Merged HEAD-BUG-FIX (4.3/Cloud) to HEAD (4.3/Cloud)

70223: Merged V4.2-BUG-FIX (4.2.3) to HEAD-BUG-FIX (4.3/Cloud) 70056: Merged DEV to V4.2-BUG-FIX (4.2.3) 69689 : MNT-10946 : Admin is no longer able to unlock files - Check if node is locked for non-admin users. Fix related test 69751 : MNT-10946 : Admin is no longer able to unlock files - Changed warn message git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@70488 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2025-08-07 17:49:17 +00:00 · 2014-05-16 20:33:29 +00:00
parent 1e78beacf2
commit a6e1c48e84
4 changed files with 78 additions and 4 deletions
--- a/source/java/org/alfresco/repo/lock/LockServiceImpl.java
+++ b/source/java/org/alfresco/repo/lock/LockServiceImpl.java
@@ -66,6 +66,8 @@ import org.alfresco.service.cmr.repository.StoreRef;
 import org.alfresco.service.cmr.search.ResultSet;
 import org.alfresco.service.cmr.search.SearchService;
 import org.alfresco.service.cmr.security.AuthenticationService;
+import org.alfresco.service.cmr.security.AuthorityService;
+import org.alfresco.service.cmr.security.PermissionService;
 import org.alfresco.service.namespace.QName;
 import org.alfresco.util.Pair;
 import org.alfresco.util.PropertyCheck;
@@ -94,6 +96,7 @@ public class LockServiceImpl implements LockService,
    private TenantService tenantService;
    private AuthenticationService authenticationService;
    private SearchService searchService;
+    private AuthorityService authorityService;
    private BehaviourFilter behaviourFilter;
    private LockStore lockStore;
    private PolicyComponent policyComponent;
@@ -139,6 +142,10 @@ public class LockServiceImpl implements LockService,
        this.searchService = searchService;
    }

+    public void setAuthorityService(AuthorityService authorityService) {
+        this.authorityService = authorityService;
+    }
+
    /**
     * Initialise methods called by Spring framework
     */
@@ -473,6 +480,8 @@ public class LockServiceImpl implements LockService,
        
        if (lockState.isLockInfo())
        {
+            // check if the node is the user able to unlock the node
+            checkForLockIfNotAdmin(nodeRef);
        	// MNT-231: forbidden to unlock a checked out node
            if (!allowCheckedOut && nodeService.hasAspect(nodeRef, ContentModel.ASPECT_CHECKED_OUT))
            {
@@ -503,8 +512,8 @@ public class LockServiceImpl implements LockService,
            }
            else if (lifetime == Lifetime.EPHEMERAL)
            {
-                // Remove the ephemeral lock.
-                lockStore.set(nodeRef, LockState.createUnlocked(nodeRef));
+                // force unlock the ephemeral lock.
+                lockStore.forceUnlock(nodeRef);
                nodeIndexer.indexUpdateNode(nodeRef);
            }
            else
@@ -656,6 +665,16 @@ public class LockServiceImpl implements LockService,
            }
        }
    }
+    
+    private void checkForLockIfNotAdmin(NodeRef nodeRef)
+    {
+        Set<String> userAuthorities = authorityService.getAuthoritiesForUser(AuthenticationUtil.getRunAsUser());
+        // ignore checkForLock for admins
+        if (!userAuthorities.contains(PermissionService.ADMINISTRATOR_AUTHORITY))
+        {
+            checkForLock(nodeRef);	
+        }
+    }

    /**
     * Ensures that the parent is not locked.