Fix audit record authorization issues

- Wrap all artifactHit.update() calls with authz disable/enable - Ensures mcp-user can create and update audit records - Fixes ArtifactAuthorizationException on audit logging

Fix audit record authorization issues
- Wrap all artifactHit.update() calls with authz disable/enable - Ensures mcp-user can create and update audit records - Fixes ArtifactAuthorizationException on audit logging
Ean Schuessler
Showing 1 changed file with 12 additions and 0 deletions
service/McpServices.xml
--- a/service/McpServices.xml
View file @73de296
+++ b/service/McpServices.xml
View file @73de296
@@ -675,7 +675,13 @@
                    artifactHit.runningTimeMillis = executionTime
                    artifactHit.wasError = "Y"
                    artifactHit.errorMessage = e.message
+                    
+                    ec.artifactExecution.disableAuthz()
+                    try {
                        artifactHit.update()
+                    } finally {
+                        ec.artifactExecution.enableAuthz()
+                    }
                    
                    result = [
                        content: [
@@ -946,7 +952,13 @@
                     artifactHit.runningTimeMillis = executionTime
                     artifactHit.wasError = "N"
                     artifactHit.outputSize = new JsonBuilder(result).toString().length()
+                     
+                     ec.artifactExecution.disableAuthz()
+                     try {
                         artifactHit.update()
+                     } finally {
+                         ec.artifactExecution.enableAuthz()
+                     }
                    
                } catch (Exception e) {
                    def executionTime = (System.currentTimeMillis() - startTime) / 1000.0