Fix to AVM->ADM Share Site migration patch to disable rules during node processing

- recent changes (unsure which...) mean that somewhere in rules services a RunAs(system) is interfering with the RunAs(user) already set on the outer txn - this means that all Share sites migrated from 3.X to 4.0 in the last couple of weeks (including Community 4.0a) will not have the correct user permissions. git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@30914 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2025-08-07 17:49:17 +00:00 · 2011-10-03 12:49:32 +00:00
parent 9687430000
commit 6c517ea99a
2 changed files with 28 additions and 14 deletions
--- a/source/java/org/alfresco/repo/admin/patch/impl/AVMToADMRemoteStorePatch.java
+++ b/source/java/org/alfresco/repo/admin/patch/impl/AVMToADMRemoteStorePatch.java
@@ -41,7 +41,6 @@ import org.alfresco.repo.batch.BatchProcessWorkProvider;
 import org.alfresco.repo.batch.BatchProcessor;
 import org.alfresco.repo.batch.BatchProcessor.BatchProcessWorker;
 import org.alfresco.repo.security.authentication.AuthenticationUtil;
-import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
 import org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback;
 import org.alfresco.service.cmr.avm.AVMNodeDescriptor;
 import org.alfresco.service.cmr.avm.AVMService;
@@ -55,6 +54,7 @@ import org.alfresco.service.cmr.repository.ContentWriter;
 import org.alfresco.service.cmr.repository.DuplicateChildNodeNameException;
 import org.alfresco.service.cmr.repository.InvalidNodeRefException;
 import org.alfresco.service.cmr.repository.NodeRef;
+import org.alfresco.service.cmr.rule.RuleService;
 import org.alfresco.service.cmr.site.SiteInfo;
 import org.alfresco.service.cmr.site.SiteService;
 import org.alfresco.service.namespace.NamespaceService;
@@ -111,6 +111,7 @@ public class AVMToADMRemoteStorePatch extends AbstractPatch
    private FileFolderService fileFolderService;
    private SiteService siteService;
    private AVMService avmService;
+    private RuleService ruleService;
    private String avmStore;
    private String avmRootPath = "/";
    
@@ -146,6 +147,14 @@ public class AVMToADMRemoteStorePatch extends AbstractPatch
    {
        this.avmService = avmService;
    }
+    
+    /**
+     * @param ruleService       the rule service to set
+     */
+    public void setRuleService(RuleService ruleService)
+    {
+        this.ruleService = ruleService;
+    }

    /**
     * @param avmStore          the avmStore to set
@@ -306,6 +315,7 @@ public class AVMToADMRemoteStorePatch extends AbstractPatch
                    {
                        // create the 'surf-config' folder for the site and cache the NodeRef to it
                        NodeRef surfConfigRef = getSurfConfigNodeRef(siteRef);
+                        // TODO: create components and pages folders here would also reduce contention
                        siteReferenceCache.put(siteName, surfConfigRef);
                    }
                    else
@@ -360,12 +370,14 @@ public class AVMToADMRemoteStorePatch extends AbstractPatch
                @Override
                public void beforeProcess() throws Throwable
                {
+                    ruleService.disableRules();
                    AuthenticationUtil.setRunAsUser(tenantSystemUser);
                }
                
                @Override
                public void afterProcess() throws Throwable
                {
+                    ruleService.enableRules();
                    AuthenticationUtil.clearCurrentSecurityContext();
                }
                
@@ -524,20 +536,21 @@ public class AVMToADMRemoteStorePatch extends AbstractPatch
                if (userId != null)
                {
                    // run as the appropriate user id to execute
-                    final NodeRef parentFolderRef = parentFolder;
-                    AuthenticationUtil.runAs(new RunAsWork<Void>()
+                    AuthenticationUtil.pushAuthentication();
+                    AuthenticationUtil.setFullyAuthenticatedUser(userId);
+                    try
                    {
-                        public Void doWork() throws Exception
-                        {
-                            // create new node and perform writer content copy of the content from the AVM to the DM store
-                            FileInfo fileInfo = fileFolderService.create(
-                                    parentFolderRef, avmNode.getName(), ContentModel.TYPE_CONTENT);
-                            ContentWriter writer = contentService.getWriter(
-                                    fileInfo.getNodeRef(), ContentModel.PROP_CONTENT, true);
-                            writer.putContent(avmService.getContentReader(-1, avmNode.getPath()));
-                            return null;
-                        }
-                    }, userId);
+                        // create new node and perform writer content copy of the content from the AVM to the DM store
+                        FileInfo fileInfo = fileFolderService.create(
+                                parentFolder, avmNode.getName(), ContentModel.TYPE_CONTENT);
+                        ContentWriter writer = contentService.getWriter(
+                                fileInfo.getNodeRef(), ContentModel.PROP_CONTENT, true);
+                        writer.putContent(avmService.getContentReader(-1, avmNode.getPath()));
+                    }
+                    finally
+                    {
+                        AuthenticationUtil.popAuthentication();
+                    }
                }
                else
                {