Added more logging during user role sync (#129)

Author: Travis Tomsu

fiat-github/src/main/java/com/netflix/spinnaker/fiat/roles/github/GithubTeamsUserRolesProvider.java

@@ -53,6 +53,7 @@ public class GithubTeamsUserRolesProvider implements UserRolesProvider, Initiali
 
   @Override
   public List<Role> loadRoles(String userName) {
+    log.debug("loadRoles for user " + userName);
     if (StringUtils.isEmpty(userName)|| StringUtils.isEmpty(gitHubProperties.getOrganization())) {
       return new ArrayList<>();
     }
@@ -68,6 +69,16 @@ public List<Role> loadRoles(String userName) {
                                 .isMemberOfOrganization(gitHubProperties.getOrganization(),
                                                         userName);
       isMemberOfOrg = (response.getStatus() == 204);
+      if(log.isDebugEnabled()) {
+        StringBuilder sb = new StringBuilder(userName).append(" is ");
+        if (!isMemberOfOrg) {
+          sb.append("not ");
+        }
+        sb.append("a member of ")
+          .append(gitHubProperties.getOrganization())
+          .append(" organization.");
+        log.debug(sb.toString());
+      }
     } catch (RetrofitError e) {
       if (e.getKind() == RetrofitError.Kind.NETWORK) {
         log.error(String.format("Could not find the server %s", master.getBaseUrl()), e);
@@ -115,10 +126,16 @@ public List<Role> loadRoles(String userName) {
       }
     }
 
+    log.debug("Found " + teams.size() + " teams in org.");
     teams.forEach(t -> {
+      StringBuilder sb = new StringBuilder(userName).append(" is member of team ").append(t.getName());
       if (isMemberOfTeam(t, userName)) {
+        sb.append(": true");
         result.add(toRole(t.getSlug()));
+      } else {
+        sb.append(": false");
       }
+      log.debug(sb.toString());
     });
 
     return result;

fiat-google-groups/src/main/java/com/netflix/spinnaker/fiat/roles/google/GoogleDirectoryUserRolesProvider.java

@@ -84,7 +84,7 @@ private class GroupBatchCallback extends JsonBatchCallback<Groups> {
 
     @Override
     public void onFailure(GoogleJsonError e, HttpHeaders responseHeaders) throws IOException {
-      log.error("Failed to fetch groups: " + e.getMessage());
+      log.warn("Failed to fetch groups for user " + email + ": " + e.getMessage());
     }
 
     @Override

fiat-roles/src/main/java/com/netflix/spinnaker/fiat/permissions/DefaultPermissionsResolver.java

@@ -16,6 +16,7 @@
 
 package com.netflix.spinnaker.fiat.permissions;
 
+import com.fasterxml.jackson.databind.ObjectMapper;
 import com.google.common.collect.ArrayListMultimap;
 import com.google.common.collect.Multimap;
 import com.netflix.spinnaker.fiat.config.UnrestrictedResourceConfig;
@@ -73,7 +74,9 @@ public UserPermission resolve(@NonNull String userId) {
   public UserPermission resolveAndMerge(@NonNull ExternalUser user) {
     List<Role> roles;
     try {
+      log.debug("Loading roles for user " + user);
       roles = userRolesProvider.loadRoles(user.getId());
+      log.debug("Got roles " + roles + " for user " + user);
     } catch (ProviderException pe) {
       throw new PermissionResolutionException("Failed to resolve user permission for user " + user.getId(), pe);
     }
@@ -155,6 +158,11 @@ private Map<String, Collection<Role>> getAndMergeUserRoles(@NonNull Collection<E
                  .addAll(user.getExternalRoles());
     });
 
+    if (log.isDebugEnabled()) {
+      try {
+        log.debug("Multi-loaded roles: \n" + new ObjectMapper().writerWithDefaultPrettyPrinter().writeValueAsString(userToRoles));
+      } catch (Exception e) {}
+    }
     return userToRoles;
   }
 }