[MAGNOLIA-6686] System context operations hide the real user who triggered them Created: 09/Jun/16  Updated: 09/Feb/17  Due: 09/Jun/16  Resolved: 28/Jul/16

Status: Closed
Project: Magnolia
Component/s: security
Affects Version/s: 5.3.9, 5.4.7
Fix Version/s: 5.5

Type: Bug Priority: Neutral
Reporter: Mercedes Iruela Assignee: AntonĂ­n Juran
Resolution: Fixed Votes: 0
Labels: support
Remaining Estimate: 0d
Time Spent: 0.5h
Original Estimate: Not Specified

Issue Links:
causality
is causing MAGNOLIA-6731 Some operations are requested to run ... Accepted
is causing MAGNOLIA-6734 Assess and clean up redundant system ... Closed
is causing MAGNOLIA-6798 Reduce log level from warn to debug u... Closed
dependency
is depended upon by MGNLUI-3961 Adjust test to changes in MAGNOLIA-6686 Closed
Template:
Acceptance criteria:
Empty
Task DoD:
[ ]* Doc/release notes changes? Comment present?
[ ]* Downstream builds green?
[ ]* Solution information and context easily available?
[ ]* Tests
[ ]* FixVersion filled and not yet released
[ ]  Architecture Decision Record (ADR)
Bug DoR:
[ ]* Steps to reproduce, expected, and actual results filled
[ ]* Affected version filled
Date of First Response:
Sprint: Kromeriz 54
Story Points: 5

 Description   

When a system user changes the password of any user through Security app, no track of the system user that made the change is stored in log-audit, always systemUser is set.

It seems that the update is being done in the system context and because of that reason the user is not being written down:

private static String getUser() {
        if (MgnlContext.isSystemInstance()) {
            return "SystemUser";
        }
        try {
            if(MgnlContext.hasInstance() && MgnlContext.getUser() != null) {
                return MgnlContext.getUser().getName();
            }
        }catch (Exception e) {
            return "system user";
        }
        return "user not set";
    }

I tested it in Magnolia 5.3.9 and Magnolia 5.4.7 (demoauthor.magnolia-cms.com)

More information can be found in linked ticket (SUPPORT-6040)


Generated at Mon Feb 12 04:16:52 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.