Merged 5.2.0 (5.2.0) to HEAD (5.2)

133416 rneamtu: Merged 5.2.N (5.2.1) to 5.2.0 (5.2.0) 133350 rneamtu: ACE-5647: [Win7,chrome] Configure dashboard - Configuration not saved after removing dashlets to trashcan -Run the deleteDocument action as pathRunAsUser (system for non-admin users) same as is done for updateDocument and createDocument. git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@133563 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2025-08-14 17:58:59 +00:00 · 2016-12-12 09:38:58 +00:00
parent d55a13c3c3
commit 2bcc803206
1 changed files with 37 additions and 27 deletions
--- a/source/java/org/alfresco/repo/web/scripts/bean/ADMRemoteStore.java
+++ b/source/java/org/alfresco/repo/web/scripts/bean/ADMRemoteStore.java
@@ -625,33 +625,43 @@ public class ADMRemoteStore extends BaseRemoteStore
            res.setStatus(Status.STATUS_NOT_FOUND);
            return;
        }
-        
-        try
-        {
-            final NodeRef fileRef = fileInfo.getNodeRef();
-            this.nodeService.addAspect(fileRef, ContentModel.ASPECT_TEMPORARY, null);
-            
-            // ALF-17729
-            NodeRef parentFolderRef = unprotNodeService.getPrimaryParent(fileRef).getParentRef();
-            behaviourFilter.disableBehaviour(parentFolderRef, ContentModel.ASPECT_AUDITABLE);
-            
-            try
-            {
-                this.nodeService.deleteNode(fileRef);
-            }
-            finally
-            {
-                behaviourFilter.enableBehaviour(parentFolderRef, ContentModel.ASPECT_AUDITABLE);
-            }
-            
-            if (logger.isDebugEnabled())
-                logger.debug("deleteDocument: " + fileInfo.toString());
-        }
-        catch (AccessDeniedException ae)
-        {
-            res.setStatus(Status.STATUS_UNAUTHORIZED);
-            throw ae;
-        }
+        
+        final String runAsUser = getPathRunAsUser(path);
+        AuthenticationUtil.runAs(new RunAsWork<Void>()
+        {
+            @SuppressWarnings("synthetic-access")
+            public Void doWork() throws Exception
+            {
+                try
+                {
+                    final NodeRef fileRef = fileInfo.getNodeRef();
+                    // MNT-16371: Revoke ownership privileges for surf-config folder contents, to tighten access for former SiteManagers.
+                    nodeService.addAspect(fileRef, ContentModel.ASPECT_TEMPORARY, null);
+
+                    // ALF-17729
+                    NodeRef parentFolderRef = unprotNodeService.getPrimaryParent(fileRef).getParentRef();
+                    behaviourFilter.disableBehaviour(parentFolderRef, ContentModel.ASPECT_AUDITABLE);
+
+                    try
+                    {
+                        nodeService.deleteNode(fileRef);
+                    }
+                    finally
+                    {
+                        behaviourFilter.enableBehaviour(parentFolderRef, ContentModel.ASPECT_AUDITABLE);
+                    }
+
+                    if (logger.isDebugEnabled())
+                        logger.debug("deleteDocument: " + fileInfo.toString());
+                }
+                catch (AccessDeniedException ae)
+                {
+                    res.setStatus(Status.STATUS_UNAUTHORIZED);
+                    throw ae;
+                }
+                return null;
+            }
+        }, runAsUser);
    }

    /**