diff --git a/rm-community/rm-community-repo/config/alfresco/templates/webscripts/org/alfresco/slingshot/documentlibrary-v2/rm-doclist.get.desc.xml b/rm-community/rm-community-repo/config/alfresco/templates/webscripts/org/alfresco/slingshot/documentlibrary-v2/rm-doclist.get.desc.xml index 8b8441f74d..61b91c6544 100644 --- a/rm-community/rm-community-repo/config/alfresco/templates/webscripts/org/alfresco/slingshot/documentlibrary-v2/rm-doclist.get.desc.xml +++ b/rm-community/rm-community-repo/config/alfresco/templates/webscripts/org/alfresco/slingshot/documentlibrary-v2/rm-doclist.get.desc.xml @@ -7,6 +7,6 @@ /slingshot/doclib2/rm/doclist/{type}/node/{store_type}/{store_id}/{id} argument user - required + required internal \ No newline at end of file diff --git a/rm-community/rm-community-repo/config/alfresco/templates/webscripts/org/alfresco/slingshot/documentlibrary/rm-treenode.get.desc.xml b/rm-community/rm-community-repo/config/alfresco/templates/webscripts/org/alfresco/slingshot/documentlibrary/rm-treenode.get.desc.xml index e7345e5692..435570705e 100644 --- a/rm-community/rm-community-repo/config/alfresco/templates/webscripts/org/alfresco/slingshot/documentlibrary/rm-treenode.get.desc.xml +++ b/rm-community/rm-community-repo/config/alfresco/templates/webscripts/org/alfresco/slingshot/documentlibrary/rm-treenode.get.desc.xml @@ -7,6 +7,6 @@ /slingshot/doclib/rm/treenode/node/{store_type}/{store_id}/{id} argument user - required + required internal \ No newline at end of file diff --git a/rm-community/rm-community-repo/source/java/org/alfresco/module/org_alfresco_module_rm/admin/RecordsManagementAdminServiceImpl.java b/rm-community/rm-community-repo/source/java/org/alfresco/module/org_alfresco_module_rm/admin/RecordsManagementAdminServiceImpl.java index 11bd528e35..fc3652c6b7 100644 --- a/rm-community/rm-community-repo/source/java/org/alfresco/module/org_alfresco_module_rm/admin/RecordsManagementAdminServiceImpl.java +++ b/rm-community/rm-community-repo/source/java/org/alfresco/module/org_alfresco_module_rm/admin/RecordsManagementAdminServiceImpl.java @@ -32,6 +32,7 @@ import static org.springframework.extensions.surf.util.ParameterCheck.mandatoryS import java.text.MessageFormat; import java.util.ArrayList; import java.util.Collection; +import java.util.Collections; import java.util.HashMap; import java.util.HashSet; import java.util.List; @@ -60,6 +61,7 @@ import org.alfresco.repo.policy.annotation.BehaviourBean; import org.alfresco.repo.policy.annotation.BehaviourKind; import org.alfresco.repo.security.authentication.AuthenticationUtil; import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork; +import org.alfresco.repo.security.authority.RMAuthority; import org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback; import org.alfresco.service.cmr.dictionary.AspectDefinition; import org.alfresco.service.cmr.dictionary.AssociationDefinition; @@ -71,6 +73,7 @@ import org.alfresco.service.cmr.dictionary.TypeDefinition; import org.alfresco.service.cmr.repository.AssociationRef; import org.alfresco.service.cmr.repository.ChildAssociationRef; import org.alfresco.service.cmr.repository.NodeRef; +import org.alfresco.service.cmr.security.AuthorityType; import org.alfresco.service.namespace.QName; import org.alfresco.service.namespace.RegexQNamePattern; import org.alfresco.service.transaction.TransactionService; @@ -172,19 +175,28 @@ public class RecordsManagementAdminServiceImpl extends RecordsManagementAdminBas @Override public void onApplicationEvent(ContextRefreshedEvent event) { - if(!isCustomMapInit && getDictionaryService().getAllModels().contains(RM_CUSTOM_MODEL)) { - transactionService.getRetryingTransactionHelper().doInTransaction(new RetryingTransactionCallback() + // run as System on bootstrap + AuthenticationUtil.runAs(new RunAsWork() + { + public Object doWork() { - public Void execute() throws Throwable + RetryingTransactionCallback callback = new RetryingTransactionCallback() { - // initialise custom properties - initCustomMap(); - return null; - } - }); - } + public Void execute() + { + // initialise custom properties + initCustomMap(); + return null; + } + }; + transactionService.getRetryingTransactionHelper().doInTransaction(callback); + + return null; + } + }, AuthenticationUtil.getSystemUserName()); + } } /** diff --git a/rm-community/rm-community-repo/source/java/org/alfresco/module/org_alfresco_module_rm/model/rma/type/RmSiteType.java b/rm-community/rm-community-repo/source/java/org/alfresco/module/org_alfresco_module_rm/model/rma/type/RmSiteType.java index 40b7842c08..54c16a408a 100644 --- a/rm-community/rm-community-repo/source/java/org/alfresco/module/org_alfresco_module_rm/model/rma/type/RmSiteType.java +++ b/rm-community/rm-community-repo/source/java/org/alfresco/module/org_alfresco_module_rm/model/rma/type/RmSiteType.java @@ -207,7 +207,7 @@ public class RmSiteType extends BaseBehaviourBean } return null; } - }, AuthenticationUtil.getAdminUserName()); + }, AuthenticationUtil.getSystemUserName()); } } diff --git a/rm-community/rm-community-repo/source/java/org/alfresco/module/org_alfresco_module_rm/security/ExtendedSecurityServiceImpl.java b/rm-community/rm-community-repo/source/java/org/alfresco/module/org_alfresco_module_rm/security/ExtendedSecurityServiceImpl.java index 1d1525c4ef..4b3a4217c9 100644 --- a/rm-community/rm-community-repo/source/java/org/alfresco/module/org_alfresco_module_rm/security/ExtendedSecurityServiceImpl.java +++ b/rm-community/rm-community-repo/source/java/org/alfresco/module/org_alfresco_module_rm/security/ExtendedSecurityServiceImpl.java @@ -43,7 +43,6 @@ import org.alfresco.module.org_alfresco_module_rm.util.ServiceBaseImpl; import org.alfresco.query.PagingRequest; import org.alfresco.query.PagingResults; import org.alfresco.repo.security.authority.RMAuthority; -import org.alfresco.repo.transaction.RetryingTransactionHelper; import org.alfresco.service.cmr.repository.ChildAssociationRef; import org.alfresco.service.cmr.repository.NodeRef; import org.alfresco.service.cmr.security.AccessPermission; @@ -57,6 +56,9 @@ import org.alfresco.util.ParameterCheck; import org.springframework.context.ApplicationListener; import org.springframework.context.event.ContextRefreshedEvent; import org.springframework.extensions.webscripts.ui.common.StringUtils; +import org.alfresco.repo.security.authentication.AuthenticationUtil; +import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork; +import org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback; /** * Extended security service implementation. @@ -138,19 +140,29 @@ public class ExtendedSecurityServiceImpl extends ServiceBaseImpl @Override public void onApplicationEvent(ContextRefreshedEvent contextRefreshedEvent) { - transactionService.getRetryingTransactionHelper().doInTransaction(new RetryingTransactionHelper.RetryingTransactionCallback() + // run as System on bootstrap + AuthenticationUtil.runAs(new RunAsWork() { - public Void execute() throws Throwable + public Object doWork() { - // if the root group doesn't exist then create it - if (!authorityService.authorityExists(getRootIRPGroup())) + RetryingTransactionCallback callback = new RetryingTransactionCallback() { - authorityService.createAuthority(AuthorityType.GROUP, ROOT_IPR_GROUP, ROOT_IPR_GROUP, Collections.singleton(RMAuthority.ZONE_APP_RM)); - } - + public Void execute() + { + // if the root group doesn't exist then create it + if (!authorityService.authorityExists(getRootIRPGroup())) + { + authorityService.createAuthority(AuthorityType.GROUP, ROOT_IPR_GROUP, ROOT_IPR_GROUP, + Collections.singleton(RMAuthority.ZONE_APP_RM)); + } + return null; + } + }; + transactionService.getRetryingTransactionHelper().doInTransaction(callback); + return null; } - }); + }, AuthenticationUtil.getSystemUserName()); } /**