From 1af54608a81eaac70f2c744da1d4d85335b8da57 Mon Sep 17 00:00:00 2001
From: sanket-shelar <sanket.shelar.dev@gmail.com>
Date: Mon, 5 Jan 2026 13:06:32 +0530
Subject: [PATCH] RANGER-5425: Grant policies should show created by and
 updated by as users running the cmd instead of service users.

---
 .../service/RangerBaseModelService.java       | 33 ++++++++++++-------
 1 file changed, 21 insertions(+), 12 deletions(-)

diff --git a/security-admin/src/main/java/org/apache/ranger/service/RangerBaseModelService.java b/security-admin/src/main/java/org/apache/ranger/service/RangerBaseModelService.java
index 78e037beed..9a3fb4069e 100755
--- a/security-admin/src/main/java/org/apache/ranger/service/RangerBaseModelService.java
+++ b/security-admin/src/main/java/org/apache/ranger/service/RangerBaseModelService.java
@@ -315,15 +315,7 @@ protected V populateViewBean(T entityObj) {
 
     protected T populateEntityBeanForCreate(T entityObj, V vObj) {
         if (!populateExistingBaseFields) {
-            Long addedByUserId = ContextUtil.getCurrentUserId();
-
-            if (addedByUserId == null) {
-                XXPortalUser createdByUser = daoMgr.getXXPortalUser().findByLoginId(vObj.getCreatedBy());
-
-                if (createdByUser != null) {
-                    addedByUserId = createdByUser.getId();
-                }
-            }
+            Long addedByUserId = resolveUserId(vObj.getCreatedBy());
             entityObj.setCreateTime(DateUtil.getUTCDate());
             entityObj.setUpdateTime(entityObj.getCreateTime());
             entityObj.setAddedByUserId(addedByUserId);
@@ -358,16 +350,33 @@ protected T populateEntityBeanForUpdate(T entityObj, V vObj) {
         }
 
         if (!populateExistingBaseFields) {
-            Long currentUserId = ContextUtil.getCurrentUserId();
+            Long updatedByUserId = resolveUserId(vObj.getUpdatedBy());
             ret.setUpdateTime(DateUtil.getUTCDate());
-            if (Objects.nonNull(currentUserId)) {
-                ret.setUpdatedByUserId(currentUserId);
+            if (Objects.nonNull(updatedByUserId)) {
+                ret.setUpdatedByUserId(updatedByUserId);
             }
         }
 
         return ret;
     }
 
+    private Long resolveUserId(String userLoginId) {
+        Long userId = null;
+        if (Objects.equals(userLoginId, ContextUtil.getCurrentUserLoginId())) {
+            userId = ContextUtil.getCurrentUserId();
+        }
+        else if (!stringUtil.isEmpty(userLoginId)) {
+            XXPortalUser createdByUser = daoMgr.getXXPortalUser().findByLoginId(userLoginId);
+            if (createdByUser != null) {
+                userId = createdByUser.getId();
+            }
+        }
+        if (userId == null) {
+            userId = ContextUtil.getCurrentUserId();
+        }
+        return userId;
+    }
+
     protected abstract void validateForCreate(V vObj);
 
     /*