galovics commented on code in PR #5094:
URL: https://github.com/apache/fineract/pull/5094#discussion_r2432257303
##########
fineract-provider/src/main/java/org/apache/fineract/infrastructure/core/domain/AuditorAwareImpl.java:
##########
@@ -35,7 +35,7 @@ public Optional<Long> getCurrentAuditor() {
final SecurityContext securityContext =
SecurityContextHolder.getContext();
if (securityContext != null) {
final Authentication authentication =
securityContext.getAuthentication();
- if (authentication != null) {
+ if (authentication != null && authentication.getPrincipal()
instanceof AppUser) {
Review Comment:
I mean this makes sense to me since in case the principal is not an AppUser,
it'll eventually just throw an exception in the line below when casting.
If you say we shouldn't rely on the superuser when the principal is not an
appuser, but rather handle it gracefully with the proper exception, that makes
sense to me too.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
