REPO-2189: Service Pack: MNT-17239: Unexpected changes of cm:modified and cm:modifier

- IncompleteNodeTagger disables cm:auditable and cm:versionable when making changes

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/BRANCHES/DEV/5.2.N/root@135891 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Cristian Turlica
2017-03-16 13:24:07 +00:00
parent 9eaffa8b04
commit 242cc5b406
3 changed files with 176 additions and 54 deletions

View File

@@ -204,6 +204,9 @@
<value>{http://www.alfresco.org/model/content/1.0}source</value> <value>{http://www.alfresco.org/model/content/1.0}source</value>
</list> </list>
</property> </property>
<property name="behaviourFilter">
<ref bean="policyBehaviourFilter"/>
</property>
</bean> </bean>
<!-- Node cleanup --> <!-- Node cleanup -->

View File

@@ -37,6 +37,7 @@ import java.util.Set;
import org.alfresco.error.AlfrescoRuntimeException; import org.alfresco.error.AlfrescoRuntimeException;
import org.alfresco.model.ContentModel; import org.alfresco.model.ContentModel;
import org.alfresco.repo.node.NodeServicePolicies; import org.alfresco.repo.node.NodeServicePolicies;
import org.alfresco.repo.policy.BehaviourFilter;
import org.alfresco.repo.policy.JavaBehaviour; import org.alfresco.repo.policy.JavaBehaviour;
import org.alfresco.repo.policy.PolicyComponent; import org.alfresco.repo.policy.PolicyComponent;
import org.alfresco.repo.security.authentication.AuthenticationUtil; import org.alfresco.repo.security.authentication.AuthenticationUtil;
@@ -85,6 +86,7 @@ public class IncompleteNodeTagger
private NodeService nodeService; private NodeService nodeService;
private List<String> storesToIgnore = new ArrayList<String>(0); private List<String> storesToIgnore = new ArrayList<String>(0);
private Set<QName> propertiesToIgnore = new HashSet<QName>(); private Set<QName> propertiesToIgnore = new HashSet<QName>();
private BehaviourFilter behaviourFilter;
public IncompleteNodeTagger() public IncompleteNodeTagger()
{ {
@@ -136,6 +138,11 @@ public class IncompleteNodeTagger
} }
} }
public void setBehaviourFilter(BehaviourFilter behaviourFilter)
{
this.behaviourFilter = behaviourFilter;
}
/** /**
* Registers the system-level policy behaviours * Registers the system-level policy behaviours
*/ */
@@ -145,6 +152,7 @@ public class IncompleteNodeTagger
PropertyCheck.mandatory("IncompleteNodeTagger", "dictionaryService", dictionaryService); PropertyCheck.mandatory("IncompleteNodeTagger", "dictionaryService", dictionaryService);
PropertyCheck.mandatory("IncompleteNodeTagger", "nodeService", nodeService); PropertyCheck.mandatory("IncompleteNodeTagger", "nodeService", nodeService);
PropertyCheck.mandatory("IncompleteNodeTagger", "policyComponent", policyComponent); PropertyCheck.mandatory("IncompleteNodeTagger", "policyComponent", policyComponent);
PropertyCheck.mandatory("IncompleteNodeTagger", "behaviourFilter", behaviourFilter);
// register behaviour // register behaviour
policyComponent.bindClassBehaviour( policyComponent.bindClassBehaviour(
@@ -590,8 +598,20 @@ public class IncompleteNodeTagger
private void addOrRemoveTag(NodeRef nodeRef, boolean addTag, boolean isTagged) private void addOrRemoveTag(NodeRef nodeRef, boolean addTag, boolean isTagged)
{ {
if (addTag && !isTagged) if (addTag && !isTagged)
{
// MNT-17239: Unexpected changes of cm:modified and cm:modifier
behaviourFilter.disableBehaviour(nodeRef, ContentModel.ASPECT_AUDITABLE);
behaviourFilter.disableBehaviour(nodeRef, ContentModel.ASPECT_VERSIONABLE);
try
{ {
nodeService.addAspect(nodeRef, ContentModel.ASPECT_INCOMPLETE, null); nodeService.addAspect(nodeRef, ContentModel.ASPECT_INCOMPLETE, null);
}
finally
{
behaviourFilter.enableBehaviour(nodeRef, ContentModel.ASPECT_VERSIONABLE);
behaviourFilter.enableBehaviour(nodeRef, ContentModel.ASPECT_AUDITABLE);
}
// done // done
if (logger.isDebugEnabled()) if (logger.isDebugEnabled())
{ {
@@ -599,8 +619,20 @@ public class IncompleteNodeTagger
} }
} }
else if (!addTag && isTagged) else if (!addTag && isTagged)
{
// MNT-17239: Unexpected changes of cm:modified and cm:modifier
behaviourFilter.disableBehaviour(nodeRef, ContentModel.ASPECT_AUDITABLE);
behaviourFilter.disableBehaviour(nodeRef, ContentModel.ASPECT_VERSIONABLE);
try
{ {
nodeService.removeAspect(nodeRef, ContentModel.ASPECT_INCOMPLETE); nodeService.removeAspect(nodeRef, ContentModel.ASPECT_INCOMPLETE);
}
finally
{
behaviourFilter.enableBehaviour(nodeRef, ContentModel.ASPECT_VERSIONABLE);
behaviourFilter.enableBehaviour(nodeRef, ContentModel.ASPECT_AUDITABLE);
}
// done // done
if (logger.isDebugEnabled()) if (logger.isDebugEnabled())
{ {

View File

@@ -25,6 +25,10 @@
*/ */
package org.alfresco.repo.node.integrity; package org.alfresco.repo.node.integrity;
import java.io.InputStream; import java.io.InputStream;
import java.io.Serializable;
import java.util.Map;
import java.util.Set;
import java.util.UUID;
import javax.transaction.UserTransaction; import javax.transaction.UserTransaction;
@@ -43,7 +47,6 @@ import org.alfresco.service.cmr.lock.LockType;
import org.alfresco.service.cmr.repository.NodeRef; import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.NodeService; import org.alfresco.service.cmr.repository.NodeService;
import org.alfresco.service.cmr.repository.StoreRef; import org.alfresco.service.cmr.repository.StoreRef;
import org.alfresco.service.cmr.security.AuthenticationService;
import org.alfresco.service.cmr.security.MutableAuthenticationService; import org.alfresco.service.cmr.security.MutableAuthenticationService;
import org.alfresco.service.cmr.security.PermissionService; import org.alfresco.service.cmr.security.PermissionService;
import org.alfresco.service.namespace.QName; import org.alfresco.service.namespace.QName;
@@ -240,4 +243,88 @@ public class IncompleteNodeTaggerTest extends TestCase
// Tag // Tag
checkTagging(nodeRef, true); checkTagging(nodeRef, true);
} }
/**
* Test for MNT-17239: Unexpected changes of cm:modified and cm:modifier
*/
public void testUnexpectedAuditUpdate() throws Exception
{
NodeRef nodeRef = createNode("abc", IntegrityTest.TEST_TYPE_WITH_PROPERTIES, null);
checkTagging(nodeRef, true);
// Now remove the aspect.
nodeService.removeAspect(nodeRef, ContentModel.ASPECT_INCOMPLETE);
// Assert the node is not auditable.
Set<QName> aspects = nodeService.getAspects(nodeRef);
assertFalse(aspects.contains(ContentModel.ASPECT_AUDITABLE));
// Add auditable capability.
nodeService.addAspect(nodeRef, ContentModel.ASPECT_AUDITABLE, null);
// Assert the node is now auditable.
aspects = nodeService.getAspects(nodeRef);
assertTrue(aspects.contains(ContentModel.ASPECT_AUDITABLE));
final Map<QName, Serializable> props = nodeService.getProperties(nodeRef);
assertNotNull(props.get(ContentModel.PROP_CREATED));
assertNotNull(props.get(ContentModel.PROP_MODIFIED));
assertNotNull(props.get(ContentModel.PROP_CREATOR));
assertNotNull(props.get(ContentModel.PROP_MODIFIER));
// Authenticate as someone else - someone not able to do anything
final String user = "user-" + UUID.randomUUID();
RunAsWork<Void> createUserWork = new RunAsWork<Void>()
{
public Void doWork() throws Exception
{
if (!authenticationService.authenticationExists(user))
{
authenticationService.createAuthentication(user, user.toCharArray());
}
return null;
}
};
AuthenticationUtil.runAs(createUserWork, AuthenticationUtil.getSystemUserName());
authenticationComponent.setCurrentUser(user);
// Tag
checkTagging(nodeRef, true);
// Check that audit behavior wasn't triggered.
checkAuditableProperties(nodeRef, props);
}
private void assertAuditableProperties(NodeRef nodeRef, Map<QName, Serializable> checkProps)
{
assertTrue("Auditable aspect not present", nodeService.hasAspect(nodeRef, ContentModel.ASPECT_AUDITABLE));
Map<QName, Serializable> props = nodeService.getProperties(nodeRef);
assertNotNull(props.get(ContentModel.PROP_CREATED));
assertNotNull(props.get(ContentModel.PROP_MODIFIED));
assertNotNull(props.get(ContentModel.PROP_CREATOR));
assertNotNull(props.get(ContentModel.PROP_MODIFIER));
if (checkProps != null)
{
assertEquals("PROP_CREATED not correct", checkProps.get(ContentModel.PROP_CREATED), props.get(ContentModel.PROP_CREATED));
assertEquals("PROP_MODIFIED not correct", checkProps.get(ContentModel.PROP_MODIFIED), props.get(ContentModel.PROP_MODIFIED));
assertEquals("PROP_CREATOR not correct", checkProps.get(ContentModel.PROP_CREATOR), props.get(ContentModel.PROP_CREATOR));
assertEquals("PROP_MODIFIER not correct", checkProps.get(ContentModel.PROP_MODIFIER), props.get(ContentModel.PROP_MODIFIER));
}
}
private void checkAuditableProperties(NodeRef nodeRef, Map<QName, Serializable> checkProps)
{
tagger.beforeCommit(false);
RunAsWork<Void> checkWork = new RunAsWork<Void>()
{
public Void doWork() throws Exception
{
assertAuditableProperties(nodeRef, checkProps);
return null;
}
};
AuthenticationUtil.runAs(checkWork, AuthenticationUtil.getSystemUserName());
}
} }