permissionsContext.setCommandContext() in some scenarios can result in the creation of an entity with the id of the fake user permissionsContext.setCommandContext(); sets saved into the permissions, not being a valid ObjectId, this will throw errors on future permissions operations.
A good first fix can be to properly validate at the DB level that we are saving an ObjectId, this will be a good indirect way to know that we are saving the wrong user, and most importantly we will have a quicker feedback, with the current implementation the problem is not obvious until any permission operations is performed, like trying to public an entity, which can happen days after or weeks.
permissionsContext.setCommandContext()in some scenarios can result in the creation of an entity with the id of the fake userpermissionsContext.setCommandContext();sets saved into the permissions, not being a valid ObjectId, this will throw errors on future permissions operations.A good first fix can be to properly validate at the DB level that we are saving an ObjectId, this will be a good indirect way to know that we are saving the wrong user, and most importantly we will have a quicker feedback, with the current implementation the problem is not obvious until any permission operations is performed, like trying to public an entity, which can happen days after or weeks.