.ts
+++ b/services/api/src/util/auth.ts
@@ -349,7 +349,8 @@ export const keycloakHasPermission = (grant, requestCache, modelClients, service
       userActivityLogger.user_info(
         `User does not have permission to '${scope}' on '${resource}'`,
         {
-          user: currentUser.id
+          user: currentUser.id,
+          attributes: attributes
         }
       );
     }
@@ -357,13 +358,12 @@ export const keycloakHasPermission = (grant, requestCache, modelClients, service
     userActivityLogger.user_info(
       `User does not have permission to '${scope}' on '${resource}'`,
       {
-        user: grant.access_token.content
+        user: grant.access_token.content,
+        attributes: attributes
       }
     );
     throw new KeycloakUnauthorizedError(
-      `Unauthorized: You don't have permission to "${scope}" on "${resource}": ${JSON.stringify(
-        attributes
-      )}`
+      `Unauthorized: You don't have permission to "${scope}" on "${resource}"`
     );
   };
 };