[maven-release-plugin][skip ci] prepare release 23.2.7.1

amps/ags/pom.xml

@@ -7,7 +7,7 @@
    <parent>
       <groupId>org.alfresco</groupId>
       <artifactId>alfresco-community-repo-amps</artifactId>
-      <version>23.2.3.1</version>
+      <version>23.2.7.1</version>
    </parent>
 
    <modules>

amps/ags/rm-automation/pom.xml

@@ -7,7 +7,7 @@
    <parent>
       <groupId>org.alfresco</groupId>
       <artifactId>alfresco-governance-services-community-parent</artifactId>
-      <version>23.2.3.1</version>
+      <version>23.2.7.1</version>
    </parent>
 
    <modules>

amps/ags/rm-automation/rm-automation-community-rest-api/pom.xml

@@ -7,7 +7,7 @@
    <parent>
       <groupId>org.alfresco</groupId>
       <artifactId>alfresco-governance-services-automation-community-repo</artifactId>
-      <version>23.2.3.1</version>
+      <version>23.2.7.1</version>
    </parent>
 
    <build>

amps/ags/rm-community/pom.xml

@@ -7,7 +7,7 @@
    <parent>
       <groupId>org.alfresco</groupId>
       <artifactId>alfresco-governance-services-community-parent</artifactId>
-      <version>23.2.3.1</version>
+      <version>23.2.7.1</version>
    </parent>
 
    <modules>

amps/ags/rm-community/rm-community-repo/pom.xml

@@ -8,7 +8,7 @@
    <parent>
       <groupId>org.alfresco</groupId>
       <artifactId>alfresco-governance-services-community-repo-parent</artifactId>
-      <version>23.2.3.1</version>
+      <version>23.2.7.1</version>
    </parent>
 
    <properties>

amps/ags/rm-community/rm-community-rest-api-explorer/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-governance-services-community-repo-parent</artifactId>
-        <version>23.2.3.1</version>
+        <version>23.2.7.1</version>
     </parent>
 
     <build>

amps/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo</artifactId>
-        <version>23.2.3.1</version>
+        <version>23.2.7.1</version>
     </parent>
 
     <modules>

amps/share-services/pom.xml

@@ -8,7 +8,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo-amps</artifactId>
-        <version>23.2.3.1</version>
+        <version>23.2.7.1</version>
     </parent>
 
     <properties>

core/pom.xml

@@ -7,7 +7,7 @@
    <parent>
       <groupId>org.alfresco</groupId>
       <artifactId>alfresco-community-repo</artifactId>
-      <version>23.2.3.1</version>
+      <version>23.2.7.1</version>
    </parent>
 
    <dependencies>

data-model/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo</artifactId>
-        <version>23.2.3.1</version>
+        <version>23.2.7.1</version>
     </parent>
 
     <properties>

mmt/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo</artifactId>
-        <version>23.2.3.1</version>
+        <version>23.2.7.1</version>
     </parent>
 
     <dependencies>

packaging/distribution/pom.xml

@@ -9,6 +9,6 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo-packaging</artifactId>
-        <version>23.2.3.1</version>
+        <version>23.2.7.1</version>
     </parent>
 </project>

packaging/docker-alfresco/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo-packaging</artifactId>
-        <version>23.2.3.1</version>
+        <version>23.2.7.1</version>
     </parent>
 
     <properties>

packaging/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo</artifactId>
-        <version>23.2.3.1</version>
+        <version>23.2.7.1</version>
     </parent>
 
     <modules>

packaging/tests/pom.xml

@@ -6,7 +6,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo-packaging</artifactId>
-        <version>23.2.3.1</version>
+        <version>23.2.7.1</version>
     </parent>
 
     <modules>

packaging/tests/tas-cmis/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo-tests</artifactId>
-        <version>23.2.3.1</version>
+        <version>23.2.7.1</version>
     </parent>
 
     <organization>

packaging/tests/tas-email/pom.xml

@@ -9,7 +9,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo-tests</artifactId>
-        <version>23.2.3.1</version>
+        <version>23.2.7.1</version>
     </parent>
 
     <developers>

packaging/tests/tas-integration/pom.xml

@@ -9,7 +9,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo-tests</artifactId>
-        <version>23.2.3.1</version>
+        <version>23.2.7.1</version>
     </parent>
 
     <developers>

packaging/tests/tas-restapi/pom.xml

@@ -8,7 +8,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo-tests</artifactId>
-        <version>23.2.3.1</version>
+        <version>23.2.7.1</version>
     </parent>
 
     <properties>

packaging/tests/tas-webdav/pom.xml

@@ -9,7 +9,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo-tests</artifactId>
-        <version>23.2.3.1</version>
+        <version>23.2.7.1</version>
     </parent>
 
     <developers>

packaging/war/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo-packaging</artifactId>
-        <version>23.2.3.1</version>
+        <version>23.2.7.1</version>
     </parent>
 
     <properties>

pom.xml

@@ -2,7 +2,7 @@
 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <modelVersion>4.0.0</modelVersion>
     <artifactId>alfresco-community-repo</artifactId>
-    <version>23.2.3.1</version>
+    <version>23.2.7.1</version>
     <packaging>pom</packaging>
     <name>Alfresco Community Repo Parent</name>
 
@@ -25,7 +25,7 @@
     <properties>
         <acs.version.major>23</acs.version.major>
         <acs.version.minor>2</acs.version.minor>
-        <acs.version.revision>3</acs.version.revision>
+        <acs.version.revision>7</acs.version.revision>
         <acs.version.label />
         <amp.min.version>${acs.version.major}.0.0</amp.min.version>
 
@@ -151,7 +151,7 @@
         <connection>scm:git:https://github.com/Alfresco/alfresco-community-repo.git</connection>
         <developerConnection>scm:git:https://github.com/Alfresco/alfresco-community-repo.git</developerConnection>
         <url>https://github.com/Alfresco/alfresco-community-repo</url>
-        <tag>23.2.3.1</tag>
+        <tag>23.2.7.1</tag>
     </scm>
 
     <distributionManagement>

remote-api/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo</artifactId>
-        <version>23.2.3.1</version>
+        <version>23.2.7.1</version>
     </parent>
 
     <dependencies>

repository/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo</artifactId>
-        <version>23.2.3.1</version>
+        <version>23.2.7.1</version>
     </parent>
 
     <dependencies>

repository/src/main/java/org/alfresco/repo/node/db/DbNodeServiceImpl.java

@@ -859,9 +859,18 @@ public class DbNodeServiceImpl extends AbstractNodeServiceImpl implements Extens
         if (aspectDef != null)
         {
             // Remove default properties
+            Map<QName, Serializable> propsBefore = nodeDAO.getNodeProperties(nodeId);
             Map<QName, PropertyDefinition> propertyDefs = aspectDef.getProperties();
             Set<QName> propertyToRemoveQNames = propertyDefs.keySet();
-            nodeDAO.removeNodeProperties(nodeId, propertyToRemoveQNames);
+            boolean propertiesRemoved = nodeDAO.removeNodeProperties(nodeId, propertyToRemoveQNames);
+
+            if (propertiesRemoved)
+            {
+                invokeOnUpdateProperties(
+                        nodeRef,
+                        propsBefore, // before
+                        nodeDAO.getNodeProperties(nodeId)); // after
+            }
 
             // Remove child associations
             // We have to iterate over the associations and remove all those between the parent and child

repository/src/main/java/org/alfresco/repo/workflow/activiti/script/ActivitiScriptBase.java

@@ -28,11 +28,17 @@ package org.alfresco.repo.workflow.activiti.script;
 
 import java.util.Map;
 
+import org.activiti.engine.RepositoryService;
 import org.activiti.engine.delegate.VariableScope;
 import org.activiti.engine.impl.cfg.ProcessEngineConfigurationImpl;
 import org.activiti.engine.impl.context.Context;
 import org.activiti.engine.impl.el.Expression;
 import org.activiti.engine.impl.persistence.entity.DeploymentEntity;
+import org.activiti.engine.impl.persistence.entity.ExecutionEntity;
+import org.activiti.engine.repository.ProcessDefinition;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
 import org.alfresco.repo.security.authentication.AuthenticationUtil;
 import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
 import org.alfresco.repo.workflow.WorkflowDeployer;
@@ -45,13 +51,12 @@ import org.alfresco.service.cmr.security.PersonService;
 import org.alfresco.service.cmr.workflow.WorkflowException;
 
 /**
- * Base class for execution scripts, using {@link ScriptService} as part of
- * activiti workflow.
+ * Base class for execution scripts, using {@link ScriptService} as part of activiti workflow.
  *
  * @author Frederik Heremans
  * @since 3.4.e
  */
-public class ActivitiScriptBase 
+public class ActivitiScriptBase
 {
     protected static final String PERSON_BINDING_NAME = "person";
     protected static final String USERHOME_BINDING_NAME = "userhome";
@@ -61,17 +66,19 @@ public class ActivitiScriptBase
     protected Expression runAs;
     protected Expression scriptProcessor;
 
+    private static final Logger LOGGER = LoggerFactory.getLogger(ActivitiScriptBase.class);
+
     protected Object executeScript(String theScript, Map<String, Object> model, String scriptProcessorName, String runAsUser)
     {
         String user = AuthenticationUtil.getFullyAuthenticatedUser();
-        
+
         Object scriptResult = null;
         if (runAsUser == null && user != null)
         {
             // Just execute the script using the current user
             scriptResult = executeScript(theScript, model, scriptProcessorName);
         }
-        else 
+        else
         {
             if (runAsUser != null)
             {
@@ -87,26 +94,25 @@ public class ActivitiScriptBase
         }
         return scriptResult;
     }
-    
+
     protected Object executeScriptAsUser(final String theScript, final Map<String, Object> model, final String scriptProcessorName, final String runAsUser)
     {
         // execute as specified runAsUser
-        return AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Object>()
-        {
+        return AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Object>() {
             public Object doWork() throws Exception
             {
                 return executeScript(theScript, model, scriptProcessorName);
             }
         }, runAsUser);
     }
-    
+
     protected Object executeScript(String theScript, Map<String, Object> model, String scriptProcessorName)
     {
         // Execute the script using the appropriate processor
         Object scriptResult = null;
 
         // Checks if current workflow is secure
-        boolean secure = isSecure();
+        boolean secure = isSecure(model);
 
         if (scriptProcessorName != null)
         {
@@ -117,11 +123,11 @@ public class ActivitiScriptBase
             // Use default script-processor
             scriptResult = getServiceRegistry().getScriptService().executeScriptString(theScript, model, secure);
         }
-        
+
         return scriptResult;
     }
-    
-    protected String getStringValue(Expression expression, VariableScope scope) 
+
+    protected String getStringValue(Expression expression, VariableScope scope)
     {
         if (expression != null)
         {
@@ -133,15 +139,15 @@ public class ActivitiScriptBase
     protected ServiceRegistry getServiceRegistry()
     {
         ProcessEngineConfigurationImpl config = Context.getProcessEngineConfiguration();
-        if (config != null) 
+        if (config != null)
         {
             // Fetch the registry that is injected in the activiti spring-configuration
             ServiceRegistry registry = (ServiceRegistry) config.getBeans().get(ActivitiConstants.SERVICE_REGISTRY_BEAN_KEY);
             if (registry == null)
             {
                 throw new RuntimeException(
-                            "Service-registry not present in ProcessEngineConfiguration beans, expected ServiceRegistry with key" + 
-                            ActivitiConstants.SERVICE_REGISTRY_BEAN_KEY);
+                        "Service-registry not present in ProcessEngineConfiguration beans, expected ServiceRegistry with key" +
+                                ActivitiConstants.SERVICE_REGISTRY_BEAN_KEY);
             }
             return registry;
         }
@@ -149,42 +155,136 @@ public class ActivitiScriptBase
     }
 
     /**
-     * Checks whether the workflow must be considered secure or not - based on {@link DeploymentEntity} category.
-     * If it is not considered secure, the workflow will be executed in sandbox context with more restrictions
+     * Checks whether the workflow must be considered secure or not - based on {@link DeploymentEntity} category. If it is not considered secure, the workflow will be executed in sandbox context with more restrictions
      *
      * @return true if workflow is considered secure, false otherwise
      */
-    private boolean isSecure()
+    private boolean isSecure(Map<String, Object> model)
+    {
+        String category = getDeploymentCategory(model);
+
+        // iF The deployment category matches the condition (either internal or full access) the workflow is considered secure
+        return category != null && (WorkflowDeployer.CATEGORY_ALFRESCO_INTERNAL.equals(category) || WorkflowDeployer.CATEGORY_FULL_ACCESS.equals(category));
+    }
+
+    /**
+     * Gets the deployment category from the execution context. If no execution context is available, a query to obtain the deployment is performed so the category can be returned.
+     * 
+     * @param model
+     *            a map with workflow model
+     * @return the deployment category
+     */
+    private String getDeploymentCategory(Map<String, Object> model)
+    {
+        String category = getDeploymentCategoryFromContext();
+
+        if (category == null)
+        {
+            String deploymentId = null;
+            String processDefinitionId = null;
+
+            if (model != null && model.containsKey(EXECUTION_BINDING_NAME) && model.get(EXECUTION_BINDING_NAME) instanceof ExecutionEntity)
+            {
+                ExecutionEntity executionEntity = (ExecutionEntity) model.get(EXECUTION_BINDING_NAME);
+                deploymentId = executionEntity.getDeploymentId();
+                processDefinitionId = executionEntity.getProcessDefinitionId();
+            }
+
+            category = getDeploymentCategoryFromQuery(deploymentId, processDefinitionId);
+        }
+
+        return category;
+    }
+
+    /**
+     * Obtains the deployment category from current execution context
+     * 
+     * @return the category for current execution deployment, otherwise null
+     */
+    private String getDeploymentCategoryFromContext()
     {
         String category = null;
-
         try
         {
             if (Context.isExecutionContextActive())
             {
                 category = Context.getExecutionContext().getDeployment().getCategory();
             }
+            else
+            {
+                if (LOGGER.isDebugEnabled())
+                {
+                    LOGGER.debug("No execution context available");
+                }
+            }
         }
         catch (Exception e)
         {
-            // No action required
+            if (LOGGER.isDebugEnabled())
+            {
+                LOGGER.debug("Could not obtain deployment category from execution context: {}", e.getMessage());
+            }
         }
 
-        // If the workflow is considered secure, the deployment entity category matches the condition (either internal or full access)
-        return category != null && (WorkflowDeployer.CATEGORY_ALFRESCO_INTERNAL.equals(category) || WorkflowDeployer.CATEGORY_FULL_ACCESS.equals(category));
+        return category;
     }
 
     /**
-     * Checks that the specified 'runAs' field
-     * specifies a valid username.
+     * Obtains the deployment category through a query
+     * 
+     * @param deploymentId
+     *            the deployment id to obtain the category from
+     * @param processDefinitionId
+     *            if no deployment id is provided, the process definition id can be used to obtain the deployment
+     * @return the category for the obtained deployment, otherwise null
      */
-    private void validateRunAsUser(final String runAsUser) 
+    private String getDeploymentCategoryFromQuery(String deploymentId, String processDefinitionId)
     {
-        Boolean runAsExists = AuthenticationUtil.runAs(new RunAsWork<Boolean>()
+        String category = null;
+
+        try
         {
+            RepositoryService repositoryService = Context.getProcessEngineConfiguration().getRepositoryService();
+
+            if (deploymentId == null && processDefinitionId != null)
+            {
+                ProcessDefinition processDefnition = repositoryService.getProcessDefinition(processDefinitionId);
+                if (processDefnition != null)
+                {
+                    deploymentId = processDefnition.getDeploymentId();
+                }
+            }
+
+            if (deploymentId != null)
+            {
+                DeploymentEntity deployment = (DeploymentEntity) repositoryService.createDeploymentQuery().deploymentId(deploymentId).singleResult();
+                if (deployment != null)
+                {
+                    category = deployment.getCategory();
+                }
+            }
+        }
+        catch (Exception e)
+        {
+            if (LOGGER.isDebugEnabled())
+            {
+                LOGGER.debug("Could not obtain deployment category through a query: {}", e.getMessage());
+            }
+        }
+
+        return category;
+    }
+
+    /**
+     * Checks that the specified 'runAs' field specifies a valid username.
+     */
+    private void validateRunAsUser(final String runAsUser)
+    {
+        Boolean runAsExists = AuthenticationUtil.runAs(new RunAsWork<Boolean>() {
             // Validate using System user to ensure sufficient permissions available to access person node.
 
-            public Boolean doWork() throws Exception 
+            @Override
+            public Boolean doWork() throws Exception
             {
                 return getServiceRegistry().getPersonService().personExists(runAsUser);
             }
@@ -195,21 +295,21 @@ public class ActivitiScriptBase
             throw new WorkflowException("runas user '" + runAsUser + "' does not exist.");
         }
     }
-    
+
     protected ActivitiScriptNode getPersonNode(String runAsUser)
     {
         String userName = null;
-        if (runAsUser != null) 
+        if (runAsUser != null)
         {
             userName = runAsUser;
         }
-        else 
+        else
         {
             userName = AuthenticationUtil.getFullyAuthenticatedUser();
         }
-        
+
         // The "System" user is a special case, which has no person object associated with it.
-        if(userName != null && !AuthenticationUtil.SYSTEM_USER_NAME.equals(userName))
+        if (userName != null && !AuthenticationUtil.SYSTEM_USER_NAME.equals(userName))
         {
             ServiceRegistry services = getServiceRegistry();
             PersonService personService = services.getPersonService();
@@ -221,18 +321,18 @@ public class ActivitiScriptBase
         }
         return null;
     }
-    
-    public void setScript(Expression script) 
+
+    public void setScript(Expression script)
     {
         this.script = script;
     }
 
-    public void setRunAs(Expression runAs) 
+    public void setRunAs(Expression runAs)
     {
         this.runAs = runAs;
     }
 
-    public void setScriptProcessor(Expression scriptProcessor) 
+    public void setScriptProcessor(Expression scriptProcessor)
     {
         this.scriptProcessor = scriptProcessor;
     }

repository/src/test/java/org/alfresco/repo/event2/UpdateRepoEventIT.java

@@ -26,6 +26,12 @@
 
 package org.alfresco.repo.event2;
 
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertTrue;
+
 import static org.alfresco.model.ContentModel.PROP_DESCRIPTION;
 
 import java.io.Serializable;
@@ -544,6 +550,49 @@ public class UpdateRepoEventIT extends AbstractContextAwareRepoEvent
         assertEquals(aspectsBeforeRemove, resourceBefore.getAspectNames());
     }
 
+    @Test
+    public void testRemoveAspectPropertiesTest()
+    {
+        final NodeRef nodeRef = createNode(ContentModel.TYPE_CONTENT);
+        NodeResource resource = getNodeResource(1);
+        final Set<String> originalAspects = resource.getAspectNames();
+        assertNotNull(originalAspects);
+
+        // Add cm:geographic aspect with properties
+        retryingTransactionHelper.doInTransaction(() -> {
+            Map<QName, Serializable> aspectProperties = new HashMap<>();
+            aspectProperties.put(ContentModel.PROP_LATITUDE, "12.345678");
+            aspectProperties.put(ContentModel.PROP_LONGITUDE, "12.345678");
+            nodeService.addAspect(nodeRef, ContentModel.ASPECT_GEOGRAPHIC, aspectProperties);
+            return null;
+        });
+        resource = getNodeResource(2);
+        Set<String> aspectsBeforeRemove = resource.getAspectNames();
+        assertNotNull(aspectsBeforeRemove);
+        assertTrue(aspectsBeforeRemove.contains("cm:geographic"));
+
+        // Remove cm:geographic aspect - this automatically removes the properties from the node
+        retryingTransactionHelper.doInTransaction(() -> {
+            nodeService.removeAspect(nodeRef, ContentModel.ASPECT_GEOGRAPHIC);
+            return null;
+        });
+
+        resource = getNodeResource(3);
+        assertEquals(originalAspects, resource.getAspectNames());
+
+        NodeResource resourceBefore = getNodeResourceBefore(3);
+        assertNotNull(resourceBefore.getAspectNames());
+        assertEquals(aspectsBeforeRemove, resourceBefore.getAspectNames());
+        // Resource before should contain cm:latitude and cm:longitude properties
+        assertNotNull(resourceBefore.getProperties());
+        assertTrue(resourceBefore.getProperties().containsKey("cm:latitude"));
+        assertTrue(resourceBefore.getProperties().containsKey("cm:longitude"));
+        // Resource after should NOT contain cm:latitude and cm:longitude properties
+        assertNotNull(resource.getProperties());
+        assertFalse(resource.getProperties().containsKey("cm:latitude"));
+        assertFalse(resource.getProperties().containsKey("cm:longitude"));
+    }
+
     @Test
     public void testCreateAndUpdateInTheSameTransaction()
     {