inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-07 17:49:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merged V3.3 to HEAD

Browse Source 
20025: Created Enterprise branch V3.3
   20026: ALF-2597 : IMAP : permissions on home space.
      - now, by default, people can't read other's mail.
   20030: Merged BRANCHES/V3.2 to BRANCHES/V3.3:
      19919: Merged BRANCHES/V3.1 to BRANCHES/V3.2:
         19766: Fixed ALF-2351: Oracle upgrade scripts need enhancements from 2.2SP7
      20027: Merged BRANCHES/V3.1 to BRANCHES/V3.2:
         19983: Changes for ALF-2545: Cannot upgrade from 2.1.2a (b 209) to the 3.1.2 (.a3 458) on Oracle
         20008: ALF-2351: Oracle upgrade scripts need enhancements from 2.2SP7
   20032: Merged HEAD to BRANCHES/V3.3 (RECORD ONLY)
      20031: Fix ALF-2626 - Share Repository browser broken
   20035: Enterprise branding for Share & Explorer - DO NOT MERGE (RECORD ONLY)
      Also: SAIL-282: Update the Help URLs for 3.3 Enterprise
   20039: Fix ALF-2393 - Alfresco Comunity 3.3 deployment error on JBoss v6
   20044: Fix ALF-750 (versioning does not persist node associations)
      - TODO: review version migrator (if upgrading directly from Ent 2.x to Ent 3.3)
   20049: Merged PATCHES/V3.2.r to BRANCHES/V3.3
      20047: Fix for ALF-2640: Share: Edit Offline and Upload New Version fails with HTML uploader on FF3.5, works on IE
   20054: Fix ALF-750 (versioning does not persist node associations)
      - update version migrator (only applies if not already run, ie. upgrading directly from Ent 2.x to Ent 3.3)
   20057: Merged HEAD to BRANCHES/V3.3: (RECORD ONLY)
      20033: Accordion example was broken when FDK is deployed as a JAR
   20064: Fix for ALF-2623: Alfresco 3.3G's Share site is prone to cross site scripting attacks
      - Bug is actually in the wiki components
   20065: Fix unreported issue (auto-versioning for metadata-only updates stops working after checkin) & additional improvements to LockService
      - explicitly remove lockable aspect (rather than nullifying properties) for unlock / checkin
      - use txn resource to track ignorable nodes (for lockable aspect behaviours)
      - note: currently affects Alfresco Explorer only (since Alfresco Share explicitly disables autoVersionOnUpdateProps)
   20066: Increased PermGen space for tests to 256M from 128M
   20071: AVM - check for circular layered directories (ALF-813 / ALF-910)
   20073: Fix LockService tests
      - fix typo (introduced in r20065)
      - TODO: review LockOwnerDynamicAuthorityTest.testCheckOutCheckInAuthorities
   20076: Fix LockOwnerDynamicAuthorityTest.testCheckOutCheckInAuthorities
   20078: Fixed ALF-2464 "Missing i18n labels when rules fail to run"
   20081: Fixed ALF-1626 "The position:absolute behaviour of the Flash preview container needs a re-think"
      - Now handles long file names (resize was already fixed)
   20083: Fix for ALF-2708: Unmodifiable exception thrown when Web Script f/w attempts to report error (latest Spring Surf webscripts libraries)
   20084: Fixed ALF-253 "Unfriendly message appears when trying to login with username which contains symbol '\'"
      - also fixed bug whereerror messages for illegal characters was displayed as undefined for FF on Mac
   20085: Merging HEAD into BRANCHES/V3.3:
      20074: ALF-959 The invitation email 'subject' can now be set as a localizable property in invitation-services.properties:
      20080: Fixing failing test InvitationServiceImplTest.
   20087: ALF-1498: RM web script puts Alfresco in endless loop
      This was a general issue with the onUpdateProperties behaviour in the versionable aspect.  This code now disables the behaviour whilst it is executing to prevent the endless loop occuring.
   20088: Fixed an issue when uploading 2 or more documents for a new site. 
      - A failure occured since it asynchronously tried to create the documentLibrary container twice and the second attempt failed since it already existed.
   20089: SAIL-356: Action label changes
   20090: Dynamic models: minor improvements to DictionaryModelType
      - add (optional) concurrency locking
      - remove duplicate bean def
      - bind remaining class behaviours (onCreateNode, onRemoveAspect) based on type
   20091: Fixed ALF-1046 "Leave button is displayed for admin on Site Finder page near private site where admin is not invited"
   20092: Merged DEV/BELARUS/V3.2-2010_03_17 to V3.3
      20043: ALF-928: Upgrade from 2.1.7 to 3.2 with lots of content items - GC overhead limit exceeded exception
         Call getChildAssocs(NodeRef, QNamePattern, QNamePattern, boolean) with a value of 'false' for the preload argument to avoid preloading all the child nodes
   20093: Fix for ALF-2721: Upgrade clean 2.2.current + 20k users to 3.3.current fails in CalendarModelUriPatch updating URI that does not exist
   20094: ALF-2630: LDAP differential sync was failing to sync group memberships of users who themselves hadn't changed
      - New post process deals with group associations of unprocessed users
      - Modified unit test to properly simulate differential sync
   20095: Fix for ALF-2715: Rule creation in Alfresco Share 3.3G leads to an "Internal Server Error" failure message
   20096: Fix webview and wiki dashlet titles in yellow and gdocs themes.
   20097: Follow-up fix to cross-browser WebView dashlet (iframe) resizing
   20098: Workaround for ALF-2211: Share - Accessing User homes from Share/JSF integration freezes the browser.
      - The tree control has been given a configurable maximum folder count setting for both Site and Repository working modes. By default these are "unlimited" in Site mode and 500 in Repository mode. These values can be overridden in share-config-custom.xml - see the sample configuration file for details.
      - The workaround is to display a "Too many sub-folders to display" message when the maximum number of folders has been reached.
      - To aid users to select their User Home space (or sub-folder thereof) for Copy and Move actions, a new "My User Home" button is provided on the folder picker control.
   20099: Fix for ALF-2606: Manage Permissions on multiple nodes.
      - Toolbar action removed when in Repository Browser, as the fine-grained permissions page does not support multiple nodes.
   20100: Merged Outlook Meeting Workspace integration from BRANCHES/DEV/BELARUS/V3.2-2010_01_11
   20102: Fix for ALF-478: Authority CRC calculations must use UTF-8
   20103: Follow up from ALF-253 (Unfriendly message appears when trying to login with username which contains symbol '\')
      - Making lastName mandatory in Share ui since service otherwise complains
   20106: Fixed ALF-1041 "Revert action is available for SiteContributor and SiteConsumer" (and added a missing msg key for blogs)
   20108: ALF-2235: Permission exception when creating non-electronic records by Power User with Read and File permssions
   20109: Fix for ALF-2706 "ConcurrentModificationException in AsynchronousActionExecutionQueueImpl"
   20110: Merge Dev to V3.3
      ALF-1980 - Huge UIDVALIDITY giving IMAP client problems
   20111: Latest webeditor JAR containing change to orientation strings in WEF
   20113: Fix Share DocLib copy/move actions from recent refactor. Picker now appears with correct Site/Repository mode set upon opening.
   20114: Fix for ALF-2726: 'Transform and Copy content' action causes error.
   20115: Fix for ALF-2697 - File encoding is hard-coded for upload.post.js (Webscript API)
   20116: Fix for ALF-1090
   20119: ALF-2734 - Incorrect behaviour on creating google docs in Repository Browser
   20120: Enterprise build fix for Index check tests 
      - disable user usage updates
      - this should not be required
   20121: ALF-959 The site name/title should now correctly appear in the invite email subject, replacing '{0}'.
   20123: Merged HEAD to V3.3 (RECORD ONLY)
      20122: First part of fix for ALF-2718:  DOD5015 module breaks CMIS Atom DiscoveryService webscripts
   20126: Fix rule rest api json so numbers are not incorrectly formatted.


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@20565 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Dave Ward
2010-06-09 12:47:50 +00:00
parent 6d89f9d970
commit 2163f99539
39 changed files with 1703 additions and 561 deletions
Download Patch File Download Diff File Expand all files Collapse all files

392
source/java/org/alfresco/repo/security/sync/ChainingUserRegistrySynchronizer.java
View File

@@ -18,12 +18,14 @@
*/
package org.alfresco.repo.security.sync;
import java.io.Serializable;
import java.sql.BatchUpdateException;
import java.text.DateFormat;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedHashMap;
@@ -551,6 +553,9 @@ public class ChainingUserRegistrySynchronizer extends AbstractLifecycleBean impl
private final Map<String, String> groupsToCreate = new TreeMap<String, String>();
private final Map<String, Set<String>> groupAssocsToCreate = new TreeMap<String, Set<String>>();
private final Map<String, Set<String>> groupAssocsToDelete = new TreeMap<String, Set<String>>();
private final Set<String> authoritiesMaintained = new TreeSet<String>();
private Set<String> deletionCandidates;
private long latestTime;
public Analyzer(final long latestTime)
@@ -562,25 +567,10 @@ public class ChainingUserRegistrySynchronizer extends AbstractLifecycleBean impl
{
return this.latestTime;
}
public Set<String> getAllZoneAuthorities()
public Set<String> getDeletionCandidates()
{
return this.allZoneAuthorities;
}
public Map<String, String> getGroupsToCreate()
{
return this.groupsToCreate;
}
public Map<String, Set<String>> getGroupAssocsToCreate()
{
return this.groupAssocsToCreate;
}
public Map<String, Set<String>> getGroupAssocsToDelete()
{
return this.groupAssocsToDelete;
return this.deletionCandidates;
}
public String getIdentifier(NodeDescription entry)
@@ -759,156 +749,218 @@ public class ChainingUserRegistrySynchronizer extends AbstractLifecycleBean impl
parents.add(groupName);
}
}
}
Analyzer groupAnalyzer = new Analyzer(lastModifiedMillis);
int groupProcessedCount = groupProcessor.process(groupAnalyzer, splitTxns);
final Map<String, Set<String>> groupAssocsToCreate = groupAnalyzer.getGroupAssocsToCreate();
final Map<String, Set<String>> groupAssocsToDelete = groupAnalyzer.getGroupAssocsToDelete();
Set<String> deletionCandidates = null;
// If we got back some groups, we have to cross reference them with the set of known authorities
if (allowDeletions || !groupAssocsToCreate.isEmpty())
{
// Get current set of known authorities
Set<String> allZoneAuthorities = this.retryingTransactionHelper.doInTransaction(
new RetryingTransactionCallback<Set<String>>()
{
public Set<String> execute() throws Throwable
{
return ChainingUserRegistrySynchronizer.this.authorityService.getAllAuthoritiesInZone(
zoneId, null);
}
}, true, splitTxns);
// Add in those that will be created or moved
allZoneAuthorities.addAll(groupAnalyzer.getAllZoneAuthorities());
// Prune our set of authorities according to deletions
if (allowDeletions)
public void processGroups(UserRegistry userRegistry, boolean allowDeletions, boolean splitTxns)
{
deletionCandidates = new TreeSet<String>(allZoneAuthorities);
userRegistry.processDeletions(deletionCandidates);
allZoneAuthorities.removeAll(deletionCandidates);
groupAssocsToCreate.keySet().removeAll(deletionCandidates);
groupAssocsToDelete.keySet().removeAll(deletionCandidates);
// If we got back some groups, we have to cross reference them with the set of known authorities
if (allowDeletions || !groupAssocsToCreate.isEmpty())
{
// Add in current set of known authorities
allZoneAuthorities.addAll(ChainingUserRegistrySynchronizer.this.retryingTransactionHelper.doInTransaction(
new RetryingTransactionCallback<Set<String>>()
{
public Set<String> execute() throws Throwable
{
return ChainingUserRegistrySynchronizer.this.authorityService.getAllAuthoritiesInZone(
zoneId, null);
}
}, true, splitTxns));
// Prune our set of authorities according to deletions
if (allowDeletions)
{
deletionCandidates = new TreeSet<String>(allZoneAuthorities);
userRegistry.processDeletions(deletionCandidates);
allZoneAuthorities.removeAll(deletionCandidates);
groupAssocsToCreate.keySet().removeAll(deletionCandidates);
groupAssocsToDelete.keySet().removeAll(deletionCandidates);
}
if (!groupAssocsToCreate.isEmpty())
{
// Sort the group associations in depth-first order (root groups first) and filter out non-existent parents
Map<String, Set<String>> sortedGroupAssociations = new LinkedHashMap<String, Set<String>>(
groupAssocsToCreate.size() * 2);
List<String> authorityPath = new ArrayList<String>(5);
for (String authority : groupAssocsToCreate.keySet())
{
if (allZoneAuthorities.contains(authority))
{
authorityPath.add(authority);
visitGroupAssociations(authorityPath, allZoneAuthorities, groupAssocsToCreate,
sortedGroupAssociations);
authorityPath.clear();
}
}
// Add the groups and their parent associations in depth-first order
BatchProcessor<Map.Entry<String, Set<String>>> groupCreator = new BatchProcessor<Map.Entry<String, Set<String>>>(
zone + " Group Creation and Association",
ChainingUserRegistrySynchronizer.this.retryingTransactionHelper,
sortedGroupAssociations.entrySet(),
ChainingUserRegistrySynchronizer.this.workerThreads, 20,
ChainingUserRegistrySynchronizer.this.applicationEventPublisher,
ChainingUserRegistrySynchronizer.logger,
ChainingUserRegistrySynchronizer.this.loggingInterval);
groupCreator.process(new BatchProcessWorker<Map.Entry<String, Set<String>>>()
{
public String getIdentifier(Map.Entry<String, Set<String>> entry)
{
return entry.getKey() + " " + entry.getValue();
}
public void beforeProcess() throws Throwable
{
// Disable rules
ruleService.disableRules();
// Authentication
AuthenticationUtil.setRunAsUser(AuthenticationUtil.getSystemUserName());
}
public void afterProcess() throws Throwable
{
// Enable rules
ruleService.enableRules();
// Clear authentication
AuthenticationUtil.clearCurrentSecurityContext();
}
public void process(Map.Entry<String, Set<String>> entry) throws Throwable
{
String child = entry.getKey();
String groupDisplayName = groupsToCreate.get(child);
if (groupDisplayName != null)
{
String groupShortName = ChainingUserRegistrySynchronizer.this.authorityService
.getShortName(child);
if (ChainingUserRegistrySynchronizer.logger.isDebugEnabled())
{
ChainingUserRegistrySynchronizer.logger
.debug("Creating group '" + groupShortName + "'");
}
// create the group
ChainingUserRegistrySynchronizer.this.authorityService.createAuthority(AuthorityType
.getAuthorityType(child), groupShortName, groupDisplayName, zoneSet);
}
maintainAssociations(child);
}
}, splitTxns);
}
}
}
if (!groupAssocsToCreate.isEmpty())
public void finalizeAssociations(UserRegistry userRegistry, boolean splitTxns)
{
// Sort the group associations in depth-first order (root groups first)
Map<String, Set<String>> sortedGroupAssociations = new LinkedHashMap<String, Set<String>>(
groupAssocsToCreate.size() * 2);
List<String> authorityPath = new ArrayList<String>(5);
for (String authority : groupAssocsToCreate.keySet())
// Remove all the associations we have already dealt with
groupAssocsToCreate.keySet().removeAll(authoritiesMaintained);
// Filter out associations to authorities that simply can't exist
groupAssocsToCreate.keySet().retainAll(allZoneAuthorities);
if (!groupAssocsToCreate.isEmpty())
{
if (allZoneAuthorities.contains(authority))
BatchProcessor<Map.Entry<String, Set<String>>> groupCreator = new BatchProcessor<Map.Entry<String, Set<String>>>(
zone + " Authority Association",
ChainingUserRegistrySynchronizer.this.retryingTransactionHelper,
groupAssocsToCreate.entrySet(),
ChainingUserRegistrySynchronizer.this.workerThreads, 20,
ChainingUserRegistrySynchronizer.this.applicationEventPublisher,
ChainingUserRegistrySynchronizer.logger,
ChainingUserRegistrySynchronizer.this.loggingInterval);
groupCreator.process(new BatchProcessWorker<Map.Entry<String, Set<String>>>()
{
authorityPath.add(authority);
visitGroupAssociations(authorityPath, allZoneAuthorities, groupAssocsToCreate,
sortedGroupAssociations);
authorityPath.clear();
public String getIdentifier(Map.Entry<String, Set<String>> entry)
{
return entry.getKey() + " " + entry.getValue();
}
public void beforeProcess() throws Throwable
{
// Disable rules
ruleService.disableRules();
// Authentication
AuthenticationUtil.setRunAsUser(AuthenticationUtil.getSystemUserName());
}
public void afterProcess() throws Throwable
{
// Enable rules
ruleService.enableRules();
// Clear authentication
AuthenticationUtil.clearCurrentSecurityContext();
}
public void process(Map.Entry<String, Set<String>> entry) throws Throwable
{
maintainAssociations(entry.getKey());
}
}, splitTxns);
}
}
private void maintainAssociations(String authorityName) throws BatchUpdateException
{
Set<String> parents = this.groupAssocsToCreate.get(authorityName);
if (parents != null && !parents.isEmpty())
{
if (ChainingUserRegistrySynchronizer.logger.isDebugEnabled())
{
for (String groupName : parents)
{
ChainingUserRegistrySynchronizer.logger.debug("Adding '"
+ ChainingUserRegistrySynchronizer.this.authorityService
.getShortName(authorityName) + "' to group '"
+ ChainingUserRegistrySynchronizer.this.authorityService.getShortName(groupName)
+ "'");
}
}
try
{
ChainingUserRegistrySynchronizer.this.authorityService.addAuthority(parents, authorityName);
}
catch (UnknownAuthorityException e)
{
// Let's force a transaction retry if a parent doesn't exist. It may be because we are
// waiting for another worker thread to create it
BatchUpdateException e1 = new BatchUpdateException();
e1.initCause(e);
throw e1;
}
}
// Add the groups and their parent associations in depth-first order
final Map<String, String> groupsToCreate = groupAnalyzer.getGroupsToCreate();
BatchProcessor<Map.Entry<String, Set<String>>> groupCreator = new BatchProcessor<Map.Entry<String, Set<String>>>(
zone + " Group Creation and Association",
this.retryingTransactionHelper,
sortedGroupAssociations.entrySet(),
this.workerThreads, 20,
this.applicationEventPublisher,
ChainingUserRegistrySynchronizer.logger,
this.loggingInterval);
groupCreator.process(new BatchProcessWorker<Map.Entry<String, Set<String>>>()
Set<String> parentsToDelete = this.groupAssocsToDelete.get(authorityName);
if (parentsToDelete != null && !parentsToDelete.isEmpty())
{
public String getIdentifier(Map.Entry<String, Set<String>> entry)
for (String parent : parentsToDelete)
{
return entry.getKey() + " " + entry.getValue();
}
public void beforeProcess() throws Throwable
{
// Disable rules
ruleService.disableRules();
// Authentication
AuthenticationUtil.setRunAsUser(AuthenticationUtil.getSystemUserName());
}
public void afterProcess() throws Throwable
{
// Enable rules
ruleService.enableRules();
// Clear authentication
AuthenticationUtil.clearCurrentSecurityContext();
}
public void process(Map.Entry<String, Set<String>> entry) throws Throwable
{
Set<String> parents = entry.getValue();
String child = entry.getKey();
String groupDisplayName = groupsToCreate.get(child);
if (groupDisplayName != null)
if (ChainingUserRegistrySynchronizer.logger.isDebugEnabled())
{
String groupShortName = ChainingUserRegistrySynchronizer.this.authorityService
.getShortName(child);
if (ChainingUserRegistrySynchronizer.logger.isDebugEnabled())
{
ChainingUserRegistrySynchronizer.logger
.debug("Creating group '" + groupShortName + "'");
}
// create the group
ChainingUserRegistrySynchronizer.this.authorityService.createAuthority(AuthorityType
.getAuthorityType(child), groupShortName, groupDisplayName, zoneSet);
}
if (!parents.isEmpty())
{
if (ChainingUserRegistrySynchronizer.logger.isDebugEnabled())
{
for (String groupName : parents)
{
ChainingUserRegistrySynchronizer.logger.debug("Adding '"
ChainingUserRegistrySynchronizer.logger
.debug("Removing '"
+ ChainingUserRegistrySynchronizer.this.authorityService
.getShortName(child)
+ "' to group '"
+ ChainingUserRegistrySynchronizer.this.authorityService
.getShortName(groupName) + "'");
}
}
try
{
ChainingUserRegistrySynchronizer.this.authorityService.addAuthority(parents, child);
}
catch (UnknownAuthorityException e)
{
// Let's force a transaction retry if a parent doesn't exist. It may be because we are
// waiting for another worker thread to create it
throw new BatchUpdateException().initCause(e);
}
}
Set<String> parentsToDelete = groupAssocsToDelete.get(child);
if (parentsToDelete != null && !parentsToDelete.isEmpty())
{
for (String parent : parentsToDelete)
{
if (ChainingUserRegistrySynchronizer.logger.isDebugEnabled())
{
ChainingUserRegistrySynchronizer.logger.debug("Removing '"
+ ChainingUserRegistrySynchronizer.this.authorityService
.getShortName(child)
.getShortName(authorityName)
+ "' from group '"
+ ChainingUserRegistrySynchronizer.this.authorityService
.getShortName(parent) + "'");
}
ChainingUserRegistrySynchronizer.this.authorityService.removeAuthority(parent, child);
}
}
ChainingUserRegistrySynchronizer.this.authorityService.removeAuthority(parent, authorityName);
}
}, splitTxns);
}
// Remember that this authority's associations have been maintained
synchronized (this)
{
this.authoritiesMaintained.add(authorityName);
}
}
}
final Analyzer groupAnalyzer = new Analyzer(lastModifiedMillis);
int groupProcessedCount = groupProcessor.process(groupAnalyzer, splitTxns);
groupAnalyzer.processGroups(userRegistry, allowDeletions, splitTxns);
// Process persons and their parent associations
lastModifiedMillis = forceUpdate ? -1 : getMostRecentUpdateTime(
@@ -971,7 +1023,8 @@ public class ChainingUserRegistrySynchronizer extends AbstractLifecycleBean impl
public void process(NodeDescription person) throws Throwable
{
PropertyMap personProperties = person.getProperties();
// Make a mutable copy of the person properties, since they get written back to by person service
HashMap<QName, Serializable> personProperties = new HashMap<QName, Serializable>(person.getProperties());
String personName = (String) personProperties.get(ContentModel.PROP_USERNAME);
Set<String> zones = ChainingUserRegistrySynchronizer.this.authorityService
.getAuthorityZones(personName);
@@ -1037,41 +1090,9 @@ public class ChainingUserRegistrySynchronizer extends AbstractLifecycleBean impl
ChainingUserRegistrySynchronizer.this.personService.createPerson(personProperties, zoneSet);
}
}
// Maintain associations
Set<String> parents = groupAssocsToCreate.get(personName);
if (parents != null && !parents.isEmpty())
{
if (ChainingUserRegistrySynchronizer.logger.isDebugEnabled())
{
for (String groupName : parents)
{
ChainingUserRegistrySynchronizer.logger.debug("Adding '"
+ ChainingUserRegistrySynchronizer.this.authorityService.getShortName(personName)
+ "' to group '"
+ ChainingUserRegistrySynchronizer.this.authorityService.getShortName(groupName)
+ "'");
}
}
ChainingUserRegistrySynchronizer.this.authorityService.addAuthority(parents, personName);
}
Set<String> parentsToDelete = groupAssocsToDelete.get(personName);
if (parentsToDelete != null && !parentsToDelete.isEmpty())
{
for (String parent : parentsToDelete)
{
if (ChainingUserRegistrySynchronizer.logger.isDebugEnabled())
{
ChainingUserRegistrySynchronizer.logger
.debug("Removing '"
+ ChainingUserRegistrySynchronizer.this.authorityService
.getShortName(personName)
+ "' from group '"
+ ChainingUserRegistrySynchronizer.this.authorityService
.getShortName(parent) + "'");
}
ChainingUserRegistrySynchronizer.this.authorityService.removeAuthority(parent, personName);
}
}
groupAnalyzer.maintainAssociations(personName);
synchronized (this)
{
@@ -1087,6 +1108,9 @@ public class ChainingUserRegistrySynchronizer extends AbstractLifecycleBean impl
PersonWorker persons = new PersonWorker(lastModifiedMillis);
int personProcessedCount = personProcessor.process(persons, splitTxns);
// Process those associations to persons who themselves have not been updated
groupAnalyzer.finalizeAssociations(userRegistry, splitTxns);
// Only now that the whole tree has been processed is it safe to persist the last modified dates
long latestTime = groupAnalyzer.getLatestTime();
@@ -1108,7 +1132,7 @@ public class ChainingUserRegistrySynchronizer extends AbstractLifecycleBean impl
BatchProcessor<String> authorityDeletionProcessor = new BatchProcessor<String>(
zone + " Authority Deletion",
this.retryingTransactionHelper,
deletionCandidates,
groupAnalyzer.getDeletionCandidates(),
this.workerThreads, 10,
this.applicationEventPublisher,
ChainingUserRegistrySynchronizer.logger,