[maven-release-plugin][skip ci] prepare release 11.139

This reverts commit 5807e756bd.

amps/ags/pom.xml

@@ -7,7 +7,7 @@
    <parent>
       <groupId>org.alfresco</groupId>
       <artifactId>alfresco-community-repo-amps</artifactId>
-      <version>11.125</version>
+      <version>11.139</version>
    </parent>
 
    <modules>

amps/ags/rm-automation/pom.xml

@@ -7,7 +7,7 @@
    <parent>
       <groupId>org.alfresco</groupId>
       <artifactId>alfresco-governance-services-community-parent</artifactId>
-      <version>11.125</version>
+      <version>11.139</version>
    </parent>
 
    <modules>

amps/ags/rm-automation/rm-automation-community-rest-api/pom.xml

@@ -7,7 +7,7 @@
    <parent>
       <groupId>org.alfresco</groupId>
       <artifactId>alfresco-governance-services-automation-community-repo</artifactId>
-      <version>11.125</version>
+      <version>11.139</version>
    </parent>
 
 

amps/ags/rm-community/pom.xml

@@ -7,7 +7,7 @@
    <parent>
       <groupId>org.alfresco</groupId>
       <artifactId>alfresco-governance-services-community-parent</artifactId>
-      <version>11.125</version>
+      <version>11.139</version>
    </parent>
 
    <modules>

amps/ags/rm-community/rm-community-repo/config/alfresco/module/org_alfresco_module_rm/messages/action-service_cs.properties

@@ -45,4 +45,4 @@ rm.action.create.transfer.container.child-error-message=Nelze vytv\u00e1\u0159et
 rm.action.create.transfer.child-error-message=Nelze vytv\u00e1\u0159et polo\u017eky ve slo\u017ece p\u0159enosu.
 rm.action.create.record.folder.child-error-message=Z\u00e1znamy je mo\u017en\u00e9 vytv\u00e1\u0159et pouze ve slo\u017ek\u00e1ch z\u00e1znam\u016f a toto bylo {0}.
 rm.action.transfer-non-editable=Nelze upravovat metadata kontejneru nebo slo\u017eky pro p\u0159enos.
-
+rm.action.node.frozen.error-message=Akci {0} nelze prov\u00e9st, proto\u017ee uzel je zablokovan\u00fd nebo m\u00e1 zablokovan\u00e9 pod\u0159\u00edzen\u00e9 prvky.

amps/ags/rm-community/rm-community-repo/config/alfresco/module/org_alfresco_module_rm/messages/action-service_da.properties

@@ -45,4 +45,4 @@ rm.action.create.transfer.container.child-error-message=Du kan ikke oprette elem
 rm.action.create.transfer.child-error-message=Du kan ikke oprette elementer i Overf\u00f8r-mapper.
 rm.action.create.record.folder.child-error-message=Du kan kun oprette poster i postmapper, og dette var en {0}.
 rm.action.transfer-non-editable=Du kan ikke redigere overf\u00f8rselsmappe- eller container-metadata.
-
+rm.action.node.frozen.error-message=Handlingen kan ikke udf\u00f8res {0}, fordi noden er l\u00e5st eller har l\u00e5ste underordnede noder.

amps/ags/rm-community/rm-community-repo/config/alfresco/module/org_alfresco_module_rm/messages/action-service_de.properties

@@ -45,4 +45,4 @@ rm.action.create.transfer.container.child-error-message=Sie k\u00f6nnen keine El
 rm.action.create.transfer.child-error-message=Sie k\u00f6nnen keine Elemente in \u00dcbertragungsordnern erstellen.
 rm.action.create.record.folder.child-error-message=In Record-Ordnern k\u00f6nnen Sie nur Records erstellen. Das war aber ein {0}.
 rm.action.transfer-non-editable=Sie k\u00f6nnen Metadaten von \u00dcbertragungsordnern oder -containern nicht bearbeiten.
-
+rm.action.node.frozen.error-message=Die Aktion ''{0}'' kann nicht ausgef\u00fchrt werden, da der Knoten oder untergeordnete Elemente von ihm festgefahren ist bzw. sind.

amps/ags/rm-community/rm-community-repo/config/alfresco/module/org_alfresco_module_rm/messages/action-service_es.properties

@@ -45,4 +45,4 @@ rm.action.create.transfer.container.child-error-message=No se pueden crear eleme
 rm.action.create.transfer.child-error-message=No se pueden crear elementos en las carpetas de transferencia.
 rm.action.create.record.folder.child-error-message=Solo puede crear documentos de archivo en carpetas de documentos de archivo. {0} no se puede crear aqu\u00ed.
 rm.action.transfer-non-editable=No se puede editar una carpeta de transferencia ni los metadatos de un contenedor.
-
+rm.action.node.frozen.error-message=No se puede realizar la acci\u00f3n {0} porque el nodo est\u00e1 congelado o tiene elementos secundarios congelados.

amps/ags/rm-community/rm-community-repo/config/alfresco/module/org_alfresco_module_rm/messages/action-service_fi.properties

@@ -45,4 +45,4 @@ rm.action.create.transfer.container.child-error-message=Siirtos\u00e4ili\u00f6\u
 rm.action.create.transfer.child-error-message=Siirtokansioihin ei voi luoda kohteita.
 rm.action.create.record.folder.child-error-message=Tietuekansioihin voi luoda ainoastaan tietueita, mutta t\u00e4m\u00e4 oli {0}.
 rm.action.transfer-non-editable=Siirtokansion tai -s\u00e4ili\u00f6n metatietoja ei voi muokata.
-
+rm.action.node.frozen.error-message=Toimintoa {0} ei voitu suorittaa, koska solmu on j\u00e4\u00e4dytetty tai sill\u00e4 on j\u00e4\u00e4dytettyj\u00e4 alatasoja.

amps/ags/rm-community/rm-community-repo/config/alfresco/module/org_alfresco_module_rm/messages/action-service_fr.properties

@@ -45,4 +45,4 @@ rm.action.create.transfer.container.child-error-message=Impossible de cr\u00e9er
 rm.action.create.transfer.child-error-message=Impossible de cr\u00e9er des \u00e9l\u00e9ments dans les dossiers de transfert.
 rm.action.create.record.folder.child-error-message=Vous ne pouvez cr\u00e9er des documents d''archives que dans les dossiers d''archives, dans le cas pr\u00e9sent {0}.
 rm.action.transfer-non-editable=Impossible de modifier les m\u00e9tadonn\u00e9es de dossier de transfert ou de contenant.
-
+rm.action.node.frozen.error-message=Impossible d''effectuer l''action {0} car le n\u0153ud ou ses enfants sont gel\u00e9s.

amps/ags/rm-community/rm-community-repo/config/alfresco/module/org_alfresco_module_rm/messages/action-service_it.properties

@@ -45,4 +45,4 @@ rm.action.create.transfer.container.child-error-message=Impossibile creare eleme
 rm.action.create.transfer.child-error-message=Impossibile creare elementi nelle cartelle Trasferimento.
 rm.action.create.record.folder.child-error-message=I record possono essere creati solo nelle cartelle dei record e questa era {0}.
 rm.action.transfer-non-editable=Impossibile modificare la cartella di trasferimento o i metadati dei contenitori.
-
+rm.action.node.frozen.error-message=Impossibile eseguire l''azione {0} poich\u00e9 il nodo \u00e8 congelato o presenta nodi figlio congelati.

amps/ags/rm-community/rm-community-repo/config/alfresco/module/org_alfresco_module_rm/messages/action-service_ja.properties

@@ -45,4 +45,4 @@ rm.action.create.transfer.container.child-error-message=\u8ee2\u9001\u30b3\u30f3
 rm.action.create.transfer.child-error-message=\u8ee2\u9001\u30d5\u30a9\u30eb\u30c0\u5185\u3067\u306f\u30a2\u30a4\u30c6\u30e0\u3092\u4f5c\u6210\u3067\u304d\u307e\u305b\u3093\u3002
 rm.action.create.record.folder.child-error-message=\u30ec\u30b3\u30fc\u30c9\u3092\u4f5c\u6210\u3067\u304d\u308b\u306e\u306f\u30ec\u30b3\u30fc\u30c9\u30d5\u30a9\u30eb\u30c0\u5185\u306e\u307f\u3067\u3001\u3053\u308c\u306f {0} \u3067\u3059\u3002
 rm.action.transfer-non-editable=\u8ee2\u9001\u30d5\u30a9\u30eb\u30c0\u307e\u305f\u306f\u30b3\u30f3\u30c6\u30ca\u30e1\u30bf\u30c7\u30fc\u30bf\u306f\u7de8\u96c6\u3067\u304d\u307e\u305b\u3093\u3002
-
+rm.action.node.frozen.error-message=\u30ce\u30fc\u30c9\u304c\u30d5\u30ea\u30fc\u30ba\u3057\u3066\u3044\u308b\u304b\u3001\u307e\u305f\u306f\u5b50\u304c\u51cd\u7d50\u3057\u3066\u3044\u308b\u305f\u3081\u3001\u30a2\u30af\u30b7\u30e7\u30f3 {0}\u3092\u5b9f\u884c\u3067\u304d\u307e\u305b\u3093

amps/ags/rm-community/rm-community-repo/config/alfresco/module/org_alfresco_module_rm/messages/action-service_nb.properties

@@ -45,4 +45,4 @@ rm.action.create.transfer.container.child-error-message=Elementer kan ikke oppre
 rm.action.create.transfer.child-error-message=Elementer kan ikke opprettes i overf\u00f8ringsmapper.
 rm.action.create.record.folder.child-error-message=Oppf\u00f8ringer kan bare opprettes i oppf\u00f8ringsmapper, og dette er en {0}.
 rm.action.transfer-non-editable=Overf\u00f8ringsmapper eller beholdermetadata kan ikke redigeres.
-
+rm.action.node.frozen.error-message=Kan ikke utf\u00f8re handlingen {0} fordi noden er frossen eller har frosne underordnede elementer.

amps/ags/rm-community/rm-community-repo/config/alfresco/module/org_alfresco_module_rm/messages/action-service_nl.properties

@@ -45,4 +45,4 @@ rm.action.create.transfer.container.child-error-message=U kunt geen onderdelen m
 rm.action.create.transfer.child-error-message=U kunt geen onderdelen maken in overdrachtsmappen.
 rm.action.create.record.folder.child-error-message=U kunt alleen archiefstukken maken in archiefmappen en dit was een {0}.
 rm.action.transfer-non-editable=U kunt metagegevens in een overdrachtsmap of -container niet bewerken.
-
+rm.action.node.frozen.error-message=Kan de actie {0} niet uitvoeren omdat de node geblokkeerd is of geblokkeerde onderliggende elementen heeft.

amps/ags/rm-community/rm-community-repo/config/alfresco/module/org_alfresco_module_rm/messages/action-service_pl.properties

@@ -45,4 +45,4 @@ rm.action.create.transfer.container.child-error-message=Nie mo\u017cna utworzy\u
 rm.action.create.transfer.child-error-message=Nie mo\u017cna utworzy\u0107 pozycji w folderach przesy\u0142ania.
 rm.action.create.record.folder.child-error-message=W folderach rekord\u00f3w mo\u017cna tworzy\u0107 tylko rekordy, a to by\u0142o {0}.
 rm.action.transfer-non-editable=Nie mo\u017cna edytowa\u0107 folderu przesy\u0142ania ani metadanych kontenera.
-
+rm.action.node.frozen.error-message=Nie mo\u017cna wykona\u0107 czynno\u015bci {0}, poniewa\u017c w\u0119ze\u0142 jest zablokowany lub ma zablokowane elementy podrz\u0119dne.

amps/ags/rm-community/rm-community-repo/config/alfresco/module/org_alfresco_module_rm/messages/action-service_pt_BR.properties

@@ -45,4 +45,4 @@ rm.action.create.transfer.container.child-error-message=N\u00e3o \u00e9 poss\u00
 rm.action.create.transfer.child-error-message=N\u00e3o \u00e9 poss\u00edvel criar itens nas pastas de Transfer\u00eancia.
 rm.action.create.record.folder.child-error-message=\u00c9 poss\u00edvel apenas criar documentos arquiv\u00edsticos em pastas de documentos arquiv\u00edsticos; esta foi {0}.
 rm.action.transfer-non-editable=N\u00e3o \u00e9 poss\u00edvel editar os metadados das pastas de transfer\u00eancia ou cont\u00eainer.
-
+rm.action.node.frozen.error-message=N\u00e3o \u00e9 poss\u00edvel executar a a\u00e7\u00e3o {0} porque o n\u00f3 est\u00e1 congelado ou tem filhos congelados.

amps/ags/rm-community/rm-community-repo/config/alfresco/module/org_alfresco_module_rm/messages/action-service_ru.properties

@@ -45,4 +45,4 @@ rm.action.create.transfer.container.child-error-message=\u041d\u0435\u0432\u043e
 rm.action.create.transfer.child-error-message=\u041d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u044d\u043b\u0435\u043c\u0435\u043d\u0442\u044b \u0432 \u043f\u0430\u043f\u043a\u0430\u0445 \u043f\u0435\u0440\u0435\u0434\u0430\u0447\u0438.
 rm.action.create.record.folder.child-error-message=\u0417\u0430\u043f\u0438\u0441\u0438 \u043c\u043e\u0436\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u043f\u0430\u043f\u043a\u0430\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439, \u0430 \u044d\u0442\u043e {0}.
 rm.action.transfer-non-editable=\u041d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u0440\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043c\u0435\u0442\u0430\u0434\u0430\u043d\u043d\u044b\u0435 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430 \u0438\u043b\u0438 \u043f\u0430\u043f\u043a\u0438 \u043f\u0435\u0440\u0435\u0434\u0430\u0447\u0438.
-
+rm.action.node.frozen.error-message=\u041d\u0435 \u0443\u0434\u0430\u0435\u0442\u0441\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 {0}, \u043f\u043e\u0442\u043e\u043c\u0443 \u0447\u0442\u043e \u0443\u0437\u0435\u043b \u0437\u0430\u043a\u0440\u0435\u043f\u043b\u0435\u043d \u0438\u043b\u0438 \u0438\u043c\u0435\u0435\u0442 \u0437\u0430\u043a\u0440\u0435\u043f\u043b\u0435\u043d\u043d\u044b\u0435 \u0434\u043e\u0447\u0435\u0440\u043d\u0438\u0435 \u044d\u043b\u0435\u043c\u0435\u043d\u0442\u044b.

amps/ags/rm-community/rm-community-repo/config/alfresco/module/org_alfresco_module_rm/messages/action-service_sv.properties

@@ -45,4 +45,4 @@ rm.action.create.transfer.container.child-error-message=Du kan inte skapa objekt
 rm.action.create.transfer.child-error-message=Du kan inte skapa objekt i \u00d6verf\u00f6ringsmappar.
 rm.action.create.record.folder.child-error-message=Du kan endast skapa handlingar i handlingsmappar och detta var en {0}.
 rm.action.transfer-non-editable=Du kan inte redigera \u00f6verf\u00f6ringsmappen eller beh\u00e5llarens metadata.
-
+rm.action.node.frozen.error-message=Det gick inte att utf\u00f6ra \u00e5tg\u00e4rd {0} eftersom noden \u00e4r frusen eller har frysta underordnade.

amps/ags/rm-community/rm-community-repo/config/alfresco/module/org_alfresco_module_rm/messages/action-service_zh_CN.properties

@@ -45,4 +45,4 @@ rm.action.create.transfer.container.child-error-message=\u60a8\u65e0\u6cd5\u5728
 rm.action.create.transfer.child-error-message=\u60a8\u65e0\u6cd5\u5728 Transfer \u6587\u4ef6\u5939\u4e2d\u521b\u5efa\u9879\u76ee\u3002
 rm.action.create.record.folder.child-error-message=\u60a8\u53ea\u80fd\u5728\u8bb0\u5f55\u6587\u4ef6\u5939\u4e2d\u521b\u5efa\u8bb0\u5f55\uff0c\u4e14\u8fd9\u662f\u4e00\u4e2a {0}\u3002
 rm.action.transfer-non-editable=\u60a8\u65e0\u6cd5\u7f16\u8f91\u4f20\u8f93\u6587\u4ef6\u5939\u6216\u5bb9\u5668\u5143\u6570\u636e\u3002
-
+rm.action.node.frozen.error-message=\u65e0\u6cd5\u6267\u884c\u64cd\u4f5c{0}\uff0c\u56e0\u4e3a\u8282\u70b9\u5df2\u51bb\u7ed3\u6216\u51bb\u7ed3\u7684\u5b50\u8282\u70b9\u3002

amps/ags/rm-community/rm-community-repo/pom.xml

@@ -8,7 +8,7 @@
    <parent>
       <groupId>org.alfresco</groupId>
       <artifactId>alfresco-governance-services-community-repo-parent</artifactId>
-      <version>11.125</version>
+      <version>11.139</version>
    </parent>
 
    <properties>

amps/ags/rm-community/rm-community-rest-api-explorer/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-governance-services-community-repo-parent</artifactId>
-        <version>11.125</version>
+        <version>11.139</version>
     </parent>
 
     <build>

amps/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo</artifactId>
-        <version>11.125</version>
+        <version>11.139</version>
     </parent>
 
     <modules>

amps/share-services/pom.xml

@@ -8,7 +8,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo-amps</artifactId>
-        <version>11.125</version>
+        <version>11.139</version>
     </parent>
 
     <properties>

core/pom.xml

@@ -7,7 +7,7 @@
    <parent>
       <groupId>org.alfresco</groupId>
       <artifactId>alfresco-community-repo</artifactId>
-      <version>11.125</version>
+      <version>11.139</version>
    </parent>
 
    <dependencies>

data-model/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo</artifactId>
-        <version>11.125</version>
+        <version>11.139</version>
     </parent>
 
     <properties>

packaging/distribution/pom.xml

@@ -9,6 +9,6 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo-packaging</artifactId>
-        <version>11.125</version>
+        <version>11.139</version>
     </parent>
 </project>

packaging/docker-alfresco/Dockerfile

@@ -1,6 +1,6 @@
 # Fetch image based on Tomcat 9.0, Java 11 and Centos 8
 # More infos about this image: https://github.com/Alfresco/alfresco-docker-base-tomcat
-FROM alfresco/alfresco-base-tomcat:9.0.45-java-11-centos-8
+FROM alfresco/alfresco-base-tomcat:9.0.52-java-11-centos-7
 
 # Set default docker_context.
 ARG resource_path=target
@@ -65,12 +65,12 @@ RUN sed -i -e "s_log4j.appender.File.File\=alfresco.log_log4j.appender.File.File
 
 # fontconfig is required by Activiti worflow diagram generator
 # installing pinned dependencies as well
-RUN yum install -y fontconfig-2.13.1-3.el8 \
-                   dejavu-fonts-common-2.35-7.el8 \
-                   fontpackages-filesystem-1.44-22.el8 \
-                   freetype-2.9.1-4.el8_3.1 \
-                   libpng-1.6.34-5.el8 \
-                   dejavu-sans-fonts-2.35-7.el8 && \
+RUN yum install -y fontconfig-2.13.0-4.3.el7 \
+                   dejavu-fonts-common-2.33-6.el7 \
+                   fontpackages-filesystem-1.44-8.el7 \
+                   freetype-2.8-14.el7_9.1 \
+                   libpng-1.5.13-8.el7 \
+                   dejavu-sans-fonts-2.33-6.el7 && \
     yum clean all
 
 # The standard configuration is to have all Tomcat files owned by root with group GROUPNAME and whilst owner has read/write privileges, 

packaging/docker-alfresco/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo-packaging</artifactId>
-        <version>11.125</version>
+        <version>11.139</version>
     </parent>
 
     <properties>

packaging/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo</artifactId>
-        <version>11.125</version>
+        <version>11.139</version>
     </parent>
 
     <modules>

packaging/tests/pom.xml

@@ -6,7 +6,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo-packaging</artifactId>
-        <version>11.125</version>
+        <version>11.139</version>
     </parent>
 
     <modules>

packaging/tests/tas-cmis/pom.xml

@@ -9,7 +9,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo-tests</artifactId>
-        <version>11.125</version>
+        <version>11.139</version>
     </parent>
 
     <developers>

packaging/tests/tas-email/pom.xml

@@ -9,7 +9,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo-tests</artifactId>
-        <version>11.125</version>
+        <version>11.139</version>
     </parent>
 
     <developers>

packaging/tests/tas-integration/pom.xml

@@ -9,7 +9,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo-tests</artifactId>
-        <version>11.125</version>
+        <version>11.139</version>
     </parent>
 
     <developers>

packaging/tests/tas-restapi/pom.xml

@@ -9,7 +9,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo-tests</artifactId>
-        <version>11.125</version>
+        <version>11.139</version>
     </parent>
 
     <developers>

packaging/tests/tas-webdav/pom.xml

@@ -9,7 +9,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo-tests</artifactId>
-        <version>11.125</version>
+        <version>11.139</version>
     </parent>
 
     <developers>

packaging/war/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo-packaging</artifactId>
-        <version>11.125</version>
+        <version>11.139</version>
     </parent>
 
     <properties>

pom.xml

@@ -2,7 +2,7 @@
 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <modelVersion>4.0.0</modelVersion>
     <artifactId>alfresco-community-repo</artifactId>
-    <version>11.125</version>
+    <version>11.139</version>
     <packaging>pom</packaging>
     <name>Alfresco Community Repo Parent</name>
 
@@ -61,13 +61,13 @@
         <dependency.jackson-databind.version>2.12.4</dependency.jackson-databind.version>
         <dependency.cxf.version>3.4.4</dependency.cxf.version>
         <dependency.opencmis.version>1.0.0</dependency.opencmis.version>
-        <dependency.webscripts.version>8.22</dependency.webscripts.version>
+        <dependency.webscripts.version>8.23</dependency.webscripts.version>
         <dependency.bouncycastle.version>1.69</dependency.bouncycastle.version>
         <dependency.mockito-core.version>3.11.2</dependency.mockito-core.version>
         <dependency.mockito-all.version>1.10.19</dependency.mockito-all.version>
         <dependency.org-json.version>20210307</dependency.org-json.version>
         <dependency.commons-dbcp.version>1.4-DBCP330</dependency.commons-dbcp.version>
-        <dependency.commons-io.version>2.8.0</dependency.commons-io.version>
+        <dependency.commons-io.version>2.11.0</dependency.commons-io.version>
         <dependency.gson.version>2.8.5</dependency.gson.version>
         <dependency.httpclient.version>4.5.13</dependency.httpclient.version>
         <dependency.httpcore.version>4.4.14</dependency.httpcore.version>
@@ -105,7 +105,7 @@
 
         <alfresco.googledrive.version>3.2.1.3</alfresco.googledrive.version>
         <alfresco.aos-module.version>1.4.0.1</alfresco.aos-module.version>
-        <alfresco.api-explorer.version>7.1.0-A1</alfresco.api-explorer.version>
+        <alfresco.api-explorer.version>7.1.0.1</alfresco.api-explorer.version> <!-- Also in alfresco-enterprise-share -->
         <alfresco.maven-plugin.version>2.2.0</alfresco.maven-plugin.version>
 
         <dependency.postgresql.version>42.2.20</dependency.postgresql.version>
@@ -114,7 +114,7 @@
         <dependency.mariadb.version>2.7.2</dependency.mariadb.version>
         <dependency.tas-utility.version>3.0.45</dependency.tas-utility.version>
         <dependency.rest-assured.version>3.3.0</dependency.rest-assured.version>
-        <dependency.tas-restapi.version>1.63</dependency.tas-restapi.version>
+        <dependency.tas-restapi.version>1.64</dependency.tas-restapi.version>
         <dependency.tas-cmis.version>1.30</dependency.tas-cmis.version>
         <dependency.tas-email.version>1.8</dependency.tas-email.version>
         <dependency.tas-webdav.version>1.6</dependency.tas-webdav.version>
@@ -142,7 +142,7 @@
         <connection>scm:git:https://github.com/Alfresco/alfresco-community-repo.git</connection>
         <developerConnection>scm:git:https://github.com/Alfresco/alfresco-community-repo.git</developerConnection>
         <url>https://github.com/Alfresco/alfresco-community-repo</url>
-        <tag>11.125</tag>
+        <tag>11.139</tag>
     </scm>
 
     <distributionManagement>
@@ -638,7 +638,7 @@
             <dependency>
                 <groupId>org.jsoup</groupId>
                 <artifactId>jsoup</artifactId>
-                <version>1.13.1</version>
+                <version>1.14.2</version>
             </dependency>
             <!-- upgrade dependency from TIKA -->
             <dependency>

remote-api/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo</artifactId>
-        <version>11.125</version>
+        <version>11.139</version>
     </parent>
 
     <dependencies>

remote-api/src/main/java/org/alfresco/repo/web/scripts/RepositoryContainer.java

@@ -2,7 +2,7 @@
  * #%L
  * Alfresco Remote API
  * %%
- * Copyright (C) 2005 - 2019 Alfresco Software Limited
+ * Copyright (C) 2005 - 2021 Alfresco Software Limited
  * %%
  * This file is part of the Alfresco software. 
  * If the software was purchased under a paid Alfresco license, the terms of 
@@ -30,6 +30,7 @@ import java.net.SocketException;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
+import java.util.Objects;
 import java.util.function.Supplier;
 
 import javax.servlet.http.HttpServletResponse;
@@ -355,7 +356,10 @@ public class RepositoryContainer extends AbstractRuntimeContainer
             return;
         }
 
-        if ((required == RequiredAuthentication.user || required == RequiredAuthentication.admin) && isGuest)
+        // if the required authentication is not equal to guest, then it should be one of the following:
+        // user | sysadmin | admin (the 'none' authentication is handled above)
+        // in this case the guest user should not be able to execute those scripts.
+        if (required != RequiredAuthentication.guest && isGuest)
         {
             throw new WebScriptException(HttpServletResponse.SC_UNAUTHORIZED, "Web Script " + desc.getId() + " requires user authentication; however, a guest has attempted access.");
         }
@@ -383,28 +387,9 @@ public class RepositoryContainer extends AbstractRuntimeContainer
                 {
                     return false;
                 }
-                // The user will now have been authenticated, based on HTTP Auth, Ticket etc
+                // The user will now have been authenticated, based on HTTP Auth, Ticket, etc.
                 // Check that the user they authenticated as has appropriate access to the script
-
-                // Check to see if they supplied HTTP Auth or Ticket as guest, on a script that needs more
-                if (required == RequiredAuthentication.user || required == RequiredAuthentication.admin)
-                {
-                    final String authenticatedUser = AuthenticationUtil.getFullyAuthenticatedUser();
-                    final String runAsUser = AuthenticationUtil.getRunAsUser();
-
-                    if ( (authenticatedUser == null) ||
-                         (authenticatedUser.equals(runAsUser) && authorityService.hasGuestAuthority()) ||
-                         (!authenticatedUser.equals(runAsUser) && authorityService.isGuestAuthority(authenticatedUser)) )
-                    {
-                        throw new WebScriptException(HttpServletResponse.SC_UNAUTHORIZED, "Web Script " + desc.getId() + " requires user authentication; however, a guest has attempted access.");
-                    }
-                }
-
-                // Check to see if they're admin or system on an Admin only script
-                if (required == RequiredAuthentication.admin && !(authorityService.hasAdminAuthority() || AuthenticationUtil.getFullyAuthenticatedUser().equals(AuthenticationUtil.getSystemUserName())))
-                {
-                    throw new WebScriptException(HttpServletResponse.SC_UNAUTHORIZED, "Web Script " + desc.getId() + " requires admin authentication; however, a non-admin has attempted access.");
-                }
+                checkScriptAccess(required, desc.getId());
 
                 if (debug)
                 {
@@ -424,7 +409,7 @@ public class RepositoryContainer extends AbstractRuntimeContainer
 
             // Execute Web Script if authentication passed
             // The Web Script has its own txn management with potential runAs() user
-            transactionedExecuteAs(script, scriptReq, scriptRes);
+            transactionedExecuteAs(script, scriptReq, scriptRes, required);
         }
         finally
         {
@@ -441,6 +426,65 @@ public class RepositoryContainer extends AbstractRuntimeContainer
         }
     }
 
+    private boolean isSystemUser()
+    {
+        return Objects.equals(AuthenticationUtil.getFullyAuthenticatedUser(), AuthenticationUtil.getSystemUserName());
+    }
+
+    private boolean isSysAdminUser()
+    {
+        return authorityService.hasSysAdminAuthority();
+    }
+
+    private boolean isAdmin()
+    {
+        return authorityService.hasAdminAuthority();
+    }
+
+    public final boolean isAdminOrSystemUser()
+    {
+        return isAdmin() || isSystemUser();
+    }
+
+    /**
+     * Check to see if they supplied HTTP Auth or Ticket as guest, on a script that needs more
+     */
+    private void checkGuestAccess(RequiredAuthentication required, String scriptDescriptorId)
+    {
+        if (required == RequiredAuthentication.user || required == RequiredAuthentication.admin
+                    || required == RequiredAuthentication.sysadmin)
+        {
+            final String authenticatedUser = AuthenticationUtil.getFullyAuthenticatedUser();
+            final String runAsUser = AuthenticationUtil.getRunAsUser();
+
+            if ((authenticatedUser == null) || (authenticatedUser.equals(runAsUser)
+                        && authorityService.hasGuestAuthority()) || (!authenticatedUser.equals(runAsUser)
+                        && authorityService.isGuestAuthority(authenticatedUser)))
+            {
+                throw new WebScriptException(HttpServletResponse.SC_UNAUTHORIZED, "Web Script " + scriptDescriptorId
+                            + " requires user authentication; however, a guest has attempted access.");
+            }
+        }
+    }
+
+    private void checkScriptAccess(RequiredAuthentication required, String scriptDescriptorId)
+    {
+        // first, check guest access
+        checkGuestAccess(required, scriptDescriptorId);
+
+        // Check to see if the user is sysAdmin, admin or system on a sysadmin scripts
+        if (required == RequiredAuthentication.sysadmin && !(isSysAdminUser() || isAdminOrSystemUser()))
+        {
+            throw new WebScriptException(HttpServletResponse.SC_UNAUTHORIZED, "Web Script " + scriptDescriptorId
+                        + " requires system-admin authentication; however, a non-system-admin has attempted access.");
+        }
+        else if (required == RequiredAuthentication.admin && !isAdminOrSystemUser())
+        {
+            throw new WebScriptException(HttpServletResponse.SC_UNAUTHORIZED, "Web Script " + scriptDescriptorId
+                        + " requires admin authentication; however, a non-admin has attempted access.");
+        }
+    }
+
     /**
      * Execute script within required level of transaction
      * 
@@ -626,6 +670,35 @@ public class RepositoryContainer extends AbstractRuntimeContainer
             }, runAs);
         }
     }
+
+    /**
+     * Execute script within required level of transaction as required effective user.
+     *
+     * @param script    WebScript
+     * @param scriptReq WebScriptRequest
+     * @param scriptRes WebScriptResponse
+     * @param requiredAuthentication Required authentication
+     * @throws IOException
+     */
+    private void transactionedExecuteAs(final WebScript script, final WebScriptRequest scriptReq,
+                                        final WebScriptResponse scriptRes, RequiredAuthentication requiredAuthentication) throws IOException
+    {
+        // Execute as System if and only if, the current user is a member of System-Admin group, and he is not a super admin.
+        // E.g. if 'jdoe' is a member of ALFRESCO_SYSTEM_ADMINISTRATORS group, then the work should be executed as System to satisfy the ACL checks.
+        // But, if the current user is Admin (i.e. super admin, which by default he is a member fo the ALFRESCO_SYSTEM_ADMINISTRATORS group)
+        // then don't wrap the work as RunAs, since he can do anything!
+        if (requiredAuthentication == RequiredAuthentication.sysadmin && isSysAdminUser() && !isAdmin())
+        {
+            AuthenticationUtil.runAs(() -> {
+                transactionedExecute(script, scriptReq, scriptRes);
+                return null;
+            }, AuthenticationUtil.SYSTEM_USER_NAME);
+        }
+        else
+        {
+            transactionedExecuteAs(script, scriptReq, scriptRes);
+        }
+    }
     
     /* (non-Javadoc)
      * @see org.alfresco.web.scripts.AbstractRuntimeContainer#onApplicationEvent(org.springframework.context.ApplicationEvent)

remote-api/src/main/java/org/alfresco/rest/api/impl/directurl/RestApiDirectUrlConfig.java

@@ -63,6 +63,7 @@ public class RestApiDirectUrlConfig extends AbstractDirectUrlConfig
             logger.error("Disabling REST API direct access URLs due to configuration error: " + ex.getMessage());
             setEnabled(false);
         }
+        logger.info("REST API direct access URLs are " + (isEnabled() ? "enabled" : "disabled"));
     }
 
     /* Helper method to validate the REST API direct access url configuration settings */

remote-api/src/main/java/org/alfresco/rest/api/nodes/NodeRenditionsRelation.java

@@ -120,7 +120,7 @@ public class NodeRenditionsRelation implements RelationshipResourceAction.Read<R
     }
 
     @Operation("request-direct-access-url")
-    @WebApiParam (name = "requestRenditionDirectAccessUrl", title = "Request direct access url", description = "Request direct access url", kind = ResourceParameter.KIND.HTTP_BODY_OBJECT)
+    @WebApiParam (name = "directAccessUrlRequest", title = "Request direct access url", description = "Options for direct access url request", kind = ResourceParameter.KIND.HTTP_BODY_OBJECT)
     @WebApiDescription(title = "Request content url",
             description="Generates a direct access URL.",
             successStatus = HttpServletResponse.SC_OK)

remote-api/src/main/java/org/alfresco/rest/api/nodes/NodeVersionRenditionsRelation.java

@@ -26,28 +26,18 @@
 
 package org.alfresco.rest.api.nodes;
 
-import javax.servlet.http.HttpServletResponse;
 import java.util.List;
 
-import org.alfresco.repo.content.directurl.DirectAccessUrlDisabledException;
-import org.alfresco.rest.api.DirectAccessUrlHelper;
 import org.alfresco.rest.api.Renditions;
-import org.alfresco.rest.api.model.DirectAccessUrlRequest;
 import org.alfresco.rest.api.model.Rendition;
 import org.alfresco.rest.framework.BinaryProperties;
-import org.alfresco.rest.framework.Operation;
 import org.alfresco.rest.framework.WebApiDescription;
-import org.alfresco.rest.framework.WebApiParam;
-import org.alfresco.rest.framework.core.ResourceParameter;
-import org.alfresco.rest.framework.core.exceptions.DisabledServiceException;
 import org.alfresco.rest.framework.resource.RelationshipResource;
 import org.alfresco.rest.framework.resource.actions.interfaces.RelationshipResourceAction;
 import org.alfresco.rest.framework.resource.actions.interfaces.RelationshipResourceBinaryAction;
 import org.alfresco.rest.framework.resource.content.BinaryResource;
 import org.alfresco.rest.framework.resource.parameters.CollectionWithPagingInfo;
 import org.alfresco.rest.framework.resource.parameters.Parameters;
-import org.alfresco.rest.framework.webscripts.WithResponse;
-import org.alfresco.service.cmr.repository.DirectAccessUrl;
 import org.alfresco.service.cmr.repository.NodeRef;
 import org.alfresco.service.cmr.repository.StoreRef;
 import org.alfresco.util.PropertyCheck;
@@ -62,7 +52,6 @@ import org.springframework.extensions.webscripts.Status;
  * - POST /nodes/{nodeId}/versions/{versionId}/renditions
  * - GET  /nodes/{nodeId}/versions/{versionId}/renditions/{renditionId}
  * - GET  /nodes/{nodeId}/versions/{versionId}/renditions/{renditionId}/content
- * - POST /nodes/{nodeId}/versions/{versionId}/renditions/{renditionId}/requestVersionDirectAccessUrl
  *
  * @author janv
  */
@@ -74,18 +63,12 @@ public class NodeVersionRenditionsRelation implements RelationshipResourceAction
         InitializingBean
 {
     private Renditions renditions;
-    private DirectAccessUrlHelper directAccessUrlHelper;
 
     public void setRenditions(Renditions renditions)
     {
         this.renditions = renditions;
     }
 
-    public void setDirectAccessUrlHelper(DirectAccessUrlHelper directAccessUrlHelper)
-    {
-        this.directAccessUrlHelper = directAccessUrlHelper;
-    }
-
     @Override
     public void afterPropertiesSet() throws Exception
     {
@@ -132,28 +115,4 @@ public class NodeVersionRenditionsRelation implements RelationshipResourceAction
         return renditions.getContent(nodeRef, versionId, renditionId, parameters);
     }
 
-    @Operation ("request-direct-access-url")
-    @WebApiParam (name = "requestVersionRenditionDirectAccessUrl", title = "Request direct access url", description = "Request direct access url", kind = ResourceParameter.KIND.HTTP_BODY_OBJECT)
-    @WebApiDescription(title = "Request content url",
-            description="Generates a direct access URL.",
-            successStatus = HttpServletResponse.SC_OK)
-    public DirectAccessUrl requestContentDirectUrl(String nodeId, String versionId, DirectAccessUrlRequest directAccessUrlRequest, Parameters parameters, WithResponse withResponse)
-    {
-        boolean attachment = directAccessUrlHelper.getAttachment(directAccessUrlRequest);
-        Long validFor = directAccessUrlHelper.getDefaultExpiryTimeInSec();
-        NodeRef nodeRef = new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, nodeId);
-        String renditionId = parameters.getRelationship2Id();
-
-        DirectAccessUrl directAccessUrl;
-        try
-        {
-            directAccessUrl = renditions.requestContentDirectUrl(nodeRef, versionId, renditionId, attachment, validFor);
-        }
-        catch (DirectAccessUrlDisabledException ex)
-        {
-            throw new DisabledServiceException(ex.getMessage());
-        }
-        return directAccessUrl;
-    }
-
 }

remote-api/src/main/java/org/alfresco/rest/api/nodes/NodeVersionsRelation.java

@@ -303,7 +303,7 @@ public class NodeVersionsRelation extends AbstractNodeRelation implements
     }
 
     @Operation("request-direct-access-url")
-    @WebApiParam (name = "requestVersionDirectAccessUrl", title = "Request direct access url", description = "Request direct access url", kind = ResourceParameter.KIND.HTTP_BODY_OBJECT)
+    @WebApiParam (name = "directAccessUrlRequest", title = "Request direct access url", description = "Options for direct access url request", kind = ResourceParameter.KIND.HTTP_BODY_OBJECT)
     @WebApiDescription(title = "Request content url",
             description="Generates a direct access URL.",
             successStatus = HttpServletResponse.SC_OK)

remote-api/src/main/java/org/alfresco/rest/api/nodes/NodesEntityResource.java

@@ -203,7 +203,7 @@ public class NodesEntityResource implements
     }
 
     @Operation("request-direct-access-url")
-    @WebApiParam(name = "requestNodeDirectAccessUrl", title = "Request direct access url", description = "Request direct access url", kind = ResourceParameter.KIND.HTTP_BODY_OBJECT)
+    @WebApiParam(name = "directAccessUrlRequest", title = "Request direct access url", description = "Options for direct access url request", kind = ResourceParameter.KIND.HTTP_BODY_OBJECT)
     @WebApiDescription(title = "Request content url",
             description="Generates a direct access URL.",
             successStatus = HttpServletResponse.SC_OK)

remote-api/src/main/java/org/alfresco/rest/api/trashcan/TrashcanEntityResource.java

@@ -101,7 +101,7 @@ public class TrashcanEntityResource implements
     }
 
     @Operation("request-direct-access-url")
-    @WebApiParam(name = "requestDeletedNodeDirectAccessUrl", title = "Request direct access url", description = "Request direct access url", kind = ResourceParameter.KIND.HTTP_BODY_OBJECT)
+    @WebApiParam(name = "directAccessUrlRequest", title = "Request direct access url", description = "Options for direct access url request", kind = ResourceParameter.KIND.HTTP_BODY_OBJECT)
     @WebApiDescription(title = "Request content url",
             description="Generates a direct access URL.",
             successStatus = HttpServletResponse.SC_OK)

remote-api/src/main/java/org/alfresco/rest/api/trashcan/TrashcanRenditionsRelation.java

@@ -90,7 +90,7 @@ public class TrashcanRenditionsRelation
     }
 
     @Operation ("request-direct-access-url")
-    @WebApiParam (name = "requestArchivedNodeRenditionDirectAccessUrl", title = "Request direct access url", description = "Request direct access url", kind = ResourceParameter.KIND.HTTP_BODY_OBJECT)
+    @WebApiParam (name = "directAccessUrlRequest", title = "Request direct access url", description = "Options for direct access url request", kind = ResourceParameter.KIND.HTTP_BODY_OBJECT)
     @WebApiDescription(title = "Request content url",
             description="Generates a direct access URL.",
             successStatus = HttpServletResponse.SC_OK)

remote-api/src/main/java/org/alfresco/web/scripts/WebScriptUtils.java

@@ -2,7 +2,7 @@
  * #%L
  * Alfresco Remote API
  * %%
- * Copyright (C) 2005 - 2016 Alfresco Software Limited
+ * Copyright (C) 2005 - 2021 Alfresco Software Limited
  * %%
  * This file is part of the Alfresco software. 
  * If the software was purchased under a paid Alfresco license, the terms of 
@@ -35,6 +35,7 @@ import org.alfresco.repo.jscript.ScriptUtils;
 import org.alfresco.repo.web.scripts.RepositoryContainer;
 import org.alfresco.service.cmr.admin.RepoUsage;
 import org.alfresco.service.cmr.repository.StoreRef;
+import org.springframework.extensions.webscripts.Description.RequiredAuthentication;
 import org.springframework.extensions.webscripts.WebScript;
 
 /**
@@ -65,27 +66,61 @@ public class WebScriptUtils extends ScriptUtils
      */
     public Object[] findWebScripts(String family)
     {
-        List<Object> values = new ArrayList<Object>();
-        
+        List<Object> values = new ArrayList<>();
+
         for (WebScript webscript : this.repositoryContainer.getRegistry().getWebScripts())
         {
-            if (family != null)
+            addScriptDescription(family, values, webscript);
+        }
+
+        return values.toArray(new Object[0]);
+    }
+
+    /**
+     * Searches for webscript components with the given family name accessible to the current user.
+     *
+     * @param family        the family
+     *
+     * @return An array of webscripts that match the given family name accessible to the current user
+     *
+     * @since 7.1
+     */
+    public Object[] findWebScriptsForCurrentUser(String family)
+    {
+        List<Object> values = new ArrayList<>();
+
+        final boolean isAdminOrSystemUser = repositoryContainer.isAdminOrSystemUser();
+        for (WebScript webscript : this.repositoryContainer.getRegistry().getWebScripts())
+        {
+            final RequiredAuthentication required = webscript.getDescription().getRequiredAuthentication();
+            // Ignore admin webscripts if the current user is not an Admin or System
+            if (RequiredAuthentication.admin == required && !isAdminOrSystemUser)
             {
-                Set<String> familys = webscript.getDescription().getFamilys();
-                if (familys != null && familys.contains(family))
-                {
-                    values.add(webscript.getDescription());
-                }
+                continue;
             }
-            else
+
+            addScriptDescription(family, values, webscript);
+        }
+
+        return values.toArray(new Object[0]);
+    }
+
+    private void addScriptDescription(String family, List<Object> values, WebScript webscript)
+    {
+        if (family != null)
+        {
+            Set<String> families = webscript.getDescription().getFamilys();
+            if (families != null && families.contains(family))
             {
                 values.add(webscript.getDescription());
             }
         }
-        
-        return values.toArray(new Object[0]);
+        else
+        {
+            values.add(webscript.getDescription());
+        }
     }
-    
+
     public String getHostAddress()
     {
         try

remote-api/src/main/resources/alfresco/public-rest-context.xml

@@ -1080,8 +1080,8 @@
     <!-- REST API direct access URL configuration settings -->
     <bean id="restApiDirectUrlConfig" class="org.alfresco.rest.api.impl.directurl.RestApiDirectUrlConfig" init-method="init">
         <property name="systemWideDirectUrlConfig" ref="systemWideDirectUrlConfig" />
-        <property name="enabled" value="${restApi.directAccessUrl.enabled}" />
-        <property name="defaultExpiryTimeInSec" value="${restApi.directAccessUrl.defaultExpiryTimeInSec}" />
+        <property name="enabled" value="#{T(Boolean).valueOf('${restApi.directAccessUrl.enabled}')}"/>
+        <property name="defaultExpiryTimeInSec" value="#{T(Integer).parseInt('${restApi.directAccessUrl.defaultExpiryTimeInSec}')}" />
     </bean>
 
     <!-- OpenCMIS -->
@@ -1429,7 +1429,6 @@
 
     <bean class="org.alfresco.rest.api.nodes.NodeVersionRenditionsRelation">
         <property name="renditions" ref="Renditions" />
-        <property name="directAccessUrlHelper" ref="directAccessUrlHelper" />
     </bean>
 
     <bean class="org.alfresco.rest.api.quicksharelinks.QuickShareLinkRenditionsRelation">

remote-api/src/main/resources/alfresco/templates/webscripts/org/alfresco/repository/admin/admin-common.lib.js

@@ -40,7 +40,7 @@ var Admin = Admin || {};
       var toolInfo = {};
       
       // collect the tools required for the Admin Console
-      var tools = utils.findWebScripts("AdminConsole");
+      var tools = utils.findWebScriptsForCurrentUser("AdminConsole");
       
       // process each tool and generate the data so that a label+link can
       // be output by the component template for each tool required

remote-api/src/main/resources/alfresco/templates/webscripts/org/alfresco/repository/admin/admin-communitysummary.get.desc.xml

@@ -7,7 +7,7 @@
    <!-- COMMUNITY ONLY -->
    <family>AdminConsole:Edition:Community</family>
    <format default="html">argument</format>
-   <authentication>admin</authentication>
+   <authentication>sysadmin</authentication>
    <lifecycle>internal</lifecycle>
    <transaction allow="readonly">required</transaction>
-</webscript>
+</webscript>

remote-api/src/main/resources/alfresco/templates/webscripts/org/alfresco/repository/admin/admin-root.get.desc.xml

@@ -5,7 +5,7 @@
    <url>/admin/</url>
    <family>AdminConsoleHelper</family>
    <format default="html">argument</format>
-   <authentication>admin</authentication>
+   <authentication>sysadmin</authentication>
    <lifecycle>internal</lifecycle>
    <transaction allow="readonly">required</transaction>
-</webscript>
+</webscript>

remote-api/src/main/resources/alfresco/templates/webscripts/org/alfresco/repository/admin/jmxdump.get.desc.xml

@@ -5,7 +5,7 @@
    </description>
    <url>/api/admin/jmxdump</url>
    <family>AdminConsoleHelper</family>
-   <authentication>admin</authentication>
+   <authentication>sysadmin</authentication>
    <transaction allow="readonly"/>
    <lifecycle>internal</lifecycle>
-</webscript>
+</webscript>

remote-api/src/main/resources/alfresco/templates/webscripts/org/alfresco/repository/admin/usage.post.desc.xml

@@ -3,8 +3,8 @@
   <description>Update and retrieve repository usage</description>
   <url>/api/admin/usage</url>
   <format default="json" />
-  <authentication>admin</authentication>
+  <authentication>sysadmin</authentication>
   <transaction>required</transaction>
   <family>Admin</family>
   <lifecycle>internal</lifecycle>
-</webscript>
+</webscript>

remote-api/src/test/java/org/alfresco/repo/web/scripts/admin/AdminWebScriptTest.java

@@ -2,7 +2,7 @@
  * #%L
  * Alfresco Remote API
  * %%
- * Copyright (C) 2005 - 2016 Alfresco Software Limited
+ * Copyright (C) 2005 - 2021 Alfresco Software Limited
  * %%
  * This file is part of the Alfresco software. 
  * If the software was purchased under a paid Alfresco license, the terms of 
@@ -31,10 +31,12 @@ import java.util.List;
 import java.util.Locale;
 import java.util.Map;
 
+import org.alfresco.model.ContentModel;
 import org.alfresco.repo.content.MimetypeMap;
 import org.alfresco.repo.dictionary.Facetable;
 import org.alfresco.repo.dictionary.IndexTokenisationMode;
 import org.alfresco.repo.security.authentication.AuthenticationUtil;
+import org.alfresco.repo.security.authority.AuthorityServiceImpl;
 import org.alfresco.repo.web.scripts.BaseWebScriptTest;
 import org.alfresco.service.cmr.admin.RepoAdminService;
 import org.alfresco.service.cmr.admin.RepoUsage;
@@ -48,11 +50,18 @@ import org.alfresco.service.cmr.dictionary.ModelDefinition;
 import org.alfresco.service.cmr.dictionary.PropertyDefinition;
 import org.alfresco.service.cmr.i18n.MessageLookup;
 import org.alfresco.service.cmr.repository.NodeService;
+import org.alfresco.service.cmr.security.AuthorityService;
+import org.alfresco.service.cmr.security.MutableAuthenticationService;
+import org.alfresco.service.cmr.security.PersonService;
 import org.alfresco.service.descriptor.DescriptorService;
 import org.alfresco.service.license.LicenseDescriptor;
 import org.alfresco.service.namespace.QName;
 import org.alfresco.test_category.OwnJVMTestsCategory;
+import org.alfresco.util.PropertyMap;
+import org.apache.commons.lang3.RandomStringUtils;
 import org.json.JSONObject;
+import org.jsoup.Jsoup;
+import org.jsoup.nodes.Document;
 import org.junit.Test;
 import org.junit.experimental.categories.Category;
 import org.springframework.context.ApplicationContext;
@@ -74,29 +83,46 @@ import static org.mockito.Mockito.when;
 @Category(OwnJVMTestsCategory.class)
 public class AdminWebScriptTest extends BaseWebScriptTest
 {
-    private ApplicationContext ctx;
-    private RepoAdminService repoAdminService;
-    private DescriptorService descriptorService;
+    private RepoAdminService             repoAdminService;
+    private DescriptorService            descriptorService;
+    private PersonService                personService;
+    private MutableAuthenticationService authenticationService;
+
     private String admin;
     private String guest;
+    private String user1_sysAdmin;
+    private String user2;
 
     @Override
     protected void setUp() throws Exception
     {
         super.setUp();
-        ctx = getServer().getApplicationContext();
-        repoAdminService = (RepoAdminService) ctx.getBean("RepoAdminService");
-        descriptorService = (DescriptorService) ctx.getBean("DescriptorService");
+        ApplicationContext ctx = getServer().getApplicationContext();
+        repoAdminService = ctx.getBean("RepoAdminService", RepoAdminService.class);
+        descriptorService = ctx.getBean("DescriptorService", DescriptorService.class);
+        personService = ctx.getBean("PersonService", PersonService.class);
+        authenticationService = ctx.getBean("AuthenticationService", MutableAuthenticationService.class);
+        AuthorityService authorityService = ctx.getBean("AuthorityService", AuthorityService.class);
         admin = AuthenticationUtil.getAdminUserName();
         guest = AuthenticationUtil.getGuestUserName();
 
         AuthenticationUtil.setFullyAuthenticatedUser(admin);
+
+        user1_sysAdmin = RandomStringUtils.randomAlphabetic(10);
+        String user1_password = RandomStringUtils.randomAlphabetic(10);
+        createUser(user1_sysAdmin, user1_password);
+        authorityService.addAuthority(AuthorityServiceImpl.GROUP_ALFRESCO_SYSTEM_ADMINISTRATORS_AUTHORITY, user1_sysAdmin);
+
+        user2 = RandomStringUtils.randomAlphabetic(10);
+        String user2_password = RandomStringUtils.randomAlphabetic(10);
+        createUser(user2, user2_password);
     }
 
     @Override
     protected void tearDown() throws Exception
     {
         super.tearDown();
+        AuthenticationUtil.clearCurrentSecurityContext();
     }
     
     public void testGetRestrictions() throws Exception
@@ -227,6 +253,129 @@ public class AdminWebScriptTest extends BaseWebScriptTest
         assertTrue(property.getResidual());
     }
 
+    public void testSysAdminAccess() throws Exception
+    {
+        AuthenticationUtil.clearCurrentSecurityContext();
+
+        String url = "/admin/admin-communitysummary";
+        TestWebScriptServer.GetRequest req = new TestWebScriptServer.GetRequest(url);
+
+        Response response = sendRequest(req, Status.STATUS_OK, user1_sysAdmin);
+        Document doc = Jsoup.parse(response.getContentAsString());
+        assertNotNull(doc.title());
+        assertTrue(doc.title().contains("System Summary"));
+
+        // Super Admin should still have access to all the scripts
+        response = sendRequest(req, Status.STATUS_OK, admin);
+        doc = Jsoup.parse(response.getContentAsString());
+        assertNotNull(doc.title());
+        assertTrue(doc.title().contains("System Summary"));
+    }
+
+    public void testSysAdminAccess_nodeBrowser() throws Exception
+    {
+        AuthenticationUtil.clearCurrentSecurityContext();
+
+        String nodeBrowserUrl = "/admin/admin-nodebrowser";
+
+        // test the get webscript of the node browser
+        TestWebScriptServer.GetRequest getReq = new TestWebScriptServer.GetRequest(nodeBrowserUrl);
+        // The node browser is only accessible to admins, not sysAdmins
+        sendRequest(getReq, Status.STATUS_UNAUTHORIZED, user1_sysAdmin);
+
+        // test the post webscript of the node browser too
+        TestWebScriptServer.PostRequest postReq = new TestWebScriptServer.PostRequest(nodeBrowserUrl, "",
+                                                                                      "multipart/form-data; boundary=----WebKitFormBoundaryjacWCXfJ3KjtRenA");
+        // The node browser is only accessible to admins, not sysAdmins
+        sendRequest(postReq, Status.STATUS_UNAUTHORIZED, user1_sysAdmin);
+
+        // Normal user shouldn't have access either
+        sendRequest(getReq, Status.STATUS_UNAUTHORIZED, user2);
+
+        // Admin should have access to everything
+        Response response = sendRequest(getReq, Status.STATUS_OK, admin);
+        Document doc = Jsoup.parse(response.getContentAsString());
+        assertNotNull(doc.title());
+        assertTrue(doc.title().contains("Node Browser"));
+    }
+
+    public void testSysAdminAccess_repoConsole() throws Exception
+    {
+        String repoConsoleUrl = "/admin/admin-repoconsole";
+
+        // test the get webscript of the repo console
+        TestWebScriptServer.GetRequest getReq = new TestWebScriptServer.GetRequest(repoConsoleUrl);
+        sendRequest(getReq, Status.STATUS_UNAUTHORIZED, user1_sysAdmin);
+
+        // test the post webscript of the repo console too
+        TestWebScriptServer.PostRequest postReq = new TestWebScriptServer.PostRequest(repoConsoleUrl, "",
+                                                                                      "multipart/form-data; boundary=----WebKitFormBoundaryjacWCXfJ3KjtRenA");
+        sendRequest(postReq, Status.STATUS_UNAUTHORIZED, user1_sysAdmin);
+
+        // Normal user shouldn't have access either
+        sendRequest(getReq, Status.STATUS_UNAUTHORIZED, user2);
+
+        // Admin should have access to everything
+        Response response = sendRequest(getReq, Status.STATUS_OK, admin);
+        Document doc = Jsoup.parse(response.getContentAsString());
+        assertNotNull(doc.title());
+        assertTrue(doc.title().contains("Model and Messages Console"));
+    }
+
+    public void testSysAdminAccess_tenantConsole() throws Exception
+    {
+        String tenantConsoleUrl = "/admin/admin-tenantconsole";
+        // test the get webscript of the tenant console
+        TestWebScriptServer.GetRequest getReq = new TestWebScriptServer.GetRequest(tenantConsoleUrl);
+        sendRequest(getReq, Status.STATUS_UNAUTHORIZED, user1_sysAdmin);
+
+        // test the post webscript of the tenant console too
+        TestWebScriptServer.PostRequest postReq = new TestWebScriptServer.PostRequest(tenantConsoleUrl, "",
+                                                                                      "multipart/form-data; boundary=----WebKitFormBoundaryjacWCXfJ3KjtRenA");
+        sendRequest(postReq, Status.STATUS_UNAUTHORIZED, user1_sysAdmin);
+
+        // Normal user shouldn't have access either
+        sendRequest(getReq, Status.STATUS_UNAUTHORIZED, user2);
+
+        // Admin should have access to everything
+        Response response = sendRequest(getReq, Status.STATUS_OK, admin);
+        Document doc = Jsoup.parse(response.getContentAsString());
+        assertNotNull(doc.title());
+        assertTrue(doc.title().contains("Tenant Admin Console"));
+    }
+
+    public void testSysAdminAccess_workflowConsole() throws Exception
+    {
+        String workflowConsoleUrl = "/admin/admin-workflowconsole";
+        // test the get webscript of the workflow console
+        TestWebScriptServer.GetRequest getReq = new TestWebScriptServer.GetRequest(workflowConsoleUrl);
+        sendRequest(getReq, Status.STATUS_UNAUTHORIZED, user1_sysAdmin);
+
+        // test the post webscript of the workflow console too
+        TestWebScriptServer.PostRequest postReq = new TestWebScriptServer.PostRequest(workflowConsoleUrl, "",
+                                                                                      "multipart/form-data; boundary=----WebKitFormBoundaryjacWCXfJ3KjtRenA");
+        sendRequest(postReq, Status.STATUS_UNAUTHORIZED, user1_sysAdmin);
+
+        // Normal user shouldn't have access either
+        sendRequest(getReq, Status.STATUS_UNAUTHORIZED, user2);
+
+        // Admin should have access to everything
+        Response response = sendRequest(getReq, Status.STATUS_OK, admin);
+        Document doc = Jsoup.parse(response.getContentAsString());
+        assertNotNull(doc.title());
+        assertTrue(doc.title().contains("Workflow Admin Console"));
+    }
+
+    public void testNonSysAdminAccess() throws Exception
+    {
+        AuthenticationUtil.clearCurrentSecurityContext();
+
+        String url = "/admin/admin-communitysummary";
+        TestWebScriptServer.GetRequest req = new TestWebScriptServer.GetRequest(url);
+
+        sendRequest(req, Status.STATUS_UNAUTHORIZED, user2);
+    }
+
     private class SimplePropertyDefinition implements PropertyDefinition
     {
         private boolean isAspect;
@@ -350,4 +499,19 @@ public class AdminWebScriptTest extends BaseWebScriptTest
             return null;
         }
     }
+
+    private void createUser(String username, String password)
+    {
+        if (!personService.personExists(username))
+        {
+            this.authenticationService.createAuthentication(username, password.toCharArray());
+
+            PropertyMap personProps = new PropertyMap();
+            personProps.put(ContentModel.PROP_USERNAME, username);
+            personProps.put(ContentModel.PROP_FIRSTNAME, "testFirstName");
+            personProps.put(ContentModel.PROP_LASTNAME, "testLastName");
+            personProps.put(ContentModel.PROP_EMAIL, username + "@email.com");
+            this.personService.createPerson(personProps);
+        }
+    }
 }

remote-api/src/test/java/org/alfresco/rest/DeletedNodesTest.java

@@ -2,7 +2,7 @@
  * #%L
  * Alfresco Remote API
  * %%
- * Copyright (C) 2005 - 2020 Alfresco Software Limited
+ * Copyright (C) 2005 - 2021 Alfresco Software Limited
  * %%
  * This file is part of the Alfresco software. 
  * If the software was purchased under a paid Alfresco license, the terms of 
@@ -78,8 +78,6 @@ public class DeletedNodesTest extends AbstractSingleNetworkSiteTest
 
     protected static final String URL_DELETED_NODES = "deleted-nodes";
     private static final String URL_RENDITIONS = "renditions";
-
-    private final static long DELAY_IN_MS = 500;
     
     @Override
     public void setup() throws Exception
@@ -704,6 +702,73 @@ public class DeletedNodesTest extends AbstractSingleNetworkSiteTest
         assertNull("We don't show the parent id for a deleted node",aNode.getParentId());
     }
 
+    @Test
+    public void testRequestArchivedContentDirectUrl() throws Exception
+    {
+        setRequestContext(user1);
+
+        String myNodeId = getMyNodeId();
+
+        String fileName = "TestDocumentToArchive.txt";
+        Document testDocumentToArchive = new Document();
+        testDocumentToArchive.setName(fileName);
+        testDocumentToArchive.setNodeType(TYPE_CM_CONTENT);
+
+        // create *empty* text file
+        HttpResponse response = post(getNodeChildrenUrl(myNodeId), toJsonAsStringNonNull(testDocumentToArchive), 201);
+        Document document = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Document.class);
+
+        final String contentNodeId = document.getId();
+        deleteNode(contentNodeId);
+
+        // Check the upload response
+        assertEquals(fileName, document.getName());
+        ContentInfo contentInfo = document.getContent();
+        assertNotNull(contentInfo);
+        assertEquals(MimetypeMap.MIMETYPE_TEXT_PLAIN, contentInfo.getMimeType());
+
+        HttpResponse dauResponse = post(getRequestArchivedContentDirectUrl(contentNodeId), null, null, null, null, 501);
+    }
+
+    @Test
+    public void testRequestArchivedRenditionDirectUrl() throws Exception
+    {
+        setRequestContext(user1);
+
+        // Create a folder within the site document's library
+        Date now = new Date();
+        String folder1 = "folder" + now.getTime() + "_1";
+        Folder createdFolder = createFolder(tDocLibNodeId, folder1, null);
+        assertNotNull(createdFolder);
+        String f1Id = createdFolder.getId();
+
+        // Create multipart request using an existing file
+        String fileName = "quick.pdf";
+        File file = getResourceFile(fileName);
+        MultiPartBuilder multiPartBuilder = MultiPartBuilder.create().setFileData(new MultiPartBuilder.FileData(fileName, file));
+        MultiPartBuilder.MultiPartRequest reqBody = multiPartBuilder.build();
+
+        // Upload quick.pdf file into 'folder'
+        HttpResponse response = post(getNodeChildrenUrl(f1Id), reqBody.getBody(), null, reqBody.getContentType(), 201);
+        Document document = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Document.class);
+        String contentNodeId = document.getId();
+
+        Rendition rendition = createAndGetRendition(contentNodeId, "doclib");
+        assertNotNull(rendition);
+        String renditionID = rendition.getId();
+        assertEquals(Rendition.RenditionStatus.CREATED, rendition.getStatus());
+
+        deleteNode(contentNodeId);
+
+        HttpResponse dauResponse = post(getRequestArchivedRenditonContentDirectUrl(contentNodeId, renditionID), null, null, null, null, 501);
+    }
+
+    private String addToDocumentLibrary(String name, String nodeType, String userId) throws Exception
+    {
+        String parentId = getSiteContainerNodeId(Nodes.PATH_MY, "documentLibrary");
+        return createNode(parentId, name, nodeType, null).getId();
+    }
+
     private String getDeletedNodeRenditionsUrl(String nodeId)
     {
         return URL_DELETED_NODES + "/" + nodeId + "/" + URL_RENDITIONS;

remote-api/src/test/java/org/alfresco/rest/api/tests/AbstractBaseApiTest.java

@@ -68,7 +68,6 @@ import org.junit.After;
 import org.junit.Before;
 import org.junit.experimental.categories.Category;
 import org.springframework.util.ResourceUtils;
-import org.alfresco.service.cmr.repository.DirectAccessUrl;
 
 import java.io.ByteArrayInputStream;
 import java.io.File;
@@ -97,6 +96,7 @@ public abstract class AbstractBaseApiTest extends EnterpriseTestApi
     private static final String RESOURCE_PREFIX = "publicapi/upload/";
 
     protected static final String URL_NODES = "nodes";
+    protected static final String URL_DELETED_NODES = "deleted-nodes";
 
     protected static final String URL_RENDITIONS = "renditions";
     protected static final String URL_VERSIONS = "versions";
@@ -219,6 +219,16 @@ public abstract class AbstractBaseApiTest extends EnterpriseTestApi
         return URL_NODES + "/" + nodeId + "/" + REQUEST_DIRECT_ACCESS_URL;
     }
 
+    protected String getRequestArchivedContentDirectUrl(String nodeId)
+    {
+        return URL_DELETED_NODES + "/" + nodeId + "/" + REQUEST_DIRECT_ACCESS_URL;
+    }
+
+    protected String getRequestArchivedRenditonContentDirectUrl(String nodeId, String renditionID)
+    {
+        return URL_DELETED_NODES + "/" + nodeId + "/" + URL_RENDITIONS + "/" + renditionID + "/" + REQUEST_DIRECT_ACCESS_URL;
+    }
+
     /**
      * The api scope. either public or private
      *

remote-api/src/test/java/org/alfresco/rest/api/tests/NodeApiTest.java

@@ -141,8 +141,6 @@ public class NodeApiTest extends AbstractSingleNetworkSiteTest
     private String groupA = null;
     private String groupB = null;
 
-    private final static long DELAY_IN_MS = 500;
-
     @Before
     public void setup() throws Exception
     {
@@ -6368,112 +6366,5 @@ public class NodeApiTest extends AbstractSingleNetworkSiteTest
 
         HttpResponse dauResponse = post(getRequestContentDirectUrl(contentNodeId), null, null, null, null, 501);
     }
-
-
-    @Test
-    public void testCreateRenditionForNewVersion() throws Exception
-    {
-        setRequestContext(user1);
-
-        RepoService.TestNetwork networkN1;
-        RepoService.TestPerson userOneN1;
-        Site userOneN1Site;
-
-        networkN1 = repoService.createNetworkWithAlias("ping", true);
-        networkN1.create();
-        userOneN1 = networkN1.createUser();
-
-        setRequestContext(networkN1.getId(), userOneN1.getId(), null);
-
-        String siteTitle = "RandomSite" + System.currentTimeMillis();
-        userOneN1Site = createSite(siteTitle, SiteVisibility.PRIVATE);
-
-        String PROP_LTM = "cm:lastThumbnailModification";
-
-        String RENDITION_NAME = "imgpreview";
-
-        String userId = userOneN1.getId();
-        setRequestContext(networkN1.getId(), userOneN1.getId(), null);
-
-        // Create a folder within the site document's library
-        String folderName = "folder" + System.currentTimeMillis();
-        String parentId = getSiteContainerNodeId(userOneN1Site.getId(), "documentLibrary");
-        String folder_Id = createNode(parentId, folderName, TYPE_CM_FOLDER, null).getId();
-
-        // Create multipart request - pdf file
-        String fileName = "quick.pdf";
-        File file = getResourceFile(fileName);
-        MultiPartRequest reqBody = MultiPartBuilder.create()
-            .setFileData(new FileData(fileName, file))
-            .build();
-        Map<String, String> params = Collections.singletonMap("include", "properties");
-
-        // Upload quick.pdf file into 'folder' - do not include request to create 'doclib' thumbnail
-        HttpResponse response = post(getNodeChildrenUrl(folder_Id), reqBody.getBody(), params, null, "alfresco", reqBody.getContentType(), 201);
-        Document document1 = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Document.class);
-        String contentNodeId = document1.getId();
-        assertNotNull(document1.getProperties());
-
-        // pause briefly
-        Thread.sleep(DELAY_IN_MS);
-
-        // Get rendition (not created yet) information for node
-        response = getSingle(getNodeRenditionsUrl(contentNodeId), RENDITION_NAME, 200);
-        Rendition rendition = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Rendition.class);
-        assertNotNull(rendition);
-        assertEquals(Rendition.RenditionStatus.NOT_CREATED, rendition.getStatus());
-
-        params = new HashMap<>();
-        params.put("placeholder", "false");
-        getSingle(getNodeRenditionsUrl(contentNodeId), (RENDITION_NAME+"/content"), params, 404);
-
-        // Create and get 'imgpreview' rendition
-        rendition = createAndGetRendition(contentNodeId, RENDITION_NAME);
-        assertNotNull(rendition);
-
-        params = new HashMap<>();
-        params.put("placeholder", "false");
-        response = getSingle(getNodeRenditionsUrl(contentNodeId), (RENDITION_NAME+"/content"), params, 200);
-
-        byte[] renditionBytes1 = response.getResponseAsBytes();
-        assertNotNull(renditionBytes1);
-
-        // check node details ...
-        params = Collections.singletonMap("include", "properties");
-        response = getSingle(NodesEntityResource.class, contentNodeId, params, 200);
-        Document document1b = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Document.class);
-        assertEquals(document1b.getModifiedByUser().getId(), document1.getModifiedByUser().getId());
-
-        // upload another version of "quick.pdf" and check again
-        fileName = "quick-2.pdf";
-        file = getResourceFile(fileName);
-        reqBody = MultiPartBuilder.create()
-            .setFileData(new FileData("quick.pdf", file))
-            .setOverwrite(true)
-            .build();
-
-        response = post(getNodeChildrenUrl(folder_Id), reqBody.getBody(), null, null, "alfresco", reqBody.getContentType(), 201);
-        Document document2 = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Document.class);
-        assertEquals(contentNodeId, document2.getId());
-
-        // wait to allow new version of the rendition to be created ...
-        Thread.sleep(DELAY_IN_MS * 4);
-
-        params = new HashMap<>();
-        params.put("placeholder", "false");
-        response = getSingle(getNodeRenditionsUrl(contentNodeId), (RENDITION_NAME+"/content"), params, 200);
-        assertNotNull(response.getResponseAsBytes());
-
-        // check rendition binary has changed
-        assertNotEquals(renditionBytes1, response.getResponseAsBytes());
-
-        params = Collections.singletonMap("include", "properties");
-        response = getSingle(NodesEntityResource.class, contentNodeId, params, 200);
-        Document document2b = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Document.class);
-
-        String contentNodeId2b = document2b.getId();
-        HttpResponse dauResponse = post(getRequestContentDirectUrl(contentNodeId2b), null, null, null, null, 501);
-
-    }
 }
 

repository/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo</artifactId>
-        <version>11.125</version>
+        <version>11.139</version>
     </parent>
 
     <dependencies>

repository/src/main/java/org/alfresco/repo/content/directurl/ContentStoreDirectUrlConfig.java

@@ -73,6 +73,7 @@ public class ContentStoreDirectUrlConfig extends AbstractDirectUrlConfig
             logger.error("Disabling content store direct access URLs due to configuration error: " + ex.getMessage());
             setEnabled(false);
         }
+        logger.info("Content store direct access URLs are " + (isEnabled() ? "enabled" : "disabled"));
     }
 
     /* Helper method to validate the content direct access url configuration settings */

repository/src/main/java/org/alfresco/repo/content/directurl/SystemWideDirectUrlConfig.java

@@ -96,6 +96,7 @@ public class SystemWideDirectUrlConfig implements DirectUrlConfig
             logger.error("Disabling system-wide direct access URLs due to configuration error: " + ex.getMessage());
             setEnabled(false);
         }
+        logger.info("System-wide direct access URLs are " + (isEnabled() ? "enabled" : "disabled"));
     }
 
     /* Helper method to validate the system-wide direct access url configuration settings */

repository/src/main/resources/alfresco/content-services-context.xml

@@ -360,9 +360,9 @@
 
    <!-- System direct access URL configuration settings -->
    <bean id="systemWideDirectUrlConfig" class="org.alfresco.repo.content.directurl.SystemWideDirectUrlConfig" init-method="init">
-      <property name="enabled" value="${system.directAccessUrl.enabled}" />
-      <property name="defaultExpiryTimeInSec" value="${system.directAccessUrl.defaultExpiryTimeInSec}" />
-      <property name="maxExpiryTimeInSec" value="${system.directAccessUrl.maxExpiryTimeInSec}" />
+      <property name="enabled" value="#{T(Boolean).valueOf('${system.directAccessUrl.enabled}')}"/>
+      <property name="defaultExpiryTimeInSec" value="#{T(Integer).parseInt('${system.directAccessUrl.defaultExpiryTimeInSec}')}" />
+      <property name="maxExpiryTimeInSec" value="#{T(Integer).parseInt('${system.directAccessUrl.maxExpiryTimeInSec}')}" />
    </bean>
 
    <!-- Abstract Direct Access URL configuration -->

repository/src/main/resources/alfresco/dbscripts/upgrade/7.1.0/org.alfresco.repo.domain.dialect.PostgreSQLDialect/remove-alf_server-table.sql

@@ -12,6 +12,7 @@ ALTER TABLE alf_transaction
     DROP COLUMN IF EXISTS server_id;
 
 DROP TABLE IF EXISTS alf_server;
+DROP SEQUENCE IF EXISTS alf_server_seq;
 
 --
 -- Record script finish

repository/src/main/resources/alfresco/messages/content-model_da.properties

@@ -125,7 +125,7 @@ cm_contentmodel.aspect.cm_auditable.title=Kan overv\u00e5ges
 cm_contentmodel.aspect.cm_auditable.description=Kan overv\u00e5ges
 cm_contentmodel.property.cm_created.title=Oprettelsesdato
 cm_contentmodel.property.cm_created.description=Oprettelsesdato
-cm_contentmodel.property.cm_creator.title=Oprettet af
+cm_contentmodel.property.cm_creator.title=Opretter
 cm_contentmodel.property.cm_creator.description=Den person, der oprettede elementet
 cm_contentmodel.property.cm_modified.title=\u00c6ndringsdato
 cm_contentmodel.property.cm_modified.description=Tidspunkt for, hvorn\u00e5r elementet senest blev \u00e6ndret

repository/src/main/resources/alfresco/messages/iptc-model_da.properties

@@ -93,7 +93,7 @@ iptcxmp_iptcmodel.property.Iptc4xmpExt_DigitalSourcefileType.title=Originalfotos
 iptcxmp_iptcmodel.property.Iptc4xmpExt_DigitalSourcefileType.description=Kildens digitale filtype.
 iptcxmp_iptcmodel.property.Iptc4xmpExt_DigitalSourceType.title=Kildetype til dette foto
 iptcxmp_iptcmodel.property.Iptc4xmpExt_DigitalSourceType.description=Kildetype til dette digitale billede
-iptcxmp_iptcmodel.property.Iptc4xmpExt_Event.title=Event
+iptcxmp_iptcmodel.property.Iptc4xmpExt_Event.title=H\u00e6ndelse
 iptcxmp_iptcmodel.property.Iptc4xmpExt_Event.description=Navngiver eller beskriver den specifikke begivenhed indholdet relaterer til.
 iptcxmp_iptcmodel.property.plus_ImageSupplierID.title=Billedes leverand\u00f8r-ID
 iptcxmp_iptcmodel.property.plus_ImageSupplierID.description=Identificerer emnets den nyeste leverand\u00f8r, som ikke n\u00f8dvendigvis er ejer eller opretter.
@@ -125,7 +125,7 @@ iptcxmp_iptcmodel.property.plus_LicensorCity.title=By
 iptcxmp_iptcmodel.property.plus_LicensorCity.description=By for en person eller virksomhed, der skal kontaktes for at f\u00e5 en licens til brug af emnet, eller som har licens p\u00e5 emnet.
 iptcxmp_iptcmodel.property.plus_LicensorCountry.title=Land
 iptcxmp_iptcmodel.property.plus_LicensorCountry.description=Land for en person eller virksomhed, der skal kontaktes for at f\u00e5 en licens til brug af emnet, eller som har licens p\u00e5 emnet.
-iptcxmp_iptcmodel.property.plus_LicensorEmail.title=e-mail
+iptcxmp_iptcmodel.property.plus_LicensorEmail.title=E-mailadresse
 iptcxmp_iptcmodel.property.plus_LicensorEmail.description=E-mail for en person eller virksomhed, der skal kontaktes for at f\u00e5 en licens til brug af emnet, eller som har licens p\u00e5 emnet.
 iptcxmp_iptcmodel.property.plus_LicensorExtendedAddress.title=Udviddet adresse
 iptcxmp_iptcmodel.property.plus_LicensorExtendedAddress.description=Udvidet adresse for en person eller virksomhed, der skal kontaktes for at f\u00e5 en licens til brug af emnet, eller som har licens p\u00e5 emnet.

repository/src/main/resources/alfresco/messages/system-messages_de.properties

@@ -38,7 +38,7 @@ system.schema_comp.index_columns_validator=Number of columns in index doesn''t m
 system.schema_comp.column_names_validator=Column types do not match. Was {0}, but expected {1}
 system.schema_comp.schema_version_validator=version must be at least ''{0}''
 #   Optional long running patch messages...
-system.schema_comp.patch_run_suggestion=The following problems will be resolved once the long running patch {0} has been run
+system.schema_comp.patch_run_suggestion=Die folgenden Probleme werden behoben, sobald das lange Ausf\u00fchrungspatch ''{0}'' ausgef\u00fchrt wurde.
 
 # Clustering
 system.cluster.license.not_enabled=License does not permit clustering: clustering is disabled.

repository/src/main/resources/alfresco/messages/system-messages_es.properties

@@ -38,7 +38,7 @@ system.schema_comp.index_columns_validator=Number of columns in index doesn''t m
 system.schema_comp.column_names_validator=Column types do not match. Was {0}, but expected {1}
 system.schema_comp.schema_version_validator=version must be at least ''{0}''
 #   Optional long running patch messages...
-system.schema_comp.patch_run_suggestion=The following problems will be resolved once the long running patch {0} has been run
+system.schema_comp.patch_run_suggestion=Los siguientes problemas se resolver\u00e1n una vez que se haya ejecutado el parche de larga duraci\u00f3n {0}
 
 # Clustering
 system.cluster.license.not_enabled=License does not permit clustering: clustering is disabled.

repository/src/main/resources/alfresco/messages/system-messages_fr.properties

@@ -38,7 +38,7 @@ system.schema_comp.index_columns_validator=Number of columns in index doesn''t m
 system.schema_comp.column_names_validator=Column types do not match. Was {0}, but expected {1}
 system.schema_comp.schema_version_validator=version must be at least ''{0}''
 #   Optional long running patch messages...
-system.schema_comp.patch_run_suggestion=The following problems will be resolved once the long running patch {0} has been run
+system.schema_comp.patch_run_suggestion=Les probl\u00e8mes suivants seront r\u00e9solus une fois la longue ex\u00e9cution du correctif {0} termin\u00e9e
 
 # Clustering
 system.cluster.license.not_enabled=License does not permit clustering: clustering is disabled.

repository/src/main/resources/alfresco/messages/system-messages_it.properties

@@ -38,7 +38,7 @@ system.schema_comp.index_columns_validator=Number of columns in index doesn''t m
 system.schema_comp.column_names_validator=Column types do not match. Was {0}, but expected {1}
 system.schema_comp.schema_version_validator=version must be at least ''{0}''
 #   Optional long running patch messages...
-system.schema_comp.patch_run_suggestion=The following problems will be resolved once the long running patch {0} has been run
+system.schema_comp.patch_run_suggestion=I problemi seguenti verranno risolti al termine dell''esecuzione della patch di lunga durata {0}
 
 # Clustering
 system.cluster.license.not_enabled=License does not permit clustering: clustering is disabled.

repository/src/main/resources/alfresco/messages/system-messages_ja.properties

@@ -38,7 +38,7 @@ system.schema_comp.index_columns_validator=Number of columns in index doesn''t m
 system.schema_comp.column_names_validator=Column types do not match. Was {0}, but expected {1}
 system.schema_comp.schema_version_validator=version must be at least ''{0}''
 #   Optional long running patch messages...
-system.schema_comp.patch_run_suggestion=The following problems will be resolved once the long running patch {0} has been run
+system.schema_comp.patch_run_suggestion=\u9577\u6642\u9593\u30d1\u30b9{0}\u3092\u5b9f\u884c\u3059\u308b\u3068\u3001\u6b21\u306e\u554f\u984c\u304c\u89e3\u6c7a\u3055\u308c\u307e\u3059
 
 # Clustering
 system.cluster.license.not_enabled=License does not permit clustering: clustering is disabled.

repository/src/main/resources/alfresco/messages/system-messages_nb.properties

@@ -38,7 +38,7 @@ system.schema_comp.index_columns_validator=Number of columns in index doesn''t m
 system.schema_comp.column_names_validator=Column types do not match. Was {0}, but expected {1}
 system.schema_comp.schema_version_validator=version must be at least ''{0}''
 #   Optional long running patch messages...
-system.schema_comp.patch_run_suggestion=The following problems will be resolved once the long running patch {0} has been run
+system.schema_comp.patch_run_suggestion=F\u00f8lgende problemer vil bli l\u00f8st s\u00e5 snart den lengekj\u00f8rende oppdateringen {0} har blitt kj\u00f8rt
 
 # Clustering
 system.cluster.license.not_enabled=License does not permit clustering: clustering is disabled.

repository/src/main/resources/alfresco/messages/system-messages_nl.properties

@@ -38,7 +38,7 @@ system.schema_comp.index_columns_validator=Number of columns in index doesn''t m
 system.schema_comp.column_names_validator=Column types do not match. Was {0}, but expected {1}
 system.schema_comp.schema_version_validator=version must be at least ''{0}''
 #   Optional long running patch messages...
-system.schema_comp.patch_run_suggestion=The following problems will be resolved once the long running patch {0} has been run
+system.schema_comp.patch_run_suggestion=De volgende problemen worden opgelost zodra de langlopende patch {0} is uitgevoerd
 
 # Clustering
 system.cluster.license.not_enabled=License does not permit clustering: clustering is disabled.

repository/src/main/resources/alfresco/messages/system-messages_pt_BR.properties

@@ -38,7 +38,7 @@ system.schema_comp.index_columns_validator=Number of columns in index doesn''t m
 system.schema_comp.column_names_validator=Column types do not match. Was {0}, but expected {1}
 system.schema_comp.schema_version_validator=version must be at least ''{0}''
 #   Optional long running patch messages...
-system.schema_comp.patch_run_suggestion=The following problems will be resolved once the long running patch {0} has been run
+system.schema_comp.patch_run_suggestion=Os seguintes problemas ser\u00e3o resolvidos ap\u00f3s o patch de longa execu\u00e7\u00e3o {0} ter sido executado
 
 # Clustering
 system.cluster.license.not_enabled=License does not permit clustering: clustering is disabled.

repository/src/main/resources/alfresco/messages/system-messages_ru.properties

@@ -38,7 +38,7 @@ system.schema_comp.index_columns_validator=Number of columns in index doesn''t m
 system.schema_comp.column_names_validator=Column types do not match. Was {0}, but expected {1}
 system.schema_comp.schema_version_validator=version must be at least ''{0}''
 #   Optional long running patch messages...
-system.schema_comp.patch_run_suggestion=The following problems will be resolved once the long running patch {0} has been run
+system.schema_comp.patch_run_suggestion=\u0421\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0431\u0443\u0434\u0443\u0442 \u0440\u0435\u0448\u0435\u043d\u044b \u043f\u043e\u0441\u043b\u0435 \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u0434\u043b\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u043e\u0433\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f {0}
 
 # Clustering
 system.cluster.license.not_enabled=License does not permit clustering: clustering is disabled.

repository/src/main/resources/alfresco/messages/system-messages_zh_CN.properties

@@ -38,7 +38,7 @@ system.schema_comp.index_columns_validator=Number of columns in index doesn''t m
 system.schema_comp.column_names_validator=Column types do not match. Was {0}, but expected {1}
 system.schema_comp.schema_version_validator=version must be at least ''{0}''
 #   Optional long running patch messages...
-system.schema_comp.patch_run_suggestion=The following problems will be resolved once the long running patch {0} has been run
+system.schema_comp.patch_run_suggestion=\u4e00\u65e6\u8fd0\u884c\u4e86\u957f\u65f6\u95f4\u8fd0\u884c\u7684\u4fee\u8865\u7a0b\u5e8f{0}\uff0c\u4ee5\u4e0b\u95ee\u9898\u5c06\u5f97\u5230\u89e3\u51b3
 
 # Clustering
 system.cluster.license.not_enabled=License does not permit clustering: clustering is disabled.