/** * Returns the active user to which authorization checks should be applied. * If we are in the context of an RPC call, the remote user is used, * otherwise the currently logged in user is used. */ private User getActiveUser(ObserverContext<?> ctx) throws IOException { // for non-rpc handling, fallback to system user Optional<User> optionalUser = ctx.getCaller(); if (optionalUser.isPresent()) { return optionalUser.get(); } return userProvider.getCurrent(); }