feat: record user in operation logs#12596
Conversation
|
Adding the "do-not-merge/release-note-label-needed" label because no release-note block was detected, please follow our release note process to remove it. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: e99a662336
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| sessionUser, ok := c.Get(psessionUtils.GinContextSessionUserKey) | ||
| if !ok { | ||
| return "" |
There was a problem hiding this comment.
loadOperationUser only checks GinContextSessionUserKey and returns "" when that key is absent. In this middleware stack, some logged routes (notably /api/v2/core/auth/*) bypass the code path that sets this context value, so requests with valid session cookies still get stored with an empty user field; this makes the new operation-log user column unreliable for actions like MFA/API config changes. Add a fallback to read the current session directly when the context key is unavailable.
Useful? React with 👍 / 👎.
2 participants
No description provided.