From ee0f3fb19636bc27b0aeaa959890789398272596 Mon Sep 17 00:00:00 2001
From: Alex Vanin <alexey@nspcc.ru>
Date: Thu, 2 Jun 2022 17:31:28 +0300
Subject: [PATCH] [#489] Avoid sensitive data logging

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
---
 api/handler/acl.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/api/handler/acl.go b/api/handler/acl.go
index 1a63512..3cd034d 100644
--- a/api/handler/acl.go
+++ b/api/handler/acl.go
@@ -516,8 +516,8 @@ func formGrantee(granteeType, value string) (*Grantee, error) {
 			Type:         acpAmazonCustomerByEmail,
 		}, nil
 	}
-
-	return nil, fmt.Errorf("unknown type: %s", granteeType)
+	// do not return grantee type to avoid sensitive data logging (#489)
+	return nil, fmt.Errorf("unknown grantee type")
 }
 
 func addPredefinedACP(acp *AccessControlPolicy, cannedACL string) (*AccessControlPolicy, error) {