RM-1224 (Rmadmin user is not created if auth chain contains not only ALfrescoNTLM)

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@73546 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2025-07-31 17:39:05 +00:00 · 2014-06-11 08:53:23 +00:00
parent 249c03c345
commit a2400a047c
27 changed files with 225 additions and 733 deletions
--- a/rm-server/config/alfresco/module/org_alfresco_module_rm/action-context.xml
+++ b/rm-server/config/alfresco/module/org_alfresco_module_rm/action-context.xml
@@ -14,7 +14,6 @@
   <!--  Create record action -->
   <bean id="create-record" parent="action-executer" class="org.alfresco.module.org_alfresco_module_rm.action.dm.CreateRecordAction">
      <property name="filePlanAuthenticationService" ref="FilePlanAuthenticationService"/>
      <property name="recordService" ref="RecordService" />
      <property name="nodeService" ref="NodeService" />
      <property name="filePlanService" ref="FilePlanService" />
--- a/rm-server/config/alfresco/module/org_alfresco_module_rm/alfresco-global.properties
+++ b/rm-server/config/alfresco/module/org_alfresco_module_rm/alfresco-global.properties
@@ -25,17 +25,9 @@ cache.writersSharedCache.maxItems=10000
 cache.writersSharedCache.cluster.type=fully-distributed
 #
-# Global RM admin default bootstrap details
+# Indicates whether RM rules will be run as Admin or not by default
 #
-# Note: rmadmin is created with a randomly generated password.  This can be changed by 'admin' if
+rm.rule.runasadmin=true
 #       required.
 #
 bootstrap.rmadmin.name=rmadmin
 #
 # Indicates whether RM rules will be run as RM Admin or not by default
 #
 rm.rule.runasrmadmin=true
 #
 # Auto-complete suggestion parameters
--- a/rm-server/config/alfresco/module/org_alfresco_module_rm/extended-repository-context.xml
+++ b/rm-server/config/alfresco/module/org_alfresco_module_rm/extended-repository-context.xml
@@ -219,10 +219,9 @@
        </property>
    	<!--  Since RM 2.1 -->
    	<property name="filePlanAuthenticationService" ref="FilePlanAuthenticationService"/>
    	<property name="filePlanService" ref="FilePlanService" />
-    	<property name="runAsRmAdmin">
+    	<property name="runAsAdmin">
-    		<value>${rm.rule.runasrmadmin}</value>
+    		<value>${rm.rule.runasadmin}</value>
    	</property>
        <property name="recordService" ref="RecordService" />
--- a/rm-server/config/alfresco/module/org_alfresco_module_rm/messages/rm-system.properties
+++ b/rm-server/config/alfresco/module/org_alfresco_module_rm/messages/rm-system.properties
@@ -1,6 +1,3 @@
 bootstrap.rmadmin.firstName=Records Management
 bootstrap.rmadmin.lastName=System Administrator
 rm.hold.name=Hold
 ## Defaut roles
--- a/rm-server/config/alfresco/module/org_alfresco_module_rm/patch/rm-patch-v21-context.xml
+++ b/rm-server/config/alfresco/module/org_alfresco_module_rm/patch/rm-patch-v21-context.xml
@@ -52,21 +52,6 @@
      <property name="capabilityService" ref="CapabilityService"/>
   </bean>
   <bean id="org_alfresco_module_rm_RMv21RMAdminUserPatch"
         parent="rm.baseModulePatch"
         class="org.alfresco.module.org_alfresco_module_rm.patch.v21.RMv21RMAdminUserPatch">
      <property name="moduleId" value="org_alfresco_module_rm"/>
      <property name="name" value="org_alfresco_module_rm_RMv21RMAdminUserPatch"/>
      <property name="description" value="Adds the global RM admin user to all existing file plans."/>
      <property name="sinceVersion" value="2.1"/>
      <property name="appliesFromVersion" value="2.1"/>
      <property name="filePlanService" ref="FilePlanService"/>
      <property name="filePlanRoleService" ref="FilePlanRoleService"/>
      <property name="authenticationService" ref="AuthenticationService" />
      <property name="personService" ref="PersonService" />
      <property name="filePlanAuthenticationService" ref="FilePlanAuthenticationService" />
   </bean>
   <bean id="org_alfresco_module_rm_RMv21RecordInheritancePatch"
         parent="rm.baseModulePatch"
         class="org.alfresco.module.org_alfresco_module_rm.patch.v21.RMv21RecordInheritancePatch">
@@ -118,5 +103,5 @@
      <property name="fileFolderService" ref="FileFolderService"/>
      <property name="nodeService" ref="NodeService"/>
   </bean>
-   
+
 </beans>
--- a/rm-server/config/alfresco/module/org_alfresco_module_rm/rm-service-context.xml
+++ b/rm-server/config/alfresco/module/org_alfresco_module_rm/rm-service-context.xml
@@ -41,7 +41,6 @@
    <bean id="org_alfresco_module_rm_dispositionSelectionStrategy"
          class="org.alfresco.module.org_alfresco_module_rm.disposition.DispositionSelectionStrategy" >
        <property name="dispositionService" ref="dispositionService"/>
        <property name="filePlanAuthenticationService" ref="FilePlanAuthenticationService"/>
    </bean>
    <!--  Vital Record Service -->
@@ -496,10 +495,6 @@
        <property name="permissionService" ref="PermissionService"/>
        <property name="nodeService" ref="NodeService"/>
        <property name="filePlanService" ref="FilePlanService" />
        <property name="filePlanAuthenticationService" ref="FilePlanAuthenticationService" />
        <property name="authenticationService" ref="AuthenticationService" />
        <property name="personService" ref="PersonService" />
        <!-- init repo for when a tenant is created -->
        <property name="bootstrapImporterModuleComponent" ref="org_alfresco_module_rm_bootstrapData"/>
@@ -1088,7 +1083,7 @@
        <property name="objectDefinitionSource">
            <value>
                <![CDATA[
-                org.alfresco.module.org_alfresco_module_rm.record.RecordService.registerRecordMetadataAspect=RM_ALLOW                
+                org.alfresco.module.org_alfresco_module_rm.record.RecordService.registerRecordMetadataAspect=RM_ALLOW
                org.alfresco.module.org_alfresco_module_rm.record.RecordService.disablePropertyEditableCheck=RM_ALLOW
                org.alfresco.module.org_alfresco_module_rm.record.RecordService.enablePropertyEditableCheck=RM_ALLOW
                org.alfresco.module.org_alfresco_module_rm.record.RecordService.getRecordMetaDataAspects=RM_ALLOW
@@ -1112,45 +1107,6 @@
        </property>
    </bean>
    <!--  File Plan Authentication Service -->
    <bean id="filePlanAuthenticationService"
          class="org.alfresco.module.org_alfresco_module_rm.security.FilePlanAuthenticationServiceImpl">
        <property name="rmAdminUserName" value="${bootstrap.rmadmin.name}" />
        <property name="tenantService">
            <ref bean="tenantService"/>
        </property>
    </bean>
    <bean id="FilePlanAuthenticationService" class="org.springframework.aop.framework.ProxyFactoryBean">
        <property name="proxyInterfaces">
            <value>org.alfresco.module.org_alfresco_module_rm.security.FilePlanAuthenticationService</value>
        </property>
        <property name="target">
            <ref bean="filePlanAuthenticationService"/>
        </property>
        <property name="interceptorNames">
            <list>
                <idref local="FilePlanAuthenticationService_transaction"/>
                <idref bean="exceptionTranslator"/>
                <idref local="FilePlanAuthenticationService_security"/>
            </list>
        </property>
    </bean>
    <bean id="FilePlanAuthenticationService_transaction" parent="baseTransaction"/>
    <bean id="FilePlanAuthenticationService_security" parent="baseSecurity">
        <property name="objectDefinitionSource">
            <value>
                <![CDATA[
             org.alfresco.module.org_alfresco_module_rm.security.FilePlanAuthenticationService.*=RM_ALLOW
                ]]>
            </value>
        </property>
    </bean>
    <!--  Custom EMail Mapping Service -->
    <bean id="customEmailMappingService"
      class="org.alfresco.module.org_alfresco_module_rm.email.CustomEmailMappingServiceImpl" >
--- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/RecordsManagementServiceRegistry.java
+++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/RecordsManagementServiceRegistry.java
@@ -31,7 +31,6 @@ import org.alfresco.module.org_alfresco_module_rm.record.RecordService;
 import org.alfresco.module.org_alfresco_module_rm.recordfolder.RecordFolderService;
 import org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService;
 import org.alfresco.module.org_alfresco_module_rm.security.ExtendedSecurityService;
 import org.alfresco.module.org_alfresco_module_rm.security.FilePlanAuthenticationService;
 import org.alfresco.module.org_alfresco_module_rm.security.FilePlanPermissionService;
 import org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService;
 import org.alfresco.module.org_alfresco_module_rm.transfer.TransferService;
@@ -163,12 +162,6 @@ public interface RecordsManagementServiceRegistry extends ServiceRegistry
    @NotAuditable
    FilePlanPermissionService getFilePlanPermissionService();
    /**
     * @return file plan authentication service
     * @since 2.1
     */
    FilePlanAuthenticationService getFilePlanAuthenticationService();
    /**
     * @return identifier service
     * @since 2.1
--- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/RecordsManagementServiceRegistryImpl.java
+++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/RecordsManagementServiceRegistryImpl.java
@@ -30,7 +30,6 @@ import org.alfresco.module.org_alfresco_module_rm.record.RecordService;
 import org.alfresco.module.org_alfresco_module_rm.recordfolder.RecordFolderService;
 import org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService;
 import org.alfresco.module.org_alfresco_module_rm.security.ExtendedSecurityService;
 import org.alfresco.module.org_alfresco_module_rm.security.FilePlanAuthenticationService;
 import org.alfresco.module.org_alfresco_module_rm.security.FilePlanPermissionService;
 import org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService;
 import org.alfresco.module.org_alfresco_module_rm.transfer.TransferService;
@@ -171,15 +170,6 @@ public class RecordsManagementServiceRegistryImpl extends ServiceDescriptorRegis
        return (FilePlanPermissionService) getService(FILE_PLAN_PERMISSION_SERVICE);
    }
    /**
     * @see org.alfresco.module.org_alfresco_module_rm.RecordsManagementServiceRegistry#getFilePlanAuthenticationService()
     */
    @Override
    public FilePlanAuthenticationService getFilePlanAuthenticationService()
    {
        return (FilePlanAuthenticationService) getService(FILE_PLAN_AUTHENTICATION_SERVICE);
    }
    /**
     * @see org.alfresco.module.org_alfresco_module_rm.RecordsManagementServiceRegistry#getIdentifierService()
     */
--- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/action/dm/CreateRecordAction.java
+++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/action/dm/CreateRecordAction.java
@@ -26,8 +26,8 @@ import org.alfresco.module.org_alfresco_module_rm.action.AuditableActionExecuter
 import org.alfresco.module.org_alfresco_module_rm.fileplan.FilePlanService;
 import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
 import org.alfresco.module.org_alfresco_module_rm.record.RecordService;
 import org.alfresco.module.org_alfresco_module_rm.security.FilePlanAuthenticationService;
 import org.alfresco.repo.action.ParameterDefinitionImpl;
 import org.alfresco.repo.security.authentication.AuthenticationUtil;
 import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
 import org.alfresco.service.cmr.action.Action;
 import org.alfresco.service.cmr.action.ParameterDefinition;
@@ -76,9 +76,6 @@ public class CreateRecordAction extends AuditableActionExecuterAbstractBase
    /** Dictionary service */
    private DictionaryService dictionaryService;
    /** File plan authentication service */
    private FilePlanAuthenticationService filePlanAuthenticationService;
    /**
     * @param recordService record service
     */
@@ -111,14 +108,6 @@ public class CreateRecordAction extends AuditableActionExecuterAbstractBase
        this.dictionaryService = dictionaryService;
    }
    /**
     * @param filePlanAuthenticationService file plan authentication service
     */
    public void setFilePlanAuthenticationService(FilePlanAuthenticationService filePlanAuthenticationService)
    {
        this.filePlanAuthenticationService = filePlanAuthenticationService;
    }
    /**
     * @see org.alfresco.repo.action.executer.ActionExecuterAbstractBase#executeImpl(org.alfresco.service.cmr.action.Action, org.alfresco.service.cmr.repository.NodeRef)
     */
@@ -181,14 +170,15 @@ public class CreateRecordAction extends AuditableActionExecuterAbstractBase
            if (filePlan == null)
            {
                // TODO .. eventually make the file plan parameter required
-                filePlan = filePlanAuthenticationService.runAsRmAdmin(new RunAsWork<NodeRef>()
+
                filePlan = AuthenticationUtil.runAs(new RunAsWork<NodeRef>()
                {
                    @Override
                    public NodeRef doWork()
                    {
                        return filePlanService.getFilePlanBySiteId(FilePlanService.DEFAULT_RM_SITE_ID);
                    }
-                });
+                }, AuthenticationUtil.getAdminUserName());
                // if the file plan is still null, raise an exception
                if (filePlan == null)
--- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/disposition/DispositionSelectionStrategy.java
+++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/disposition/DispositionSelectionStrategy.java
@@ -25,7 +25,7 @@ import java.util.SortedSet;
 import java.util.TreeSet;
 import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
-import org.alfresco.module.org_alfresco_module_rm.security.FilePlanAuthenticationService;
+import org.alfresco.repo.security.authentication.AuthenticationUtil;
 import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
 import org.alfresco.service.cmr.repository.NodeRef;
 import org.apache.commons.logging.Log;
@@ -47,9 +47,6 @@ public class DispositionSelectionStrategy implements RecordsManagementModel
    /** Disposition service */
    private DispositionService dispositionService;
    /** File plan authentication service */
    private FilePlanAuthenticationService filePlanAuthenticationService;
    /**
     * Set the disposition service
     *
@@ -60,14 +57,6 @@ public class DispositionSelectionStrategy implements RecordsManagementModel
        this.dispositionService = dispositionService;
    }
    /**
     * @param filePlanAuthenticationService	file plan authentication service
     */
    public void setFilePlanAuthenticationService(FilePlanAuthenticationService filePlanAuthenticationService)
    {
 		this.filePlanAuthenticationService = filePlanAuthenticationService;
 	}
    /**
     * Select the disposition schedule to use given there is more than one
     *
@@ -130,14 +119,13 @@ public class DispositionSelectionStrategy implements RecordsManagementModel
        public int compare(final NodeRef f1, final NodeRef f2)
        {
            // Run as admin user
-            return filePlanAuthenticationService.runAsRmAdmin(new RunAsWork<Integer>()
+            return AuthenticationUtil.runAs(new RunAsWork<Integer>()
            {
                public Integer doWork()
                {
                    return compareImpl(f1, f2);
                }
-
+            }, AuthenticationUtil.getAdminUserName());
            });
        }
        private int compareImpl(NodeRef f1, NodeRef f2)
--- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/patch/v20/RMv2FilePlanNodeRefPatch.java
+++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/patch/v20/RMv2FilePlanNodeRefPatch.java
@@ -132,7 +132,7 @@ public class RMv2FilePlanNodeRefPatch extends ModulePatchComponent
                   nodeService.setProperty(filePlanComponentNodeRef, PROP_ROOT_NODEREF, filePlan);
                }
-                // only set the rmadmin permissions on record categories, record folders and records
+                // only set the admin permissions on record categories, record folders and records
                FilePlanComponentKind kind = filePlanService.getFilePlanComponentKind(filePlanComponentNodeRef);
                if (FilePlanComponentKind.RECORD_CATEGORY.equals(kind) ||
                    FilePlanComponentKind.RECORD_FOLDER.equals(kind) ||
--- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/patch/v21/RMv21RMAdminUserPatch.java
+++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/patch/v21/RMv21RMAdminUserPatch.java
@@ -1,160 +0,0 @@
 /*
 * Copyright (C) 2005-2014 Alfresco Software Limited.
 *
 * This file is part of Alfresco
 *
 * Alfresco is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Lesser General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * Alfresco is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public License
 * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
 */
 package org.alfresco.module.org_alfresco_module_rm.patch.v21;
 import java.io.Serializable;
 import java.util.HashMap;
 import java.util.Map;
 import java.util.Set;
 import org.alfresco.model.ContentModel;
 import org.alfresco.module.org_alfresco_module_rm.fileplan.FilePlanService;
 import org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService;
 import org.alfresco.module.org_alfresco_module_rm.security.FilePlanAuthenticationService;
 import org.alfresco.service.cmr.repository.NodeRef;
 import org.alfresco.service.cmr.security.MutableAuthenticationService;
 import org.alfresco.service.cmr.security.PersonService;
 import org.alfresco.service.namespace.QName;
 import org.alfresco.util.GUID;
 import org.springframework.beans.factory.BeanNameAware;
 import org.springframework.extensions.surf.util.I18NUtil;
 /**
 * RM v2.1: RM admin user patch
 *
 * @author Roy Wetherall
 */
@SuppressWarnings("deprecation")
 public class RMv21RMAdminUserPatch extends RMv21PatchComponent implements BeanNameAware
 {
    /** I18N */
    private static final String MSG_FIRST_NAME = "bootstrap.rmadmin.firstName";
    private static final String MSG_LAST_NAME = "bootstrap.rmadmin.lastName";
    /** generate rm admin password */
    private String password = GUID.generate();
    /** mutable authenticaiton service */
    private MutableAuthenticationService authenticationService;
    /** person service */
    private PersonService personService;
    /** file plan service */
    private FilePlanService filePlanService;
    /** file plan role service */
    private FilePlanRoleService filePlanRoleService;
    /** file plan authentication service */
    private FilePlanAuthenticationService filePlanAuthenticationService;
    /**
     * @param personService person service
     */
    public void setPersonService(PersonService personService)
    {
        this.personService = personService;
    }
    /**
     * @param authenticationService mutable authentication service
     */
    public void setAuthenticationService(MutableAuthenticationService authenticationService)
    {
        this.authenticationService = authenticationService;
    }
    /**
     * @param filePlanService   file plan service
     */
    public void setFilePlanService(FilePlanService filePlanService)
    {
        this.filePlanService = filePlanService;
    }
    /**
     * @param filePlanRoleService   file plan role service
     */
    public void setFilePlanRoleService(FilePlanRoleService filePlanRoleService)
    {
        this.filePlanRoleService = filePlanRoleService;
    }
    /**
     * @param filePlanAuthenticationService file plan authentication service
     */
    public void setFilePlanAuthenticationService(FilePlanAuthenticationService filePlanAuthenticationService)
    {
        this.filePlanAuthenticationService = filePlanAuthenticationService;
    }
    /**
     * @see org.alfresco.repo.module.AbstractModuleComponent#executeInternal()
     */
    @Override
    protected void executePatch()
    {
        String user = filePlanAuthenticationService.getRmAdminUserName();
        String firstName = I18NUtil.getMessage(MSG_FIRST_NAME);
        String lastName = I18NUtil.getMessage(MSG_LAST_NAME);
        if (!authenticationService.authenticationExists(user))
        {
            if (logger.isDebugEnabled())
            {
                logger.debug("   ... creating RM Admin user");
            }
            authenticationService.createAuthentication(user, password.toCharArray());
            if (!personService.personExists(user))
            {
                if (logger.isDebugEnabled())
                {
                    logger.debug("   ... creating RM Admin person");
                }
                Map<QName, Serializable> properties = new HashMap<QName, Serializable>();
                properties.put(ContentModel.PROP_USERNAME, user);
                properties.put(ContentModel.PROP_FIRSTNAME, firstName);
                properties.put(ContentModel.PROP_LASTNAME, lastName);
                personService.createPerson(properties);
            }
            else
            {
                if (logger.isInfoEnabled())
                {
                    logger.debug("   ... RM Admin person already exists");
                }
            }
            if (logger.isDebugEnabled())
            {
                logger.debug("   ... assigning RM Admin user to file plans");
            }
            Set<NodeRef> filePlans = filePlanService.getFilePlans();
            for (NodeRef filePlan : filePlans)
            {
                filePlanRoleService.assignRoleToAuthority(filePlan, FilePlanRoleService.ROLE_ADMIN, user);
            }
        }
    }
 }
--- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/role/FilePlanRoleServiceImpl.java
+++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/role/FilePlanRoleServiceImpl.java
@@ -22,18 +22,14 @@ import java.io.BufferedReader;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.InputStreamReader;
 import java.io.Serializable;
 import java.nio.charset.Charset;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.HashMap;
 import java.util.HashSet;
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
 import org.alfresco.error.AlfrescoRuntimeException;
 import org.alfresco.model.ContentModel;
 import org.alfresco.module.org_alfresco_module_rm.bootstrap.BootstrapImporterModuleComponent;
 import org.alfresco.module.org_alfresco_module_rm.capability.Capability;
 import org.alfresco.module.org_alfresco_module_rm.capability.CapabilityService;
@@ -42,7 +38,6 @@ import org.alfresco.module.org_alfresco_module_rm.fileplan.FilePlanService;
 import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
 import org.alfresco.module.org_alfresco_module_rm.security.ExtendedReaderDynamicAuthority;
 import org.alfresco.module.org_alfresco_module_rm.security.ExtendedWriterDynamicAuthority;
 import org.alfresco.module.org_alfresco_module_rm.security.FilePlanAuthenticationService;
 import org.alfresco.repo.security.authentication.AuthenticationUtil;
 import org.alfresco.repo.security.authority.RMAuthority;
 import org.alfresco.service.cmr.repository.NodeRef;
@@ -51,15 +46,9 @@ import org.alfresco.service.cmr.repository.StoreRef;
 import org.alfresco.service.cmr.security.AccessPermission;
 import org.alfresco.service.cmr.security.AuthorityService;
 import org.alfresco.service.cmr.security.AuthorityType;
 import org.alfresco.service.cmr.security.MutableAuthenticationService;
 import org.alfresco.service.cmr.security.PermissionService;
 import org.alfresco.service.cmr.security.PersonService;
 import org.alfresco.service.namespace.QName;
 import org.alfresco.util.GUID;
 import org.alfresco.util.ParameterCheck;
 import org.apache.commons.lang.StringUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.json.JSONArray;
 import org.json.JSONException;
 import org.json.JSONObject;
@@ -75,8 +64,6 @@ public class FilePlanRoleServiceImpl implements FilePlanRoleService,
                                                RecordsManagementModel
 {
    /** I18N */
    private static final String MSG_FIRST_NAME = "bootstrap.rmadmin.firstName";
    private static final String MSG_LAST_NAME = "bootstrap.rmadmin.lastName";
    private static final String MSG_ALL_ROLES = "rm.role.all";
    /** Location of bootstrap role JSON */
@@ -103,15 +90,6 @@ public class FilePlanRoleServiceImpl implements FilePlanRoleService,
    /** Node service */
    private NodeService nodeService;
    /** File plan authentication service */
    private FilePlanAuthenticationService filePlanAuthenticationService;
    /** mutable authenticaiton service */
    private MutableAuthenticationService authenticationService;
    /** person service */
    private PersonService personService;
    private BootstrapImporterModuleComponent bootstrapImporterModule;
    /** Records management role zone */
@@ -120,9 +98,6 @@ public class FilePlanRoleServiceImpl implements FilePlanRoleService,
    /** Records Management Config Node */
    private static final String CONFIG_NODEID = "rm_config_folder";
    /** Logger */
    private static Log logger = LogFactory.getLog(FilePlanRoleServiceImpl.class);
    /**
     * @param capabilityService capability service
     */
@@ -163,30 +138,6 @@ public class FilePlanRoleServiceImpl implements FilePlanRoleService,
        this.filePlanService = filePlanService;
    }
    /**
     * @param filePlanAuthenticationService file plan authentication service
     */
    public void setFilePlanAuthenticationService(FilePlanAuthenticationService filePlanAuthenticationService)
    {
        this.filePlanAuthenticationService = filePlanAuthenticationService;
    }
    /**
     * @param personService person service
     */
    public void setPersonService(PersonService personService)
    {
        this.personService = personService;
    }
    /**
     * @param authenticationService mutable authentication service
     */
    public void setAuthenticationService(MutableAuthenticationService authenticationService)
    {
        this.authenticationService = authenticationService;
    }
    /**
     *
     * @param bootstrapImporterModuleComponent
@@ -391,13 +342,10 @@ public class FilePlanRoleServiceImpl implements FilePlanRoleService,
                            String user = AuthenticationUtil.getFullyAuthenticatedUser();
                            authorityService.addAuthority(role.getRoleGroupName(), user);
-                            if (!filePlanAuthenticationService.getRmAdminUserName().equals(user))
+                            if (!AuthenticationUtil.getAdminUserName().equals(user))
                            {
                                // Create the RM Admin User if it does not already exist
                                createRMAdminUser();
                                // add the dynamic admin authority
-                                authorityService.addAuthority(role.getRoleGroupName(), filePlanAuthenticationService.getRmAdminUserName());
+                                authorityService.addAuthority(role.getRoleGroupName(), AuthenticationUtil.getAdminUserName());
                            }
                        }
                    }
@@ -670,7 +618,7 @@ public class FilePlanRoleServiceImpl implements FilePlanRoleService,
     */
    public boolean hasRMAdminRole(NodeRef rmRootNode, String user)
    {
-        boolean isRMAdmin = false;
+        boolean isAdmin = false;
        Set<Role> userRoles = this.getRolesByUser(rmRootNode, user);
        if (userRoles != null)
@@ -679,13 +627,13 @@ public class FilePlanRoleServiceImpl implements FilePlanRoleService,
            {
                if (role.getName().equals("Administrator"))
                {
-                    isRMAdmin = true;
+                    isAdmin = true;
                    break;
                }
            }
        }
-        return isRMAdmin;
+        return isAdmin;
    }
    /**
@@ -921,32 +869,4 @@ public class FilePlanRoleServiceImpl implements FilePlanRoleService,
    {
        return authorityService.getName(AuthorityType.GROUP, getAllRolesGroupShortName(filePlan));
    }
    /**
     * Create the RMAdmin user if it does not already exist
     */
    private void createRMAdminUser()
    {
        /** generate rm admin password */
        String password = GUID.generate();
        String user = filePlanAuthenticationService.getRmAdminUserName();
        String firstName = I18NUtil.getMessage(MSG_FIRST_NAME);
        String lastName = I18NUtil.getMessage(MSG_LAST_NAME);
        if (!authenticationService.authenticationExists(user))
        {
            if (logger.isDebugEnabled())
            {
                logger.debug("   ... creating RM Admin user");
            }
            authenticationService.createAuthentication(user, password.toCharArray());
            Map<QName, Serializable> properties = new HashMap<QName, Serializable>();
            properties.put(ContentModel.PROP_USERNAME, user);
            properties.put(ContentModel.PROP_FIRSTNAME, firstName);
            properties.put(ContentModel.PROP_LASTNAME, lastName);
            personService.createPerson(properties);
        }
    }
 }
--- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/FilePlanAuthenticationService.java
+++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/FilePlanAuthenticationService.java
@@ -1,44 +0,0 @@
 /*
 * Copyright (C) 2005-2014 Alfresco Software Limited.
 *
 * This file is part of Alfresco
 *
 * Alfresco is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Lesser General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * Alfresco is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public License
 * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
 */
 package org.alfresco.module.org_alfresco_module_rm.security;
 import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
 /**
 * File plan authentication service.
 * 
 * @author Roy Wetherall
 * @since 2.1
 */
 public interface FilePlanAuthenticationService
 {
    /**
     * @return  rm admin user name
     */
    String getRmAdminUserName();
    /**
     * Run provided work as the global rm admin user.
     * 
     * @param <R>       return type
     * @param runAsWork work to execute as the rm admin user
     * @return R        result of work execution
     */
    <R> R runAsRmAdmin(RunAsWork<R> runAsWork);
 }
--- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/FilePlanAuthenticationServiceImpl.java
+++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/FilePlanAuthenticationServiceImpl.java
@@ -1,79 +0,0 @@
 /*
 * Copyright (C) 2005-2014 Alfresco Software Limited.
 *
 * This file is part of Alfresco
 *
 * Alfresco is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Lesser General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * Alfresco is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public License
 * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
 */
 package org.alfresco.module.org_alfresco_module_rm.security;
 import org.alfresco.repo.security.authentication.AuthenticationUtil;
 import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
 import org.alfresco.repo.tenant.TenantService;
 /**
 * @author Roy Wetherall
 * @since 2.1
 */
 public class FilePlanAuthenticationServiceImpl implements FilePlanAuthenticationService
 {
    /** Default rm admin user values */
    public static final String DEFAULT_RM_ADMIN_USER = "rmadmin";
    /** RM admin user name */
    private String rmAdminUserName = DEFAULT_RM_ADMIN_USER;
    /** tennant service */
    private TenantService tenantService;
    /**
     * The Tenant Service
     * 
     * @param tenantService
     */
    public void setTenantService(TenantService tenantService)
    {
        this.tenantService = tenantService;
    }
    /**
     * @param rmAdminUserName   rm admin user name
     */
    public void setRmAdminUserName(String rmAdminUserName)
    {
        this.rmAdminUserName = rmAdminUserName;
    }
    /**
     * @see org.alfresco.module.org_alfresco_module_rm.security.FilePlanAuthenticationService#getRMAdminUserName()
     */
    @Override
    public String getRmAdminUserName()
    {
        // Build the tenant domain string
        String tenantDomain = tenantService.isEnabled() ? "@" + tenantService.getCurrentUserDomain() : "";
        // if MT is enabled and we are in the non-tenant domain we need use the base rm admin user name
        return tenantDomain.length() > 1 ? rmAdminUserName + tenantDomain : rmAdminUserName;
    }
    /**
     * @see org.alfresco.module.org_alfresco_module_rm.security.FilePlanAuthenticationService#runAsRMAdmin(org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork)
     */
    @Override
    public <R> R runAsRmAdmin(RunAsWork<R> runAsWork)
    {
        return AuthenticationUtil.runAs(runAsWork, getRmAdminUserName());
    }
 }
--- a/rm-server/source/java/org/alfresco/repo/rule/ExtendedRuleServiceImpl.java
+++ b/rm-server/source/java/org/alfresco/repo/rule/ExtendedRuleServiceImpl.java
@@ -25,7 +25,6 @@ import org.alfresco.model.ContentModel;
 import org.alfresco.module.org_alfresco_module_rm.fileplan.FilePlanService;
 import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
 import org.alfresco.module.org_alfresco_module_rm.record.RecordService;
 import org.alfresco.module.org_alfresco_module_rm.security.FilePlanAuthenticationService;
 import org.alfresco.repo.security.authentication.AuthenticationUtil;
 import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
 import org.alfresco.service.cmr.repository.NodeRef;
@@ -41,8 +40,8 @@ import org.alfresco.service.namespace.QName;
 */
 public class ExtendedRuleServiceImpl extends RuleServiceImpl
 {
-	/** indicates whether the rules should be run as rmadmin or not */
+	/** indicates whether the rules should be run as admin or not */
-    private boolean runAsRmAdmin = true;
+    private boolean runAsAdmin = true;
    /** ignore types */
    private Set<QName> ignoredTypes = new HashSet<QName>();
@@ -50,31 +49,12 @@ public class ExtendedRuleServiceImpl extends RuleServiceImpl
    /** file plan service */
    private FilePlanService filePlanService;
    /** file plan authentication service */
    private FilePlanAuthenticationService filePlanAuthenticationService;
    /** node service */
    protected NodeService nodeService;
    /** Record service */
    protected RecordService recordService;
    /**
     * @param runAsRmAdmin	true if run rules as rmadmin, false otherwise
     */
    public void setRunAsRmAdmin(boolean runAsRmAdmin)
    {
        this.runAsRmAdmin = runAsRmAdmin;
    }
    /**
     * @param filePlanAuthenticationService	file plan authentication service
     */
    public void setFilePlanAuthenticationService(FilePlanAuthenticationService filePlanAuthenticationService)
    {
        this.filePlanAuthenticationService = filePlanAuthenticationService;
    }
    /**
     * @param nodeService	node service
     */
@@ -99,6 +79,14 @@ public class ExtendedRuleServiceImpl extends RuleServiceImpl
        this.recordService = recordService;
    }
    /**
     * @param runAsAdmin  true if run rules as admin, false otherwise
     */
    public void setRunAsAdmin(boolean runAsAdmin)
    {
        this.runAsAdmin = runAsAdmin;
    }
    /**
     * Init method
     */
@@ -181,18 +169,17 @@ public class ExtendedRuleServiceImpl extends RuleServiceImpl
            	// ignore and
                if (!isIgnoredType(typeQName))
    	        {
-    	        	if (runAsRmAdmin)
+    	        	if (runAsAdmin)
    	            {
-                		// run as rmadmin
+    	            	AuthenticationUtil.runAs(new RunAsWork<Void>()
-    	            	filePlanAuthenticationService.runAsRmAdmin(new RunAsWork<Void>()
+                        {
-    	            	{
+                            @Override
-    						@Override
+                            public Void doWork()
-    						public Void doWork()
+                            {
-    						{
+                                ExtendedRuleServiceImpl.super.executeRule(rule, nodeRef, executedRules);
-    							ExtendedRuleServiceImpl.super.executeRule(rule, nodeRef, executedRules);
+                                return null;
-    							return null;
+                            }
-    						}
+                        }, AuthenticationUtil.getAdminUserName());
    					});
                	}
                	else
                	{
--- a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/action/FileToActionTest.java
+++ b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/action/FileToActionTest.java
@@ -95,7 +95,7 @@ public class FileToActionTest extends BaseRMTestCase
                return null;
            }
-        }, rmAdminName);
+        }, ADMIN_USER);
    }
    private void initRecord()
@@ -147,7 +147,7 @@ public class FileToActionTest extends BaseRMTestCase
                return null;
            }
-        }, rmAdminName);
+        }, ADMIN_USER);
    }
    public void testFileToPath2()
@@ -175,7 +175,7 @@ public class FileToActionTest extends BaseRMTestCase
                return null;
            }
-        }, rmAdminName);
+        }, ADMIN_USER);
    }
    public void testCreate() throws Exception
@@ -237,7 +237,7 @@ public class FileToActionTest extends BaseRMTestCase
                return null;
            }
-        }, rmAdminName);
+        }, ADMIN_USER);
    }
    public void failureTests() throws Exception
--- a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/capabilities/DeclarativeCapabilityTest.java
+++ b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/capabilities/DeclarativeCapabilityTest.java
@@ -60,7 +60,7 @@ public class DeclarativeCapabilityTest extends BaseRMTestCase
    private NodeRef moveToFolder;
    private NodeRef moveToCategory;
-    
+
    private NodeRef hold;
    @Override
@@ -109,9 +109,9 @@ public class DeclarativeCapabilityTest extends BaseRMTestCase
                utils.declareRecord(declaredRecord);
                utils.declareRecord(frozenRecord);
                utils.declareRecord(frozenRecord2);
-                
+
                hold = holdService.createHold(filePlan, GUID.generate(), "reason", "description");
-                
+
                holdService.addToHold(hold, frozenRecord);
                holdService.addToHold(hold, frozenRecordFolder);
                holdService.addToHold(hold, frozenRecord2);
@@ -349,7 +349,7 @@ public class DeclarativeCapabilityTest extends BaseRMTestCase
                }
                return null;
            }
-        }, rmAdminName);
+        }, ADMIN_USER);
        doTestInTransaction(new Test<Void>()
        {
@@ -445,7 +445,7 @@ public class DeclarativeCapabilityTest extends BaseRMTestCase
                }
                return null;
            }
-        }, rmAdminName);
+        }, ADMIN_USER);
        doTestInTransaction(new Test<Void>()
        {
--- a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/integration/issue/RM1008Test.java
+++ b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/integration/issue/RM1008Test.java
@@ -92,7 +92,7 @@ public class RM1008Test extends BaseRMTestCase
                return null;
            }
-        }, rmAdminName);
+        }, ADMIN_USER);
        doTestInTransaction(new Test<Void>()
        {
@@ -130,7 +130,7 @@ public class RM1008Test extends BaseRMTestCase
                holdService.addToHold(hold, rmFolder);
                return hold;
            }
-        }, rmAdminName);
+        }, ADMIN_USER);
        doTestInTransaction(new Test<Void>()
        {
@@ -145,7 +145,7 @@ public class RM1008Test extends BaseRMTestCase
                return null;
            }
-        }, rmAdminName);
+        }, ADMIN_USER);
        doTestInTransaction(new Test<Void>()
        {
@@ -171,7 +171,7 @@ public class RM1008Test extends BaseRMTestCase
                return null;
            }
-        }, rmAdminName);
+        }, ADMIN_USER);
        doTestInTransaction(new Test<Void>()
        {
@@ -197,7 +197,7 @@ public class RM1008Test extends BaseRMTestCase
                return null;
            }
-        }, rmAdminName);
+        }, ADMIN_USER);
        doTestInTransaction(new Test<Void>()
        {
@@ -282,7 +282,7 @@ public class RM1008Test extends BaseRMTestCase
                return null;
            }
-        }, rmAdminName);
+        }, ADMIN_USER);
        doTestInTransaction(new Test<Void>()
        {
@@ -308,7 +308,7 @@ public class RM1008Test extends BaseRMTestCase
                return null;
            }
-        }, rmAdminName);
+        }, ADMIN_USER);
        doTestInTransaction(new Test<Void>()
        {
@@ -334,7 +334,7 @@ public class RM1008Test extends BaseRMTestCase
                return null;
            }
-        }, rmAdminName);
+        }, ADMIN_USER);
        doTestInTransaction(new Test<Void>()
        {
--- a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/integration/issue/RM804Test.java
+++ b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/integration/issue/RM804Test.java
@@ -26,30 +26,30 @@ import org.alfresco.service.cmr.site.SiteRole;
 /**
 * Unit test for RM-804 .. site managers are able to delete file plans
- * 
+ *
 * @author Roy Wetherall
 * @since 2.1
 */
-public class RM804Test extends BaseRMTestCase 
+public class RM804Test extends BaseRMTestCase
-{    
+{
    @Override
    protected void initServices()
    {
        super.initServices();
    }
-    
+
    @Override
    protected boolean isCollaborationSiteTest()
    {
        return true;
    }
-    
+
    @Override
    protected boolean isUserTest()
    {
        return true;
    }
-   
+
    public void testUsersHaveDeletePermissionsOnFilePlan() throws Exception
    {
        // as rmuser
@@ -59,32 +59,32 @@ public class RM804Test extends BaseRMTestCase
            public Void run()
            {
                assertEquals(AccessStatus.ALLOWED, capabilityService.getCapabilityAccessState(filePlan, "Delete"));
-                
+
                return null;
            }
-        }, "rmadmin");
+        }, ADMIN_USER);
- 
+
        doTestInTransaction(new Test<Void>()
        {
            @Override
            public Void run()
            {
                assertEquals(AccessStatus.ALLOWED, capabilityService.getCapabilityAccessState(filePlan, "Delete"));
-                
+
                return null;
            }
-        }, "admin");
+        }, ADMIN_USER);
-        
+
        doTestInTransaction(new Test<Void>()
        {
            @Override
            public Void run()
            {
                assertEquals(AccessStatus.ALLOWED, capabilityService.getCapabilityAccessState(filePlan, "Delete"));
-                
+
                return null;
            }
-        }, rmAdminName);
+        }, ADMIN_USER);
        doTestInTransaction(new Test<Void>()
        {
@@ -92,23 +92,23 @@ public class RM804Test extends BaseRMTestCase
            public Void run()
            {
                assertEquals(AccessStatus.DENIED, capabilityService.getCapabilityAccessState(filePlan, "Delete"));
-                
+
                return null;
            }
        }, rmUserName);
-        
+
        doTestInTransaction(new Test<Void>()
        {
            @Override
            public Void run()
            {
                assertEquals(AccessStatus.DENIED, capabilityService.getCapabilityAccessState(filePlan, "Delete"));
-                
+
                return null;
            }
        }, userName);
    }
-    
+
    public void testTryAndDeleteSiteAsSiteManagerOnly()
    {
        doTestInTransaction(new Test<Void>()
@@ -117,25 +117,25 @@ public class RM804Test extends BaseRMTestCase
            public Void run()
            {
                siteService.setMembership(siteId, userName, SiteRole.SiteManager.toString());
-                
+
                return null;
            }
        }, "admin");
-        
+
        doTestInTransaction(new FailureTest
        (
           "Should not be able to delete site as a site manager only.",
           AlfrescoRuntimeException.class
        )
-        {            
+        {
            @Override
            public void run() throws Exception
            {
                siteService.deleteSite(siteId);
-                
+
            }
        }, userName);
-        
+
        // give the user a RM role (but not sufficient to delete the file plan node ref)
        doTestInTransaction(new Test<Void>()
        {
@@ -143,47 +143,47 @@ public class RM804Test extends BaseRMTestCase
            public Void run()
            {
                filePlanRoleService.assignRoleToAuthority(filePlan, ROLE_NAME_USER, userName);
-                
+
                return null;
            }
        }, "admin");
-        
+
        doTestInTransaction(new FailureTest
        (
           "Should not be able to delete site as a site manager with an RM role that doesn't have the capability.",
           AlfrescoRuntimeException.class
        )
-        {            
+        {
            @Override
            public void run() throws Exception
            {
                siteService.deleteSite(siteId);
-                
+
            }
        }, userName);
-        
+
        doTestInTransaction(new Test<Void>()
        {
            @Override
            public Void run()
            {
                filePlanRoleService.assignRoleToAuthority(filePlan, ROLE_NAME_ADMINISTRATOR, userName);
-                
+
                return null;
            }
        }, "admin");
-        
+
        doTestInTransaction(new Test<Void>()
        {
            @Override
            public Void run()
            {
                siteService.deleteSite(siteId);
-                
+
                return null;
            }
        }, userName);
-        
+
    }
-  
+
 }
--- a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/CustomEMailMappingServiceImplTest.java
+++ b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/CustomEMailMappingServiceImplTest.java
@@ -117,7 +117,7 @@ public class CustomEMailMappingServiceImplTest extends BaseRMTestCase
                return null;
            }
-        }, rmAdminName);
+        }, ADMIN_USER);
    }
    private CustomMapping getCustomMapping(String from, String to)
--- a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/ModelSecurityServiceImplTest.java
+++ b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/ModelSecurityServiceImplTest.java
@@ -29,7 +29,7 @@ import org.alfresco.service.namespace.QName;
 /**
 * Model security service test.
- * 
+ *
 * @author Roy Wetherall
 * @since 2.1
 */
@@ -37,16 +37,16 @@ public class ModelSecurityServiceImplTest extends BaseRMTestCase
 {
    private static final QName CUSTOM_ASPECT = QName.createQName("http://www.alfresco.org/model/rmtest/1.0", "customAspect");
    private static final QName CUSTOM_PROTECTED_ASPECT = QName.createQName("http://www.alfresco.org/model/rmtest/1.0", "customProtectedAspect");
-    
+
    private static final QName CUSTOM_PROPERTY = QName.createQName("http://www.alfresco.org/model/rmtest/1.0", "customProperty");
    private static final QName CUSTOM_PROTECTED_PROPERTY = QName.createQName("http://www.alfresco.org/model/rmtest/1.0", "customProtectedProperty");
-    
+
-    
+
    /** Model security service */
-    private ModelSecurityService modelSecurityService;    
+    private ModelSecurityService modelSecurityService;
-    
+
    private boolean enabled;
-    
+
    /**
     * @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase#isUserTest()
     */
@@ -55,23 +55,23 @@ public class ModelSecurityServiceImplTest extends BaseRMTestCase
    {
        return true;
    }
-    
+
    @Override
    protected boolean isFillingForAllUsers()
    {
        return true;
    }
-    
+
    /**
     * @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase#initServices()
     */
    @Override
    protected void initServices()
    {
-        super.initServices();        
+        super.initServices();
        modelSecurityService = (ModelSecurityService)applicationContext.getBean("ModelSecurityService");
    }
-    
+
    /**
     * @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase#setupTestDataImpl()
     */
@@ -79,11 +79,11 @@ public class ModelSecurityServiceImplTest extends BaseRMTestCase
    protected void setupTestDataImpl()
    {
        super.setupTestDataImpl();
-        
+
        enabled = modelSecurityService.isEnabled();
        modelSecurityService.setEnabled(true);
    }
-    
+
    /**
     * @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase#tearDownImpl()
     */
@@ -93,77 +93,77 @@ public class ModelSecurityServiceImplTest extends BaseRMTestCase
        super.tearDownImpl();
        modelSecurityService.setEnabled(enabled);
    }
-    
+
    /**
     * test - getProtectedAspects(), isProtectedAspect(), getProtectedAspect()
     */
    public void testProtectedAspects() throws Exception
    {
        doTestInTransaction(new VoidTest()
-        {            
+        {
            @Override
            public void runImpl() throws Exception
            {
                Set<QName> protectedAspects = modelSecurityService.getProtectedAspects();
-                
+
                assertNotNull(protectedAspects);
                assertFalse(protectedAspects.isEmpty());
                assertTrue(protectedAspects.contains(CUSTOM_PROTECTED_ASPECT));
                assertFalse(protectedAspects.contains(CUSTOM_ASPECT));
-                
+
                assertTrue(modelSecurityService.isProtectedAspect(CUSTOM_PROTECTED_ASPECT));
                assertFalse(modelSecurityService.isProtectedAspect(CUSTOM_ASPECT));
-                
+
                ProtectedAspect protectedAspect = modelSecurityService.getProtectedAspect(CUSTOM_ASPECT);
                assertNull(protectedAspect);
                protectedAspect = modelSecurityService.getProtectedAspect(CUSTOM_PROTECTED_ASPECT);
                assertNotNull(protectedAspect);
                assertNotNull(protectedAspect.getQName());
-                assertNotNull(protectedAspect.getCapabilities());                
+                assertNotNull(protectedAspect.getCapabilities());
            }
-        });   
+        });
-        
+
        doTestInTransaction(new VoidTest()
-        {            
+        {
            @Override
            public void runImpl() throws Exception
            {
                assertTrue(modelSecurityService.isProtectedAspect(CUSTOM_PROTECTED_ASPECT));
-                assertFalse(modelSecurityService.canEditProtectedAspect(rmFolder, CUSTOM_PROTECTED_ASPECT));                
+                assertFalse(modelSecurityService.canEditProtectedAspect(rmFolder, CUSTOM_PROTECTED_ASPECT));
            }
        }, powerUserName);
-        
+
        doTestInTransaction(new FailureTest
        (
-            "Normal rm user should not have the permissions to add the protected aspect.",    
+            "Normal rm user should not have the permissions to add the protected aspect.",
            ModelAccessDeniedException.class
        )
        {
            @Override
            public void run() throws Exception
            {
-              // try and add the aspect    
+              // try and add the aspect
              nodeService.addAspect(rmFolder, CUSTOM_PROTECTED_ASPECT, null);
-            }           
+            }
        }, powerUserName);
-        
+
        doTestInTransaction(new VoidTest()
-        {            
+        {
            @Override
            public void runImpl() throws Exception
            {
                assertTrue(modelSecurityService.canEditProtectedAspect(rmFolder, CUSTOM_PROTECTED_ASPECT));
-                
+
                // try and add the aspect
                nodeService.addAspect(rmFolder, CUSTOM_PROTECTED_ASPECT, null);
                assertTrue(nodeService.hasAspect(rmFolder, CUSTOM_PROTECTED_ASPECT));
            }
-        }, rmAdminName);
+        }, ADMIN_USER);
-                               
+
        // check protected aspect via removeAspect
        doTestInTransaction(new FailureTest
        (
-            "Normal rm user should not have the permissions to remove the custom aspect.",    
+            "Normal rm user should not have the permissions to remove the custom aspect.",
            ModelAccessDeniedException.class
        )
        {
@@ -171,20 +171,20 @@ public class ModelSecurityServiceImplTest extends BaseRMTestCase
            public void run() throws Exception
            {
                nodeService.removeAspect(rmFolder, CUSTOM_PROTECTED_ASPECT);
-            }           
+            }
        }, powerUserName);
-        
+
        doTestInTransaction(new VoidTest()
-        {            
+        {
            @Override
            public void runImpl() throws Exception
            {
                nodeService.removeAspect(rmFolder, CUSTOM_PROTECTED_ASPECT);
                assertFalse(nodeService.hasAspect(rmFolder, CUSTOM_PROTECTED_ASPECT));
            }
-        }, rmAdminName);
+        }, ADMIN_USER);
    }
-    
+
    /**
     * test - getProtectedProperties(), isProtectedProperty(), getProtectedProperty()
     */
@@ -195,55 +195,55 @@ public class ModelSecurityServiceImplTest extends BaseRMTestCase
            public void runImpl()
            {
                Set<QName> protectedProperties = modelSecurityService.getProtectedProperties();
-                
+
                assertNotNull(protectedProperties);
                assertFalse(protectedProperties.isEmpty());
                assertTrue(protectedProperties.contains(CUSTOM_PROTECTED_PROPERTY));
-                assertFalse(protectedProperties.contains(CUSTOM_PROPERTY));  
+                assertFalse(protectedProperties.contains(CUSTOM_PROPERTY));
-                
+
                assertTrue(modelSecurityService.isProtectedProperty(CUSTOM_PROTECTED_PROPERTY));
                assertFalse(modelSecurityService.isProtectedProperty(CUSTOM_PROPERTY));
-                
+
                ProtectedProperty protectedProperty = modelSecurityService.getProtectedProperty(CUSTOM_PROPERTY);
                assertNull(protectedProperty);
                protectedProperty = modelSecurityService.getProtectedProperty(CUSTOM_PROTECTED_PROPERTY);
                assertNotNull(protectedProperty);
                assertNotNull(protectedProperty.getQName());
-                assertNotNull(protectedProperty.getCapabilities());                              
+                assertNotNull(protectedProperty.getCapabilities());
            }
-        });  
+        });
-        
+
        doTestInTransaction(new VoidTest()
-        {            
+        {
            @Override
            public void runImpl() throws Exception
            {
                assertTrue(modelSecurityService.canEditProtectedProperty(rmFolder, CUSTOM_PROTECTED_PROPERTY));
            }
-        }, rmAdminName);
+        }, ADMIN_USER);
-        
+
        doTestInTransaction(new VoidTest()
-        {            
+        {
            @Override
            public void runImpl() throws Exception
            {
-                assertFalse(modelSecurityService.canEditProtectedProperty(rmFolder, CUSTOM_PROTECTED_PROPERTY));                
+                assertFalse(modelSecurityService.canEditProtectedProperty(rmFolder, CUSTOM_PROTECTED_PROPERTY));
            }
-        }, powerUserName);  
+        }, powerUserName);
-        
+
        doTestInTransaction(new VoidTest()
-        {            
+        {
            @Override
            public void runImpl() throws Exception
            {
                assertTrue(modelSecurityService.isProtectedProperty(CUSTOM_PROTECTED_PROPERTY));
-                assertFalse(modelSecurityService.canEditProtectedProperty(rmFolder, CUSTOM_PROTECTED_PROPERTY));                
+                assertFalse(modelSecurityService.canEditProtectedProperty(rmFolder, CUSTOM_PROTECTED_PROPERTY));
            }
        }, powerUserName);
-        
+
        doTestInTransaction(new FailureTest
        (
-            "Should not have the permissions to edit protected property.",    
+            "Should not have the permissions to edit protected property.",
            ModelAccessDeniedException.class
        )
        {
@@ -251,19 +251,19 @@ public class ModelSecurityServiceImplTest extends BaseRMTestCase
            public void run() throws Exception
            {
                nodeService.setProperty(rmFolder, CUSTOM_PROTECTED_PROPERTY, "hello");
-            }           
+            }
        }, powerUserName);
-        
+
        doTestInTransaction(new VoidTest()
-        {            
+        {
            @Override
            public void runImpl() throws Exception
            {
                assertTrue(modelSecurityService.canEditProtectedProperty(rmFolder, CUSTOM_PROTECTED_PROPERTY));
-                
+
                nodeService.setProperty(rmFolder, CUSTOM_PROTECTED_PROPERTY, "hello");
                assertEquals("hello", nodeService.getProperty(rmFolder, CUSTOM_PROTECTED_PROPERTY));
            }
-        }, rmAdminName);                               
+        }, ADMIN_USER);
    }
 }
--- a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/RecordServiceImplTest.java
+++ b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/RecordServiceImplTest.java
@@ -501,7 +501,7 @@ public class RecordServiceImplTest extends BaseRMTestCase
                return null;
            }
-        }, rmAdminName);
+        }, ADMIN_USER);
    }
    public void testFileNewContent() throws Exception
@@ -643,7 +643,7 @@ public class RecordServiceImplTest extends BaseRMTestCase
            }
        });
-        // test rmadmin
+        // test admin
        doTestInTransaction(new VoidTest()
        {
            @Override
@@ -738,11 +738,11 @@ public class RecordServiceImplTest extends BaseRMTestCase
            }
        });
-        // test rmadmin
+        // test admin
-        canEditProperty(recordOne, ContentModel.PROP_DESCRIPTION, rmAdminName);
+        canEditProperty(recordOne, ContentModel.PROP_DESCRIPTION, ADMIN_USER);
-        canEditProperty(recordOne, RecordsManagementModel.PROP_LOCATION, rmAdminName);
+        canEditProperty(recordOne, RecordsManagementModel.PROP_LOCATION, ADMIN_USER);
-        cantEditProperty(recordDeclaredOne, ContentModel.PROP_DESCRIPTION, rmAdminName);
+        cantEditProperty(recordDeclaredOne, ContentModel.PROP_DESCRIPTION, ADMIN_USER);
-        canEditProperty(recordDeclaredOne, RecordsManagementModel.PROP_LOCATION, rmAdminName);
+        canEditProperty(recordDeclaredOne, RecordsManagementModel.PROP_LOCATION, ADMIN_USER);
        // test normal user
        cantEditProperty(recordOne, ContentModel.PROP_DESCRIPTION, rmUserName);
--- a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/RecordsManagementAuditServiceImplTest.java
+++ b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/RecordsManagementAuditServiceImplTest.java
@@ -138,7 +138,7 @@ public class RecordsManagementAuditServiceImplTest extends BaseRMTestCase
                return null;
            }
-        }, rmAdminName);
+        }, ADMIN_USER);
    }
    /**
@@ -147,13 +147,13 @@ public class RecordsManagementAuditServiceImplTest extends BaseRMTestCase
    public void testGetAuditTrail()
    {
        // show the audit is empty
-        getAuditTrail(1, rmAdminName);
+        getAuditTrail(1, ADMIN_USER);
        // make a change
-        final String updatedProperty = updateTitle(filePlan, rmAdminName);
+        final String updatedProperty = updateTitle(filePlan, ADMIN_USER);
        // show the audit has been updated
-        List<RecordsManagementAuditEntry> entries = getAuditTrail(3, rmAdminName);
+        List<RecordsManagementAuditEntry> entries = getAuditTrail(3, ADMIN_USER);
        final RecordsManagementAuditEntry entry = entries.get(2);
        assertNotNull(entry);
@@ -182,15 +182,15 @@ public class RecordsManagementAuditServiceImplTest extends BaseRMTestCase
                return null;
            }
-        }, rmAdminName);
+        }, ADMIN_USER);
        // add some more title updates
-        updateTitle(rmContainer, rmAdminName);
+        updateTitle(rmContainer, ADMIN_USER);
-        updateTitle(rmFolder, rmAdminName);
+        updateTitle(rmFolder, ADMIN_USER);
-        updateTitle(record, rmAdminName);
+        updateTitle(record, ADMIN_USER);
        // show the audit has been updated
-        getAuditTrail(7, rmAdminName);
+        getAuditTrail(7, ADMIN_USER);
        // snap shot date
        Date snapShot = new Date();
@@ -198,7 +198,7 @@ public class RecordsManagementAuditServiceImplTest extends BaseRMTestCase
        // show the audit results can be limited
        RecordsManagementAuditQueryParameters params = new RecordsManagementAuditQueryParameters();
        params.setMaxEntries(2);
-        getAuditTrail(params, 2, rmAdminName);
+        getAuditTrail(params, 2, ADMIN_USER);
        // test filter by user
        updateTitle(rmContainer, recordsManagerName);
@@ -207,39 +207,39 @@ public class RecordsManagementAuditServiceImplTest extends BaseRMTestCase
        params = new RecordsManagementAuditQueryParameters();
        params.setUser(recordsManagerName);
-        getAuditTrail(params, 3, rmAdminName);
+        getAuditTrail(params, 3, ADMIN_USER);
        // test filter by date
        params = new RecordsManagementAuditQueryParameters();
        params.setDateFrom(snapShot);
-        getAuditTrail(params, 13, rmAdminName);
+        getAuditTrail(params, 13, ADMIN_USER);
        params = new RecordsManagementAuditQueryParameters();
        params.setDateTo(snapShot);
-        getAuditTrail(params, 14, rmAdminName);
+        getAuditTrail(params, 14, ADMIN_USER);
        params.setDateFrom(testStartTime);
-        getAuditTrail(params, 15, rmAdminName);
+        getAuditTrail(params, 15, ADMIN_USER);
        // test filter by object
-        updateTitle(record, rmAdminName);
+        updateTitle(record, ADMIN_USER);
-        updateTitle(record, rmAdminName);
+        updateTitle(record, ADMIN_USER);
-        updateTitle(record, rmAdminName);
+        updateTitle(record, ADMIN_USER);
        params = new RecordsManagementAuditQueryParameters();
        params.setNodeRef(record);
-        getAuditTrail(params, 5, rmAdminName);
+        getAuditTrail(params, 5, ADMIN_USER);
        // test filter by event
        params = new RecordsManagementAuditQueryParameters();
     //   params.setEvent("cutoff");
-     //   getAuditTrail(params, 0, rmAdminName);
+     //   getAuditTrail(params, 0, ADMIN_USER);
        params.setEvent("Update RM Object");
-        getAuditTrail(params, 10, rmAdminName);
+        getAuditTrail(params, 10, ADMIN_USER);
        // test filter by property
       // params = new RecordsManagementAuditQueryParameters();
        //params.setProperty(PROP_ADDRESSEES);
-        //getAuditTrail(params, 0, rmAdminName);
+        //getAuditTrail(params, 0, ADMIN_USER);
       // params.setProperty(PROP_TITLE);
-       // getAuditTrail(params, 10, rmAdminName);
+       // getAuditTrail(params, 10, ADMIN_USER);
    }
    /**
@@ -260,16 +260,16 @@ public class RecordsManagementAuditServiceImplTest extends BaseRMTestCase
        Thread.sleep(5000);
-        List<RecordsManagementAuditEntry> result1 = getAuditTrail(rmAdminName);
+        List<RecordsManagementAuditEntry> result1 = getAuditTrail(ADMIN_USER);
        assertNotNull(result1);
        // Update the fileplan
-        updateTitle(filePlan, rmAdminName);
+        updateTitle(filePlan, ADMIN_USER);
        Thread.sleep(5000);
        // There should be no new audit entries
-        List<RecordsManagementAuditEntry> result2 = getAuditTrail(rmAdminName);
+        List<RecordsManagementAuditEntry> result2 = getAuditTrail(ADMIN_USER);
        assertNotNull(result2);
        assertEquals(
                "Audit results should not have changed after auditing was disabled",
@@ -277,11 +277,11 @@ public class RecordsManagementAuditServiceImplTest extends BaseRMTestCase
        // repeat with a start
        rmAuditService.startAuditLog(filePlan);
-        updateTitle(filePlan, rmAdminName);
+        updateTitle(filePlan, ADMIN_USER);
        Thread.sleep(5000);
-        List<RecordsManagementAuditEntry> result3 = getAuditTrail(rmAdminName);
+        List<RecordsManagementAuditEntry> result3 = getAuditTrail(ADMIN_USER);
        assertNotNull(result3);
        assertTrue(
                "Expected more results after enabling audit",
@@ -294,7 +294,7 @@ public class RecordsManagementAuditServiceImplTest extends BaseRMTestCase
        rmAuditService.clearAuditLog(filePlan);
        // There should be no entries
-        List<RecordsManagementAuditEntry> result4 = getAuditTrail(rmAdminName);
+        List<RecordsManagementAuditEntry> result4 = getAuditTrail(ADMIN_USER);
        assertNotNull(result4);
        assertEquals(
                "Audit entries should have been cleared",
@@ -342,7 +342,7 @@ public class RecordsManagementAuditServiceImplTest extends BaseRMTestCase
            AuthenticationUtil.popAuthentication();
        }
        rmAuditService.stopAuditLog(filePlan);
-        List<RecordsManagementAuditEntry> result1 = getAuditTrail(rmAdminName);
+        List<RecordsManagementAuditEntry> result1 = getAuditTrail(ADMIN_USER);
        // Check that the username is reflected correctly in the results
        assertFalse("No audit results were generated for the failed login.", result1.isEmpty());
        boolean found = false;
@@ -386,7 +386,7 @@ public class RecordsManagementAuditServiceImplTest extends BaseRMTestCase
            AuthenticationUtil.popAuthentication();
        }
        rmAuditService.stopAuditLog(filePlan);
-        List<RecordsManagementAuditEntry> result2 = getAuditTrail(rmAdminName);
+        List<RecordsManagementAuditEntry> result2 = getAuditTrail(ADMIN_USER);
        found = false;
        for (RecordsManagementAuditEntry entry : result2)
        {
--- a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/util/BaseRMTestCase.java
+++ b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/util/BaseRMTestCase.java
@@ -45,7 +45,6 @@ import org.alfresco.module.org_alfresco_module_rm.report.ReportService;
 import org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService;
 import org.alfresco.module.org_alfresco_module_rm.search.RecordsManagementSearchService;
 import org.alfresco.module.org_alfresco_module_rm.security.ExtendedSecurityService;
 import org.alfresco.module.org_alfresco_module_rm.security.FilePlanAuthenticationService;
 import org.alfresco.module.org_alfresco_module_rm.security.FilePlanPermissionService;
 import org.alfresco.module.org_alfresco_module_rm.vital.VitalRecordService;
 import org.alfresco.repo.policy.BehaviourFilter;
@@ -104,12 +103,12 @@ public abstract class BaseRMTestCase extends RetryingTransactionHelperTestCase
    protected QName ASPECT_CUSTOM_ASPECT = QName.createQName(URI, "customAspect");
    protected QName ASPECT_RECORD_META_DATA = QName.createQName(URI, "recordMetaData");
    /** admin user */
    protected static final String ADMIN_USER = "admin";
    /** Common test utils */
    protected CommonRMTestUtils utils;
    /** RM Admin user name */
    protected String rmAdminUserName;
    /** Services */
    protected NodeService nodeService;
    protected ContentService contentService;
@@ -143,7 +142,6 @@ public abstract class BaseRMTestCase extends RetryingTransactionHelperTestCase
    protected FreezeService freezeService;
    protected RecordService recordService;
    protected FilePlanService filePlanService;
    protected FilePlanAuthenticationService filePlanAuthenticationService;
    protected RecordFolderService recordFolderService;
    protected ExtendedSecurityService extendedSecurityService;
    protected ReportService reportService;
@@ -224,7 +222,6 @@ public abstract class BaseRMTestCase extends RetryingTransactionHelperTestCase
    protected String powerUserName;
    protected String securityOfficerName;
    protected String recordsManagerName;
    protected String rmAdminName;
    /** test people */
    protected NodeRef userPerson;
@@ -232,7 +229,6 @@ public abstract class BaseRMTestCase extends RetryingTransactionHelperTestCase
    protected NodeRef powerUserPerson;
    protected NodeRef securityOfficerPerson;
    protected NodeRef recordsManagerPerson;
    protected NodeRef rmAdminPerson;
    /** test records */
    protected NodeRef recordOne;
@@ -320,20 +316,6 @@ public abstract class BaseRMTestCase extends RetryingTransactionHelperTestCase
        // Initialise the service beans
        initServices();
        // grab the rmadmin user name
        retryingTransactionHelper.doInTransaction(new RetryingTransactionCallback<Object>()
        {
            @Override
            public Object execute() throws Throwable
            {
                // As system user
                AuthenticationUtil.setFullyAuthenticatedUser(AuthenticationUtil.getSystemUserName());
                rmAdminUserName = filePlanAuthenticationService.getRmAdminUserName();
                return null;
            }
        });
        // Setup test data
        setupTestData();
@@ -394,7 +376,6 @@ public abstract class BaseRMTestCase extends RetryingTransactionHelperTestCase
        freezeService = (FreezeService) applicationContext.getBean("FreezeService");
        recordService = (RecordService) applicationContext.getBean("RecordService");
        filePlanService = (FilePlanService) applicationContext.getBean("FilePlanService");
        filePlanAuthenticationService = (FilePlanAuthenticationService) applicationContext.getBean("FilePlanAuthenticationService");
        recordFolderService = (RecordFolderService) applicationContext.getBean("RecordFolderService");
        extendedSecurityService = (ExtendedSecurityService) applicationContext.getBean("ExtendedSecurityService");
        reportService = (ReportService) applicationContext.getBean("ReportService");
@@ -542,8 +523,8 @@ public abstract class BaseRMTestCase extends RetryingTransactionHelperTestCase
              containerProps).getChildRef();
        assertNotNull("Could not create base folder", folder);
-        permissionService.setPermission(folder, "rmadmin", PermissionService.WRITE, true);
+        permissionService.setPermission(folder, ADMIN_USER, PermissionService.WRITE, true);
-        permissionService.setPermission(folder, "rmadmin", PermissionService.ADD_CHILDREN, true);
+        permissionService.setPermission(folder, ADMIN_USER, PermissionService.ADD_CHILDREN, true);
        if (isRMSiteTest())
        {
@@ -622,18 +603,13 @@ public abstract class BaseRMTestCase extends RetryingTransactionHelperTestCase
        recordsManagerPerson = createPerson(recordsManagerName);
        filePlanRoleService.assignRoleToAuthority(filePlan, FilePlanRoleService.ROLE_RECORDS_MANAGER, recordsManagerName);
        rmAdminName = GUID.generate();
        rmAdminPerson = createPerson(rmAdminName);
        filePlanRoleService.assignRoleToAuthority(filePlan, FilePlanRoleService.ROLE_ADMIN, rmAdminName);
        testUsers = new String[]
        {
                userName,
                rmUserName,
                powerUserName,
                securityOfficerName,
-                recordsManagerName,
+                recordsManagerName
                rmAdminName
        };
        if (isFillingForAllUsers())
@@ -769,7 +745,7 @@ public abstract class BaseRMTestCase extends RetryingTransactionHelperTestCase
    }
    /**
-     * Override to ensure the tests are run as the 'rmadmin' user by default.
+     * Override to ensure the tests are run as the 'admin' user by default.
     */
    @Override
@@ -812,70 +788,70 @@ public abstract class BaseRMTestCase extends RetryingTransactionHelperTestCase
            // empty implementation
        }
    }
-    
+
    /**
     * Execute behaviour driven test.
-     * 
+     *
     * @param test
     */
    protected void doBehaviourDrivenTest(BehaviourDrivenTest test)
    {
        test.run();
    }
-    
+
    /**
     * Behaviour driven test.
-     * 
+     *
     * @author Roy Wetherall
     * @since 2.2
     */
    protected abstract class BehaviourDrivenTest
    {
        protected Class<?> expectedException;
-        
+
        public BehaviourDrivenTest()
        {
        }
-        
+
        public BehaviourDrivenTest(Class<?> expectedException)
        {
            this.expectedException = expectedException;
        }
-        
+
        public void given() { /** empty implementation */ }
-        
+
        public void when() { /** empty implementation */ }
-        
+
        public void then() { /** empty implementation */ }
-        
+
        public void after() { /** empty implementation */ }
-        
+
        public void run()
        {
            try
            {
                doTestInTransaction(new VoidTest()
-                {                
+                {
                    @Override
                    public void runImpl() throws Exception
                    {
-                       given(); 
+                       given();
                    }
                });
-                
+
                if (expectedException == null)
                {
                    doTestInTransaction(new VoidTest()
-                    {                
+                    {
                        @Override
                        public void runImpl() throws Exception
                        {
                            when();
                        }
                    });
-                    
+
                    doTestInTransaction(new VoidTest()
-                    {                
+                    {
                        @Override
                        public void runImpl() throws Exception
                        {
@@ -886,26 +862,26 @@ public abstract class BaseRMTestCase extends RetryingTransactionHelperTestCase
                else
                {
                    doTestInTransaction(new FailureTest(expectedException)
-                    {                    
+                    {
                        @Override
                        public void run() throws Exception
                        {
                            when();
                        }
-                    });                
+                    });
                }
            }
            finally
-            {            
+            {
                doTestInTransaction(new VoidTest()
-                {                
+                {
                    @Override
                    public void runImpl() throws Exception
                    {
-                       after(); 
+                       after();
                    }
                });
            }
-        }        
+        }
    }
 }
--- a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/util/BaseRMWebScriptTestCase.java
+++ b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/util/BaseRMWebScriptTestCase.java
@@ -122,6 +122,9 @@ public class BaseRMWebScriptTestCase extends BaseWebScriptTest
    protected NodeRef recordFolder2;
    protected String collabSiteId;
    /** admin user name */
    protected static final String ADMIN_USER = "admin";
    /**
     * Indicates whether the test collaboration site should be created
     * or not.
@@ -248,7 +251,7 @@ public class BaseRMWebScriptTestCase extends BaseWebScriptTest
                // As system user
                AuthenticationUtil.setFullyAuthenticatedUser(AuthenticationUtil.getSystemUserName());
-                filePlanRoleService.assignRoleToAuthority(filePlan, FilePlanRoleService.ROLE_ADMIN, "rmadmin");
+                filePlanRoleService.assignRoleToAuthority(filePlan, FilePlanRoleService.ROLE_ADMIN, ADMIN_USER);
                return null;
            }
--- a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/webscript/RoleRestApiTest.java
+++ b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/webscript/RoleRestApiTest.java
@@ -69,9 +69,9 @@ public class RoleRestApiTest extends BaseRMWebScriptTestCase
        // Create a couple or roles by hand
        filePlanRoleService.createRole(filePlan, role1, "My Test Role", getListOfCapabilities(5));
        filePlanRoleService.createRole(filePlan, role2, "My Test Role Too", getListOfCapabilities(5));
-        
+
        //The user can either enter a plain text label or a key to look up in a property file.
-        filePlanRoleService.createRole(filePlan, role3, "bootstrap.rmadmin.lastName", getListOfCapabilities(5));
+        filePlanRoleService.createRole(filePlan, role3, "System Administrator", getListOfCapabilities(5));
        // create test group
        String groupName = GUID.generate();
@@ -102,7 +102,7 @@ public class RoleRestApiTest extends BaseRMWebScriptTestCase
            assertEquals(role2, roleObj.get("name"));
            assertEquals("My Test Role Too", roleObj.get("displayLabel"));
            checkCapabilities(roleObj, 5);
-            
+
            //Custom role with a user entered message key
            roleObj = roles.getJSONObject(role3);
            assertNotNull(roleObj);