Merged HEAD-BUG-FIX (5.0/Cloud) to HEAD (5.0/Cloud)

78359: Merged V4.2-BUG-FIX (4.2.4) to HEAD-BUG-FIX (5.0/Cloud)
      76619: Merged DEV to V4.2-BUG-FIX (4.2.4).
         76456: MNT-10693 Changing permission on a document changes its modified fields in Share
         76496: MNT-10693 Changing permission on a document changes its modified fields in Share
         76499: MNT-10693 Changing permission on a document changes its modified fields in Share
                   - In PermissionServiceTest.testPreserveAuditableData() was made changes.
         76520: MNT-10693 Changing permission on a document changes its modified fields in Share
                   - In AbstractPermissionTest was changed visibility of 'applicationContext' to 'protected'. 


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@82530 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261

config/alfresco/dao/dao-context.xml

@@ -308,6 +308,8 @@
    <bean id="admNodeACLDAO" class="org.alfresco.repo.domain.permissions.ADMAccessControlListDAO">
       <property name="nodeDAO" ref="nodeDAO"/>
       <property name="aclDAO" ref="aclDAO"/>
+      <property name="behaviourFilter" ref="policyBehaviourFilter" />
+      <property name="preserveAuditableData" value="${system.auditableData.ACLs}"></property>
    </bean>
     
    <bean id="avmNodeACLDAO" class="org.alfresco.repo.domain.permissions.AVMAccessControlListDAO">

config/alfresco/model-specific-services-context.xml

@@ -58,7 +58,7 @@
       <property name="mimetypeService"><ref bean="mimetypeService" /></property>
       <property name="hiddenAspect"><ref bean="hiddenAspect" /></property>
       <property name="behaviourFilter" ref="policyBehaviourFilter"></property>
-      <property name="preserveModificationData" value="${system.preserve.modificationData}"></property>
+      <property name="preserveAuditableData" value="${system.auditableData.FileFolderService}"></property>
 
       <property name="cannedQueryRegistry" ref="fileFolderCannedQueryRegistry"/>
       <property name="defaultListMaxResults" value="${system.filefolderservice.defaultListMaxResults}"/>

config/alfresco/repository.properties

@@ -199,7 +199,14 @@ system.acl.maxPermissionChecks=1000
 
 # The maximum number of filefolder list results
 system.filefolderservice.defaultListMaxResults=5000
+# DEPRECATED: Use 'system.auditableData.preserve'
 system.preserve.modificationData=false
+# The default to preserve all cm:auditable data on a node when the process is not directly driven by a user action
+system.auditableData.preserve=${system.preserve.modificationData}
+# Specific control of how the FileFolderService treats cm:auditable data when performing moves
+system.auditableData.FileFolderService=${system.auditableData.preserve}
+# Specific control of whether ACL changes on a node trigger the cm:auditable aspect
+system.auditableData.ACLs=${system.auditableData.preserve}
 
 # Properties to control read permission evaluation for acegi
 system.readpermissions.optimise=true

source/java/org/alfresco/repo/domain/permissions/ADMAccessControlListDAO.java

@@ -23,9 +23,11 @@ import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 
+import org.alfresco.model.ContentModel;
 import org.alfresco.repo.domain.node.NodeDAO;
 import org.alfresco.repo.domain.node.NodeIdAndAclId;
 import org.alfresco.repo.domain.permissions.AVMAccessControlListDAO.CounterSet;
+import org.alfresco.repo.policy.BehaviourFilter;
 import org.alfresco.repo.security.permissions.ACLType;
 import org.alfresco.repo.security.permissions.AccessControlList;
 import org.alfresco.repo.security.permissions.AccessControlListProperties;
@@ -53,6 +55,9 @@ public class ADMAccessControlListDAO implements AccessControlListDAO
 
     private AclDAO aclDaoComponent;
     
+    private BehaviourFilter behaviourFilter;
+    private boolean preserveAuditableData = true;
+
     public void setNodeDAO(NodeDAO nodeDAO)
     {
         this.nodeDAO = nodeDAO;
@@ -63,6 +68,21 @@ public class ADMAccessControlListDAO implements AccessControlListDAO
         this.aclDaoComponent = aclDaoComponent;
     }
     
+    public void setBehaviourFilter(BehaviourFilter behaviourFilter)
+    {
+        this.behaviourFilter = behaviourFilter;
+    }
+
+    public void setPreserveAuditableData(boolean preserveAuditableData)
+    {
+        this.preserveAuditableData = preserveAuditableData;
+    }
+    
+    public boolean isPreserveAuditableData()
+    {
+        return preserveAuditableData;
+    }
+
     public void forceCopy(NodeRef nodeRef)
     {
         // Nothing to do
@@ -249,10 +269,26 @@ public class ADMAccessControlListDAO implements AccessControlListDAO
     }
 
     public void setAccessControlList(NodeRef nodeRef, Long aclId)
+    {
+        boolean auditableBehaviorWasDisabled = preserveAuditableData && behaviourFilter.isEnabled(ContentModel.ASPECT_AUDITABLE);
+        if (auditableBehaviorWasDisabled)
+        {
+            behaviourFilter.disableBehaviour(ContentModel.ASPECT_AUDITABLE);
+        }
+        
+        try
         {
             Long nodeId = getNodeIdNotNull(nodeRef);
             nodeDAO.setNodeAclId(nodeId, aclId);
         }
+        finally
+        {
+            if (auditableBehaviorWasDisabled)
+            {
+                behaviourFilter.enableBehaviour(ContentModel.ASPECT_AUDITABLE);
+            }
+        }
+    }
 
     public void setAccessControlList(NodeRef nodeRef, Acl acl)
     {

source/java/org/alfresco/repo/model/filefolder/FileFolderServiceImpl.java

@@ -136,7 +136,7 @@ public class FileFolderServiceImpl extends AbstractBaseCopyService implements Fi
     private BehaviourFilter behaviourFilter;
     private NamedObjectRegistry<CannedQueryFactory<NodeRef>> cannedQueryRegistry;
 
-    private boolean preserveModificationData = true;
+    private boolean preserveAuditableData = true;
 
     // TODO: Replace this with a more formal means of identifying "system" folders (i.e. aspect or UUID)
     private List<String> systemPaths;
@@ -216,14 +216,14 @@ public class FileFolderServiceImpl extends AbstractBaseCopyService implements Fi
         this.behaviourFilter = behaviourFilter;
     }
 
-    public void setPreserveModificationData(boolean preserveModificationData)
+    public void setPreserveAuditableData(boolean preserveAuditableData)
     {
-        this.preserveModificationData = preserveModificationData;
+        this.preserveAuditableData = preserveAuditableData;
     }
 
-    public boolean isPreserveModificationData()
+    public boolean isPreserveAuditableData()
     {
-        return preserveModificationData;
+        return preserveAuditableData;
     }
 
 
@@ -1084,7 +1084,7 @@ public class FileFolderServiceImpl extends AbstractBaseCopyService implements Fi
                     if (isPrimaryParent)
                     {
                         // move the node so that the association moves as well
-                        boolean auditableBehaviorWasDisabled = preserveModificationData && behaviourFilter.isEnabled(ContentModel.ASPECT_AUDITABLE);
+                        boolean auditableBehaviorWasDisabled = preserveAuditableData && behaviourFilter.isEnabled(ContentModel.ASPECT_AUDITABLE);
                         if (auditableBehaviorWasDisabled)
                         {
                             behaviourFilter.disableBehaviour(ContentModel.ASPECT_AUDITABLE);

source/test-java/org/alfresco/repo/model/filefolder/FileFolderServicePropagationTest.java

@@ -97,7 +97,7 @@ public class FileFolderServicePropagationTest extends TestCase
 
         if (null == defaultPreservationValue)
         {
-            defaultPreservationValue = fileFolderService.isPreserveModificationData();
+            defaultPreservationValue = fileFolderService.isPreserveAuditableData();
         }
 
         ServiceRegistry serviceRegistry = (ServiceRegistry) applicationContext.getBean(ServiceRegistry.SERVICE_REGISTRY);
@@ -162,7 +162,7 @@ public class FileFolderServicePropagationTest extends TestCase
     public void tearDown() throws Exception
     {
         // Resetting to default value...
-        fileFolderService.setPreserveModificationData(defaultPreservationValue);
+        fileFolderService.setPreserveAuditableData(defaultPreservationValue);
 
         transactionService.getRetryingTransactionHelper().doInTransaction(new RetryingTransactionCallback<Void>()
         {
@@ -197,7 +197,7 @@ public class FileFolderServicePropagationTest extends TestCase
         }
 
         // Enabling preservation of modification properties data...
-        fileFolderService.setPreserveModificationData(true);
+        fileFolderService.setPreserveAuditableData(true);
         transactionService.getRetryingTransactionHelper().doInTransaction(new RetryingTransactionCallback<Void>()
         {
             @Override
@@ -223,7 +223,7 @@ public class FileFolderServicePropagationTest extends TestCase
         }
 
         // Enabling preservation of modification properties data...
-        fileFolderService.setPreserveModificationData(true);
+        fileFolderService.setPreserveAuditableData(true);
         transactionService.getRetryingTransactionHelper().doInTransaction(new RetryingTransactionCallback<Void>()
         {
             @Override
@@ -249,7 +249,7 @@ public class FileFolderServicePropagationTest extends TestCase
         }
 
         // Enabling preservation of modification properties data...
-        fileFolderService.setPreserveModificationData(true);
+        fileFolderService.setPreserveAuditableData(true);
         transactionService.getRetryingTransactionHelper().doInTransaction(new RetryingTransactionCallback<Void>()
         {
             @Override
@@ -297,7 +297,7 @@ public class FileFolderServicePropagationTest extends TestCase
         }
 
         // Disabling preservation of modification properties data... 
-        fileFolderService.setPreserveModificationData(false);
+        fileFolderService.setPreserveAuditableData(false);
         transactionService.getRetryingTransactionHelper().doInTransaction(new RetryingTransactionCallback<Void>()
         {
             @Override
@@ -325,7 +325,7 @@ public class FileFolderServicePropagationTest extends TestCase
         }
 
         // Disabling preservation of modification properties data...
-        fileFolderService.setPreserveModificationData(false);
+        fileFolderService.setPreserveAuditableData(false);
         transactionService.getRetryingTransactionHelper().doInTransaction(new RetryingTransactionCallback<Void>()
         {
             @Override
@@ -353,7 +353,7 @@ public class FileFolderServicePropagationTest extends TestCase
         }
 
         // Disabling preservation of modification properties data...
-        fileFolderService.setPreserveModificationData(false);
+        fileFolderService.setPreserveAuditableData(false);
         transactionService.getRetryingTransactionHelper().doInTransaction(new RetryingTransactionCallback<Void>()
         {
             @Override

source/test-java/org/alfresco/repo/security/permissions/impl/AbstractPermissionTest.java

@@ -58,7 +58,7 @@ import org.springframework.orm.hibernate3.LocalSessionFactoryBean;
 
 public class AbstractPermissionTest extends TestCase
 {
-    private static ApplicationContext applicationContext = ApplicationContextHelper.getApplicationContext();
+    protected static ApplicationContext applicationContext = ApplicationContextHelper.getApplicationContext();
     
     protected static final String ROLE_AUTHENTICATED = "ROLE_AUTHENTICATED";
 

source/test-java/org/alfresco/repo/security/permissions/impl/PermissionServiceTest.java

@@ -27,6 +27,7 @@ import net.sf.acegisecurity.Authentication;
 import net.sf.acegisecurity.GrantedAuthority;
 
 import org.alfresco.model.ContentModel;
+import org.alfresco.repo.domain.permissions.ADMAccessControlListDAO;
 import org.alfresco.repo.model.filefolder.FileFolderServiceImpl;
 import org.alfresco.repo.security.authentication.AuthenticationUtil;
 import org.alfresco.repo.security.permissions.ACLType;
@@ -3384,6 +3385,47 @@ public class PermissionServiceTest extends AbstractPermissionTest
         //assertTrue("Time was "+(end - start)/1000000000.0f, end == start);
     }
     
+    public void testPreserveAuditableData()
+    {
+        ADMAccessControlListDAO accessControlListDao = (ADMAccessControlListDAO) applicationContext.getBean("admNodeACLDAO");
+        boolean preserveAuditableData = accessControlListDao.isPreserveAuditableData();
+        
+        runAs("admin");
+        
+        personService.getPerson("andy");
+        personService.getPerson("userTwo");
+        
+        NodeRef folder = nodeService.createNode(rootNodeRef, ContentModel.ASSOC_CHILDREN, QName.createQName("{namespace}Folder"), ContentModel.TYPE_FOLDER).getChildRef();;
+        NodeRef content1 = nodeService.createNode(folder, ContentModel.ASSOC_CHILDREN, QName.createQName("{namespace}content1"), ContentModel.TYPE_CONTENT).getChildRef();;
+        NodeRef content2 = nodeService.createNode(folder, ContentModel.ASSOC_CHILDREN, QName.createQName("{namespace}content2"), ContentModel.TYPE_CONTENT).getChildRef();;
+        
+        try
+        {
+            permissionService.setPermission(folder, "andy", PermissionService.COORDINATOR, true);
+            
+            assertEquals("admin", nodeService.getProperty(content1, ContentModel.PROP_MODIFIER));
+        
+            accessControlListDao.setPreserveAuditableData(true);
+        
+            runAs("andy");
+            permissionService.setPermission(content1, "userTwo", PermissionService.COORDINATOR, true);
+            assertEquals("admin", nodeService.getProperty(content1, ContentModel.PROP_MODIFIER));
+        
+            accessControlListDao.setPreserveAuditableData(false);
+        
+            permissionService.setPermission(content2, "userTwo", PermissionService.COORDINATOR, true);
+            assertEquals("andy", nodeService.getProperty(content2, ContentModel.PROP_MODIFIER));
+        }
+        finally
+        {
+            accessControlListDao.setPreserveAuditableData(preserveAuditableData);
+            if (folder != null)
+            {
+                nodeService.deleteNode(folder);
+            }
+        }
+    }
+
 
     public void xtestFindNodesByPermission()
     {