improve error logs

Signed-off-by: shirady <57721533+shirady@users.noreply.github.com>

Author: shirady

src/endpoint/s3/s3_rest.js

@@ -347,7 +347,7 @@ async function authorize_request_iam_policy(req) {
     const iam_policies = account.iam_user_policies || [];
     if (iam_policies.length === 0) {
         if (req.object_sdk.nsfs_config_root) return; // We do not have IAM policies in NC yet
-        dbg.log1('authorize_request_iam_policy: IAM user has no inline policies configured');
+        dbg.error('authorize_request_iam_policy: IAM user has no inline policies configured');
         _throw_iam_access_denied_error_for_s3_operation(account, method, resource_arn);
     }
 
@@ -364,13 +364,16 @@ async function authorize_request_iam_policy(req) {
     const permission_result = await Promise.all(promises);
     let has_allow_permission = false;
     for (const permission of permission_result) {
-        if (permission === "DENY") _throw_iam_access_denied_error_for_s3_operation(account, method, resource_arn);
+        if (permission === "DENY") {
+            dbg.error('authorize_request_iam_policy: user has explicit DENY inline policy');
+            _throw_iam_access_denied_error_for_s3_operation(account, method, resource_arn);
+        }
         if (permission === "ALLOW") {
             has_allow_permission = true;
         }
     }
     if (has_allow_permission) return;
-    dbg.log1('authorize_request_iam_policy: user has inline policies but none of them matched the method');
+    dbg.error('authorize_request_iam_policy: user has inline policies but none of them matched the method');
     _throw_iam_access_denied_error_for_s3_operation(account, method, resource_arn);
 }