Fixed major issues (Malicious code vulnerability - Field is a mutable array) reported in Sonar

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@89720 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261

rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/record/RecordServiceImpl.java

@@ -20,6 +20,7 @@ package org.alfresco.module.org_alfresco_module_rm.record;
 
 import java.io.Serializable;
 import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.Calendar;
 import java.util.Collection;
 import java.util.Collections;
@@ -138,14 +139,14 @@ public class RecordServiceImpl extends BaseBehaviourBean
      };
 
     /** record model URI's */
-    public static final String[] RECORD_MODEL_URIS = new String[]
+    public static final List<String> RECORD_MODEL_URIS = Collections.unmodifiableList(
-    {
+        Arrays.asList(
             RM_URI,
             RM_CUSTOM_URI,
             ReportModel.RMR_URI,
             RecordableVersionModel.RMV_URI,
             DOD5015Model.DOD_URI
-    };
+    ));
 
     /** non-record model URI's */
     private static final String[] NON_RECORD_MODEL_URIS = new String[]
@@ -1363,7 +1364,7 @@ public class RecordServiceImpl extends BaseBehaviourBean
         else
         {
             // check the URI's
-            result = ArrayUtils.contains(RECORD_MODEL_URIS, property.getNamespaceURI());
+            result = RECORD_MODEL_URIS.contains(property.getNamespaceURI());
 
             // check the custom model
             if (!result && !ArrayUtils.contains(NON_RECORD_MODEL_URIS, property.getNamespaceURI()))

rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/version/RecordableVersionNodeServiceImpl.java

@@ -18,6 +18,8 @@
  */
 package org.alfresco.module.org_alfresco_module_rm.version;
 
+import static org.alfresco.module.org_alfresco_module_rm.record.RecordServiceImpl.RECORD_MODEL_URIS;
+
 import java.io.Serializable;
 import java.util.Date;
 import java.util.HashMap;
@@ -28,14 +30,12 @@ import java.util.Set;
 import org.alfresco.model.ContentModel;
 import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
 import org.alfresco.module.org_alfresco_module_rm.record.RecordService;
-import org.alfresco.module.org_alfresco_module_rm.record.RecordServiceImpl;
 import org.alfresco.repo.version.Node2ServiceImpl;
 import org.alfresco.repo.version.Version2Model;
 import org.alfresco.repo.version.common.VersionUtil;
 import org.alfresco.service.cmr.repository.InvalidNodeRefException;
 import org.alfresco.service.cmr.repository.NodeRef;
 import org.alfresco.service.namespace.QName;
-import org.apache.commons.lang.ArrayUtils;
 
 /**
  * Extended version node service implementation that supports the retrieval of
@@ -98,7 +98,7 @@ public class RecordableVersionNodeServiceImpl extends Node2ServiceImpl
             if (!PROP_RECORDABLE_VERSION_POLICY.equals(property) &&
                     !PROP_FILE_PLAN.equals(property) &&
                     (recordService.isRecordMetadataProperty(property) ||
-                 ArrayUtils.contains(RecordServiceImpl.RECORD_MODEL_URIS, property.getNamespaceURI())))
+                            RECORD_MODEL_URIS.contains(property.getNamespaceURI())))
             {
                 properties.remove(property);
             }
@@ -218,7 +218,7 @@ public class RecordableVersionNodeServiceImpl extends Node2ServiceImpl
         {
             if (!ASPECT_VERSIONABLE.equals(aspect) &&
                     (recordService.isRecordMetadataAspect(aspect) ||
-                 ArrayUtils.contains(RecordServiceImpl.RECORD_MODEL_URIS, aspect.getNamespaceURI())))
+                            RECORD_MODEL_URIS.contains(aspect.getNamespaceURI())))
             {
                 result.remove(aspect);
             }