diff --git a/rm-server/config/alfresco/module/org_alfresco_module_rm/module-context.xml b/rm-server/config/alfresco/module/org_alfresco_module_rm/module-context.xml
index b2dfe6af60..2a54c34b40 100644
--- a/rm-server/config/alfresco/module/org_alfresco_module_rm/module-context.xml
+++ b/rm-server/config/alfresco/module/org_alfresco_module_rm/module-context.xml
@@ -23,7 +23,7 @@
-
+
@@ -47,9 +47,9 @@
-
-
+
+
diff --git a/rm-server/config/alfresco/module/org_alfresco_module_rm/patch/rm-patch-v30-context.xml b/rm-server/config/alfresco/module/org_alfresco_module_rm/patch/rm-patch-v30-context.xml
index e20ca25d0b..f57927e2d9 100644
--- a/rm-server/config/alfresco/module/org_alfresco_module_rm/patch/rm-patch-v30-context.xml
+++ b/rm-server/config/alfresco/module/org_alfresco_module_rm/patch/rm-patch-v30-context.xml
@@ -5,13 +5,13 @@
-
-
+ class="org.alfresco.module.org_alfresco_module_rm.patch.v30.RMv30ClearanceForAdmin">
+
-
+
\ No newline at end of file
diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/bootstrap/BootstrapImporterModuleComponent.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/bootstrap/BootstrapImporterModuleComponent.java
index b426c26cb5..5dad9139df 100644
--- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/bootstrap/BootstrapImporterModuleComponent.java
+++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/bootstrap/BootstrapImporterModuleComponent.java
@@ -43,8 +43,8 @@ public class BootstrapImporterModuleComponent extends ImporterModuleComponent
/** record contributors group bootstrap component */
private RecordContributorsGroupBootstrapComponent recordContributorsGroupBootstrapComponent;
- /** Clearances for special users bootstrap component. */
- private ClearancesForSpecialUsersBootstrapComponent clearancesForSpecialUsersBootstrapComponent;
+ /** Clearance for admin bootstrap component. */
+ private ClearanceForAdminBootstrapComponent clearanceForAdminBootstrapComponent;
/**
* @param nodeService node service
@@ -71,12 +71,12 @@ public class BootstrapImporterModuleComponent extends ImporterModuleComponent
}
/**
- * @param clearancesForSpecialUsersBootstrapComponent The bootstrap component that give the admin and system users
- * the maximum clearance.
+ * @param clearanceForAdminBootstrapComponent The bootstrap component that give the admin user the maximum
+ * clearance.
*/
- public void setClearancesForSpecialUsersBootstrapComponent(ClearancesForSpecialUsersBootstrapComponent clearancesForSpecialUsersBootstrapComponent)
+ public void setClearanceForAdminBootstrapComponent(ClearanceForAdminBootstrapComponent clearanceForAdminBootstrapComponent)
{
- this.clearancesForSpecialUsersBootstrapComponent = clearancesForSpecialUsersBootstrapComponent;
+ this.clearanceForAdminBootstrapComponent = clearanceForAdminBootstrapComponent;
}
/**
@@ -94,7 +94,7 @@ public class BootstrapImporterModuleComponent extends ImporterModuleComponent
// Bootstrap creation of initial data.
recordContributorsGroupBootstrapComponent.createRecordContributorsGroup();
- clearancesForSpecialUsersBootstrapComponent.createClearancesForSpecialUsers();
+ clearanceForAdminBootstrapComponent.createClearanceForAdmin();
// init module schema number
modulePatchExecuter.initSchemaVersion();
diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/bootstrap/ClearancesForSpecialUsersBootstrapComponent.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/bootstrap/ClearanceForAdminBootstrapComponent.java
similarity index 78%
rename from rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/bootstrap/ClearancesForSpecialUsersBootstrapComponent.java
rename to rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/bootstrap/ClearanceForAdminBootstrapComponent.java
index cecbc9a0c4..7e0ab94892 100644
--- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/bootstrap/ClearancesForSpecialUsersBootstrapComponent.java
+++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/bootstrap/ClearanceForAdminBootstrapComponent.java
@@ -22,19 +22,19 @@ import java.io.Serializable;
import org.alfresco.module.org_alfresco_module_rm.classification.ClassificationServiceBootstrap;
import org.alfresco.module.org_alfresco_module_rm.classification.model.ClassifiedContentModel;
-import org.alfresco.module.org_alfresco_module_rm.patch.v30.RMv30ClearancesForSpecialUsers;
+import org.alfresco.module.org_alfresco_module_rm.patch.v30.RMv30ClearanceForAdmin;
import org.alfresco.module.org_alfresco_module_rm.util.AuthenticationUtil;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.NodeService;
import org.alfresco.service.cmr.security.PersonService;
/**
- * Provide the highest clearance to the admin and system users. This needs to be run once (either bootstrapped into a
- * fresh system, or as part of an upgrade in {@link RMv30ClearancesForSpecialUsers}) per installation.
+ * Provide the highest clearance to the admin user. This needs to be run once (either bootstrapped into a
+ * fresh system, or as part of an upgrade in {@link RMv30ClearanceForAdmin}) per installation.
*
* @author tpage
*/
-public class ClearancesForSpecialUsersBootstrapComponent implements ClassifiedContentModel
+public class ClearanceForAdminBootstrapComponent implements ClassifiedContentModel
{
private AuthenticationUtil authenticationUtil;
private NodeService nodeService;
@@ -47,9 +47,9 @@ public class ClearancesForSpecialUsersBootstrapComponent implements ClassifiedCo
public void setClassificationServiceBootstrap(ClassificationServiceBootstrap classificationServiceBootstrap) { this.classificationServiceBootstrap = classificationServiceBootstrap; }
/**
- * Give the admin and system users the maximum clearance.
+ * Give the admin user the maximum clearance.
*/
- public void createClearancesForSpecialUsers()
+ public void createClearanceForAdmin()
{
// Ensure the classification levels are loaded before this patch runs. (Nb. This will result in the
// classification service bootstrap method being called twice on the start-up that includes this call).
@@ -57,11 +57,8 @@ public class ClearancesForSpecialUsersBootstrapComponent implements ClassifiedCo
Serializable mostSecureLevel = classificationServiceBootstrap.getClassificationLevelManager()
.getMostSecureLevel().getId();
- String systemUserName = authenticationUtil.getSystemUserName();
- NodeRef system = personService.getPerson(systemUserName);
- nodeService.setProperty(system, PROP_CLEARANCE_LEVEL, mostSecureLevel);
String adminUserName = authenticationUtil.getAdminUserName();
- NodeRef admin = personService.getPerson(adminUserName);
+ NodeRef admin = personService.getPerson(adminUserName, false);
nodeService.setProperty(admin, PROP_CLEARANCE_LEVEL, mostSecureLevel);
}
}
diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/classification/SecurityClearance.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/classification/SecurityClearance.java
index 33139aef71..e6f3de52ad 100644
--- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/classification/SecurityClearance.java
+++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/classification/SecurityClearance.java
@@ -39,7 +39,7 @@ public final class SecurityClearance implements Serializable
public SecurityClearance(final PersonInfo personInfo, final ClearanceLevel clearanceLevel)
{
- Objects.requireNonNull(personInfo);
+ // Do not check the PersonInfo, as it may be null for the system user's SecurityClearance.
Objects.requireNonNull(clearanceLevel);
this.personInfo = personInfo;
diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/classification/SecurityClearanceServiceImpl.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/classification/SecurityClearanceServiceImpl.java
index dbc69fdf4a..14d3ca280d 100644
--- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/classification/SecurityClearanceServiceImpl.java
+++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/classification/SecurityClearanceServiceImpl.java
@@ -72,13 +72,18 @@ public class SecurityClearanceServiceImpl extends ServiceBaseImpl implements Sec
}
/**
- * Gets the users security clearnace.
+ * Gets the user's security clearance.
*
- * @param userName user name
- * @return {@link SecurityClearance} provides information about the user and their clearance level
+ * @param userName user name
+ * @return {@link SecurityClearance} provides information about the user and their clearance level
*/
private SecurityClearance getUserSecurityClearance(final String userName)
{
+ if (authenticationUtil.isRunAsUserTheSystemUser())
+ {
+ return new SecurityClearance(null, clearanceManager.getMostSecureLevel());
+ }
+
final NodeRef personNode = personService.getPerson(userName, false);
final PersonInfo personInfo = personService.getPerson(personNode);
diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/patch/v30/RMv30ClearancesForSpecialUsers.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/patch/v30/RMv30ClearanceForAdmin.java
similarity index 69%
rename from rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/patch/v30/RMv30ClearancesForSpecialUsers.java
rename to rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/patch/v30/RMv30ClearanceForAdmin.java
index cd3c9445ad..1f4945b76e 100644
--- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/patch/v30/RMv30ClearancesForSpecialUsers.java
+++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/patch/v30/RMv30ClearanceForAdmin.java
@@ -18,31 +18,31 @@
*/
package org.alfresco.module.org_alfresco_module_rm.patch.v30;
-import org.alfresco.module.org_alfresco_module_rm.bootstrap.ClearancesForSpecialUsersBootstrapComponent;
+import org.alfresco.module.org_alfresco_module_rm.bootstrap.ClearanceForAdminBootstrapComponent;
import org.alfresco.module.org_alfresco_module_rm.patch.AbstractModulePatch;
/**
- * Patch to provide the highest clearance to the admin and system users.
+ * Patch to provide the highest clearance to the admin user.
*
* @author tpage
*/
-public class RMv30ClearancesForSpecialUsers extends AbstractModulePatch
+public class RMv30ClearanceForAdmin extends AbstractModulePatch
{
- private ClearancesForSpecialUsersBootstrapComponent bootstrapComponent;
+ private ClearanceForAdminBootstrapComponent bootstrapComponent;
- public void setBootstrapComponent(ClearancesForSpecialUsersBootstrapComponent bootstrapComponent)
+ public void setBootstrapComponent(ClearanceForAdminBootstrapComponent bootstrapComponent)
{
this.bootstrapComponent = bootstrapComponent;
}
/**
- * Give the admin and system users the maximum clearance.
+ * Give the admin user the maximum clearance.
*
* @see org.alfresco.module.org_alfresco_module_rm.patch.AbstractModulePatch#applyInternal()
*/
@Override
public void applyInternal()
{
- bootstrapComponent.createClearancesForSpecialUsers();
+ bootstrapComponent.createClearanceForAdmin();
}
}
diff --git a/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/bootstrap/BootstrapImporterModuleComponentUnitTest.java b/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/bootstrap/BootstrapImporterModuleComponentUnitTest.java
index 0e5faeb982..92bdc889d3 100644
--- a/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/bootstrap/BootstrapImporterModuleComponentUnitTest.java
+++ b/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/bootstrap/BootstrapImporterModuleComponentUnitTest.java
@@ -44,10 +44,10 @@ public class BootstrapImporterModuleComponentUnitTest extends BaseUnitTest
private static final NodeRef configNodeRef = new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, "rm_config_folder");
/** mocks */
- @Mock(name="importer") private ImporterBootstrap mockedImporter;
- @Mock(name="modulePatchExecuter") private ModulePatchExecuter mockedModulePatchExecuter;
- @Mock(name="recordContributorsGroupBootstrapComponent") private RecordContributorsGroupBootstrapComponent mockedRecordContributorsGroupBootstrapComponent;
- @Mock(name="clearancesForSpecialUsersBootstrapComponent") private ClearancesForSpecialUsersBootstrapComponent mockedClearancesForSpecialUsersBootstrapComponent;
+ @Mock(name="importer") private ImporterBootstrap mockedImporter;
+ @Mock(name="modulePatchExecuter") private ModulePatchExecuter mockedModulePatchExecuter;
+ @Mock(name="recordContributorsGroupBootstrapComponent") private RecordContributorsGroupBootstrapComponent mockedRecordContributorsGroupBootstrapComponent;
+ @Mock(name="clearanceForAdminBootstrapComponent") private ClearanceForAdminBootstrapComponent mockedClearanceForAdminBootstrapComponent;
/** importer */
@InjectMocks
diff --git a/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/bootstrap/ClearancesForSpecialUsersBootstrapComponentUnitTest.java b/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/bootstrap/ClearanceForAdminBootstrapComponentUnitTest.java
similarity index 74%
rename from rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/bootstrap/ClearancesForSpecialUsersBootstrapComponentUnitTest.java
rename to rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/bootstrap/ClearanceForAdminBootstrapComponentUnitTest.java
index b435481c50..dfb8baa3d8 100644
--- a/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/bootstrap/ClearancesForSpecialUsersBootstrapComponentUnitTest.java
+++ b/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/bootstrap/ClearanceForAdminBootstrapComponentUnitTest.java
@@ -37,13 +37,13 @@ import org.mockito.InjectMocks;
import org.mockito.Mock;
/**
- * Unit tests for {@link ClearancesForSpecialUsersBootstrapComponent}.
+ * Unit tests for {@link ClearanceForAdminBootstrapComponent}.
*
* @author tpage
*/
-public class ClearancesForSpecialUsersBootstrapComponentUnitTest implements ClassifiedContentModel
+public class ClearanceForAdminBootstrapComponentUnitTest implements ClassifiedContentModel
{
- @InjectMocks ClearancesForSpecialUsersBootstrapComponent clearancesForSpecialUsersBootstrapComponent;
+ @InjectMocks ClearanceForAdminBootstrapComponent clearanceForAdminBootstrapComponent;
@Mock AuthenticationUtil mockAuthenticationUtil;
@Mock PersonService mockPersonService;
@Mock NodeService mockNodeService;
@@ -54,8 +54,8 @@ public class ClearancesForSpecialUsersBootstrapComponentUnitTest implements Clas
initMocks(this);
}
- /** Check that the system and admin users get assigned the provided clearance. */
- @Test public void testCreateClearancesForSpecialUsers()
+ /** Check that the admin user gets assigned the provided clearance. */
+ @Test public void testCreateClearanceForAdmin()
{
// Allow the classification level id to be found.
ClassificationLevel level = new ClassificationLevel("id", "displayLabelKey");
@@ -63,18 +63,14 @@ public class ClearancesForSpecialUsersBootstrapComponentUnitTest implements Clas
when(mockClassificationLevelManager.getMostSecureLevel()).thenReturn(level);
when(mockClassificationServiceBootstrap.getClassificationLevelManager()).thenReturn(mockClassificationLevelManager);
- // Set up the admin and system users.
- when(mockAuthenticationUtil.getSystemUserName()).thenReturn("system");
- NodeRef system = new NodeRef("system://node/");
- when(mockPersonService.getPerson("system")).thenReturn(system);
+ // Set up the admin user.
when(mockAuthenticationUtil.getAdminUserName()).thenReturn("admin");
NodeRef admin = new NodeRef("admin://node/");
- when(mockPersonService.getPerson("admin")).thenReturn(admin);
+ when(mockPersonService.getPerson("admin", false)).thenReturn(admin);
// Call the method under test.
- clearancesForSpecialUsersBootstrapComponent.createClearancesForSpecialUsers();
+ clearanceForAdminBootstrapComponent.createClearanceForAdmin();
- verify(mockNodeService).setProperty(system, PROP_CLEARANCE_LEVEL, "id");
verify(mockNodeService).setProperty(admin, PROP_CLEARANCE_LEVEL, "id");
// Check that the classification levels were loaded.
verify(mockClassificationServiceBootstrap).onBootstrap(null);