[maven-release-plugin][skip ci] prepare release 23.6.0.18

backport MNT-24776 to 23.N

.github/workflows/ci.yml

@@ -44,14 +44,14 @@ jobs:
       - uses: actions/checkout@v4
         with:
           fetch-depth: 0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v8.2.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v8.2.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.2.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.16.0
       - id: changed-files
-        uses: Alfresco/alfresco-build-tools/.github/actions/github-list-changes@v8.2.0
+        uses: Alfresco/alfresco-build-tools/.github/actions/github-list-changes@v8.16.0
         with:
           write-list-to-env: true
-      - uses: Alfresco/alfresco-build-tools/.github/actions/pre-commit@v8.2.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/pre-commit@v8.16.0
       - name: "Init"
         run: bash ./scripts/ci/init.sh
       - name: "Prepare maven cache and check compilation"
@@ -69,12 +69,12 @@ jobs:
       !contains(github.event.head_commit.message, '[force')
     steps:
       - uses: actions/checkout@v4
-      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v7.1.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v7.1.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v7.1.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.16.0
       - name: "Init"
         run: bash ./scripts/ci/init.sh
-      - uses: Alfresco/alfresco-build-tools/.github/actions/veracode@v7.1.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/veracode@v8.16.0
         continue-on-error: true
         with:
           srcclr-api-token: ${{ secrets.SRCCLR_API_TOKEN }}
@@ -92,10 +92,10 @@ jobs:
       !contains(github.event.head_commit.message, '[force')
     steps:
       - uses: actions/checkout@v4
-      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v7.1.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v7.1.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v7.1.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/github-download-file@v7.1.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/github-download-file@v8.16.0
         with:
           token: ${{ secrets.BOT_GITHUB_TOKEN }}
           repository: "Alfresco/veracode-baseline-archive"
@@ -142,10 +142,10 @@ jobs:
       !contains(github.event.head_commit.message, '[skip tests]') &&
       !contains(github.event.head_commit.message, '[force]')
     steps:
-      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v7.1.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v7.1.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v7.1.0
-      - uses: Alfresco/ya-pmd-scan@v4.1.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.16.0
+      - uses: Alfresco/ya-pmd-scan@v4.3.0
         with:
           classpath-build-command: "mvn test-compile -ntp -Pags -pl \"-:alfresco-community-repo-docker\""
 
@@ -175,14 +175,14 @@ jobs:
             testAttributes: "-Dtest=AllMmtUnitTestSuite"
     steps:
       - uses: actions/checkout@v4
-      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v7.1.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v7.1.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v7.1.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.16.0
       - name: "Init"
         run: bash ./scripts/ci/init.sh
       - name: "Prepare Report Portal"
         if: github.ref_name == 'master'
-        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-prepare@v7.1.0
+        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-prepare@v8.16.0
         id: rp-prepare
         with:
           rp-launch-prefix: ${{ env.RP_LAUNCH_PREFIX }} - ${{ matrix.testModule }}
@@ -213,7 +213,7 @@ jobs:
         continue-on-error: true
       - name: "Summarize Report Portal"
         if: github.ref_name == 'master'
-        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-summarize@v7.1.0
+        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-summarize@v8.16.0
         id: rp-summarize
         with:
           tests-outcome: ${{ steps.run-tests.outcome }}
@@ -255,9 +255,9 @@ jobs:
       REQUIRES_INSTALLED_ARTIFACTS: true
     steps:
       - uses: actions/checkout@v4
-      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v7.1.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v7.1.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v7.1.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.16.0
       - name: "Build"
         timeout-minutes: ${{ fromJSON(env.GITHUB_ACTIONS_DEPLOY_TIMEOUT) }}
         run: |
@@ -270,7 +270,7 @@ jobs:
         run: docker compose -f ./scripts/ci/docker-compose/docker-compose.yaml --profile ${{ matrix.compose-profile }} up -d
       - name: "Prepare Report Portal"
         if: github.ref_name == 'master'
-        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-prepare@v7.1.0
+        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-prepare@v8.16.0
         id: rp-prepare
         with:
           rp-launch-prefix: ${{ env.RP_LAUNCH_PREFIX }} - ${{ matrix.testSuite }}
@@ -301,7 +301,7 @@ jobs:
         continue-on-error: true
       - name: "Summarize Report Portal"
         if: github.ref_name == 'master'
-        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-summarize@v7.1.0
+        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-summarize@v8.16.0
         id: rp-summarize
         with:
           tests-outcome: ${{ steps.run-tests.outcome }}
@@ -334,9 +334,9 @@ jobs:
         version: ['10.2.18', '10.4', '10.5']
     steps:
       - uses: actions/checkout@v4
-      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v7.1.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v7.1.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v7.1.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.16.0
       - name: "Init"
         run: bash ./scripts/ci/init.sh
       - name: Run MariaDB ${{ matrix.version }} database
@@ -345,7 +345,7 @@ jobs:
           MARIADB_VERSION: ${{ matrix.version }}
       - name: "Prepare Report Portal"
         if: github.ref_name == 'master'
-        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-prepare@v7.1.0
+        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-prepare@v8.16.0
         id: rp-prepare
         with:
           rp-launch-prefix: ${{ env.RP_LAUNCH_PREFIX }} - ${{ matrix.version }}
@@ -376,7 +376,7 @@ jobs:
         continue-on-error: true
       - name: "Summarize Report Portal"
         if: github.ref_name == 'master'
-        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-summarize@v7.1.0
+        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-summarize@v8.16.0
         id: rp-summarize
         with:
           tests-outcome: ${{ steps.run-tests.outcome }}
@@ -405,9 +405,9 @@ jobs:
       !contains(github.event.head_commit.message, '[force')
     steps:
       - uses: actions/checkout@v4
-      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v7.1.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v7.1.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v7.1.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.16.0
       - name: "Init"
         run: bash ./scripts/ci/init.sh
       - name: "Run MariaDB 10.6 database"
@@ -416,7 +416,7 @@ jobs:
           MARIADB_VERSION: 10.6
       - name: "Prepare Report Portal"
         if: github.ref_name == 'master'
-        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-prepare@v7.1.0
+        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-prepare@v8.16.0
         id: rp-prepare
         with:
           rp-launch-prefix: ${{ env.RP_LAUNCH_PREFIX }}
@@ -447,7 +447,7 @@ jobs:
         continue-on-error: true
       - name: "Summarize Report Portal"
         if: github.ref_name == 'master'
-        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-summarize@v7.1.0
+        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-summarize@v8.16.0
         id: rp-summarize
         with:
           tests-outcome: ${{ steps.run-tests.outcome }}
@@ -476,9 +476,9 @@ jobs:
       !contains(github.event.head_commit.message, '[force')
     steps:
       - uses: actions/checkout@v4
-      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v7.1.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v7.1.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v7.1.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.16.0
       - name: "Init"
         run: bash ./scripts/ci/init.sh
       - name: "Run MySQL 8 database"
@@ -487,7 +487,7 @@ jobs:
           MYSQL_VERSION: 8
       - name: "Prepare Report Portal"
         if: github.ref_name == 'master'
-        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-prepare@v7.1.0
+        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-prepare@v8.16.0
         id: rp-prepare
         with:
           rp-launch-prefix: ${{ env.RP_LAUNCH_PREFIX }}
@@ -518,7 +518,7 @@ jobs:
         continue-on-error: true
       - name: "Summarize Report Portal"
         if: github.ref_name == 'master'
-        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-summarize@v7.1.0
+        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-summarize@v8.16.0
         id: rp-summarize
         with:
           tests-outcome: ${{ steps.run-tests.outcome }}
@@ -546,9 +546,9 @@ jobs:
       !contains(github.event.head_commit.message, '[force')
     steps:
       - uses: actions/checkout@v4
-      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v7.1.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v7.1.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v7.1.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.16.0
       - name: "Init"
         run: bash ./scripts/ci/init.sh
       - name: "Run PostgreSQL 13.12 database"
@@ -557,7 +557,7 @@ jobs:
           POSTGRES_VERSION: 13.12
       - name: "Prepare Report Portal"
         if: github.ref_name == 'master'
-        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-prepare@v7.1.0
+        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-prepare@v8.16.0
         id: rp-prepare
         with:
           rp-launch-prefix: ${{ env.RP_LAUNCH_PREFIX }}
@@ -588,7 +588,7 @@ jobs:
         continue-on-error: true
       - name: "Summarize Report Portal"
         if: github.ref_name == 'master'
-        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-summarize@v7.1.0
+        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-summarize@v8.16.0
         id: rp-summarize
         with:
           tests-outcome: ${{ steps.run-tests.outcome }}
@@ -616,9 +616,9 @@ jobs:
       !contains(github.event.head_commit.message, '[force')
     steps:
       - uses: actions/checkout@v4
-      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v7.1.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v7.1.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v7.1.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.16.0
       - name: "Init"
         run: bash ./scripts/ci/init.sh
       - name: "Run PostgreSQL 14.9 database"
@@ -627,7 +627,7 @@ jobs:
           POSTGRES_VERSION: 14.9
       - name: "Prepare Report Portal"
         if: github.ref_name == 'master'
-        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-prepare@v7.1.0
+        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-prepare@v8.16.0
         id: rp-prepare
         with:
           rp-launch-prefix: ${{ env.RP_LAUNCH_PREFIX }}
@@ -658,7 +658,7 @@ jobs:
         continue-on-error: true
       - name: "Summarize Report Portal"
         if: github.ref_name == 'master'
-        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-summarize@v7.1.0
+        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-summarize@v8.16.0
         id: rp-summarize
         with:
           tests-outcome: ${{ steps.run-tests.outcome }}
@@ -686,9 +686,9 @@ jobs:
       !contains(github.event.head_commit.message, '[force')
     steps:
       - uses: actions/checkout@v4
-      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v7.1.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v7.1.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v7.1.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.16.0
       - name: "Init"
         run: bash ./scripts/ci/init.sh
       - name: "Run PostgreSQL 15.4 database"
@@ -697,7 +697,7 @@ jobs:
           POSTGRES_VERSION: 15.4
       - name: "Prepare Report Portal"
         if: github.ref_name == 'master'
-        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-prepare@v7.1.0
+        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-prepare@v8.16.0
         id: rp-prepare
         with:
           rp-launch-prefix: ${{ env.RP_LAUNCH_PREFIX }}
@@ -728,7 +728,7 @@ jobs:
         continue-on-error: true
       - name: "Summarize Report Portal"
         if: github.ref_name == 'master'
-        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-summarize@v7.1.0
+        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-summarize@v8.16.0
         id: rp-summarize
         with:
           tests-outcome: ${{ steps.run-tests.outcome }}
@@ -754,16 +754,16 @@ jobs:
       !contains(github.event.head_commit.message, '[force')
     steps:
       - uses: actions/checkout@v4
-      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v7.1.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v7.1.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v7.1.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.16.0
       - name: "Init"
         run: bash ./scripts/ci/init.sh
       - name: "Run ActiveMQ"
         run: docker compose -f ./scripts/ci/docker-compose/docker-compose.yaml --profile activemq up -d
       - name: "Prepare Report Portal"
         if: github.ref_name == 'master'
-        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-prepare@v7.1.0
+        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-prepare@v8.16.0
         id: rp-prepare
         with:
           rp-launch-prefix: ${{ env.RP_LAUNCH_PREFIX }}
@@ -794,7 +794,7 @@ jobs:
         continue-on-error: true
       - name: "Summarize Report Portal"
         if: github.ref_name == 'master'
-        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-summarize@v7.1.0
+        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-summarize@v8.16.0
         id: rp-summarize
         with:
           tests-outcome: ${{ steps.run-tests.outcome }}
@@ -854,9 +854,9 @@ jobs:
             mvn-options: '-Dencryption.ssl.keystore.location=${CI_WORKSPACE}/keystores/alfresco/alfresco.keystore -Dencryption.ssl.truststore.location=${CI_WORKSPACE}/keystores/alfresco/alfresco.truststore'
     steps:
       - uses: actions/checkout@v4
-      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v7.1.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v7.1.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v7.1.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.16.0
       - name: "Init"
         run: bash ./scripts/ci/init.sh
       - name: "Set transformers tag"
@@ -879,7 +879,7 @@ jobs:
         run: docker compose -f ./scripts/ci/docker-compose/docker-compose.yaml --profile ${{ matrix.compose-profile }} up -d
       - name: "Prepare Report Portal"
         if: github.ref_name == 'master'
-        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-prepare@v7.1.0
+        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-prepare@v8.16.0
         id: rp-prepare
         with:
           rp-launch-prefix: ${{ env.RP_LAUNCH_PREFIX }} - ${{ matrix.testSuite }} ${{ matrix.idp }}
@@ -910,7 +910,7 @@ jobs:
         continue-on-error: true
       - name: "Summarize Report Portal"
         if: github.ref_name == 'master'
-        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-summarize@v7.1.0
+        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-summarize@v8.16.0
         id: rp-summarize
         with:
           tests-outcome: ${{ steps.run-tests.outcome }}
@@ -968,9 +968,9 @@ jobs:
       REQUIRES_LOCAL_IMAGES: true
     steps:
       - uses: actions/checkout@v4
-      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v7.1.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v7.1.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v7.1.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.16.0
       - name: "Build"
         timeout-minutes: ${{ fromJSON(env.GITHUB_ACTIONS_DEPLOY_TIMEOUT) }}
         run: |
@@ -986,7 +986,7 @@ jobs:
         run: mvn install -pl :alfresco-community-repo-integration-test -am -DskipTests -Pall-tas-tests
       - name: "Prepare Report Portal"
         if: github.ref_name == 'master'
-        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-prepare@v7.1.0
+        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-prepare@v8.16.0
         id: rp-prepare
         with:
           rp-launch-prefix: ${{ env.RP_LAUNCH_PREFIX }} - ${{ matrix.test-name }}
@@ -1024,7 +1024,7 @@ jobs:
         continue-on-error: true
       - name: "Summarize Report Portal"
         if: github.ref_name == 'master'
-        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-summarize@v7.1.0
+        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-summarize@v8.16.0
         id: rp-summarize
         with:
           tests-outcome: ${{ steps.tests.outcome }}
@@ -1050,16 +1050,16 @@ jobs:
       !contains(github.event.head_commit.message, '[force')
     steps:
       - uses: actions/checkout@v4
-      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v7.1.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v7.1.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v7.1.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.16.0
       - name: "Init"
         run: bash ./scripts/ci/init.sh
       - name: "Run Postgres 15.4 database"
         run: docker compose -f ./scripts/ci/docker-compose/docker-compose.yaml --profile postgres up -d
       - name: "Prepare Report Portal"
         if: github.ref_name == 'master'
-        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-prepare@v7.1.0
+        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-prepare@v8.16.0
         id: rp-prepare
         with:
           rp-launch-prefix: ${{ env.RP_LAUNCH_PREFIX }}
@@ -1090,7 +1090,7 @@ jobs:
         continue-on-error: true
       - name: "Summarize Report Portal"
         if: github.ref_name == 'master'
-        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-summarize@v7.1.0
+        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-summarize@v8.16.0
         id: rp-summarize
         with:
           tests-outcome: ${{ steps.run-tests.outcome }}
@@ -1124,9 +1124,9 @@ jobs:
       REQUIRES_INSTALLED_ARTIFACTS: true
     steps:
       - uses: actions/checkout@v4
-      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v7.1.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v7.1.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v7.1.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.16.0
       - name: "Build"
         timeout-minutes: ${{ fromJSON(env.GITHUB_ACTIONS_DEPLOY_TIMEOUT) }}
         run: |
@@ -1134,7 +1134,7 @@ jobs:
           bash ./scripts/ci/build.sh
       - name: "Prepare Report Portal"
         if: github.ref_name == 'master'
-        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-prepare@v7.1.0
+        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-prepare@v8.16.0
         id: rp-prepare
         with:
           rp-launch-prefix: ${{ env.RP_LAUNCH_PREFIX }} 0${{ matrix.part }} - (PostgreSQL) ${{ matrix.test-name }}
@@ -1170,9 +1170,9 @@ jobs:
       REQUIRES_INSTALLED_ARTIFACTS: true
     steps:
       - uses: actions/checkout@v4
-      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v7.1.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v7.1.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v7.1.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.16.0
       - name: "Build"
         timeout-minutes: ${{ fromJSON(env.GITHUB_ACTIONS_DEPLOY_TIMEOUT) }}
         run: |
@@ -1180,7 +1180,7 @@ jobs:
           bash ./scripts/ci/build.sh
       - name: "Prepare Report Portal"
         if: github.ref_name == 'master'
-        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-prepare@v7.1.0
+        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-prepare@v8.16.0
         id: rp-prepare
         with:
           rp-launch-prefix: ${{ env.RP_LAUNCH_PREFIX }} 0${{ matrix.part }} - (MySQL) ${{ matrix.test-name }}
@@ -1212,9 +1212,9 @@ jobs:
       REQUIRES_LOCAL_IMAGES: true
     steps:
       - uses: actions/checkout@v4
-      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v7.1.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v7.1.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v7.1.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.16.0
       - name: "Build"
         timeout-minutes: ${{ fromJSON(env.GITHUB_ACTIONS_DEPLOY_TIMEOUT) }}
         run: |
@@ -1228,7 +1228,7 @@ jobs:
           mvn -B install -pl :alfresco-governance-services-automation-community-rest-api -am -Pags -Pall-tas-tests -DskipTests
       - name: "Prepare Report Portal"
         if: github.ref_name == 'master'
-        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-prepare@v7.1.0
+        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-prepare@v8.16.0
         id: rp-prepare
         with:
           rp-launch-prefix: ${{ env.RP_LAUNCH_PREFIX }}
@@ -1260,7 +1260,7 @@ jobs:
         continue-on-error: true
       - name: "Summarize Report Portal"
         if: github.ref_name == 'master'
-        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-summarize@v7.1.0
+        uses: Alfresco/alfresco-build-tools/.github/actions/reportportal-summarize@v8.16.0
         id: rp-summarize
         with:
           tests-outcome: ${{ steps.run-tests.outcome }}
@@ -1302,9 +1302,9 @@ jobs:
       !contains(github.event.head_commit.message, '[force]')
     steps:
       - uses: actions/checkout@v4
-      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v7.1.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v7.1.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v7.1.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.16.0
       - name: "Build"
         timeout-minutes: ${{ fromJSON(env.GITHUB_ACTIONS_DEPLOY_TIMEOUT) }}
         run: |

.github/workflows/master_release.yml

@@ -34,12 +34,12 @@ jobs:
       - uses: actions/checkout@v4
         with:
           persist-credentials: false
-      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v7.1.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v7.1.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v7.1.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.16.0
       - name: "Init"
         run: bash ./scripts/ci/init.sh
-      - uses: Alfresco/alfresco-build-tools/.github/actions/configure-git-author@v7.1.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/configure-git-author@v8.16.0
         with:
           username: ${{ env.GIT_USERNAME }}
           email: ${{ env.GIT_EMAIL }}
@@ -63,12 +63,12 @@ jobs:
       - uses: actions/checkout@v4
         with:
           persist-credentials: false
-      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v7.1.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v7.1.0
-      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v7.1.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/get-build-info@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/free-hosted-runner-disk-space@v8.16.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/setup-java-build@v8.16.0
       - name: "Init"
         run: bash ./scripts/ci/init.sh
-      - uses: Alfresco/alfresco-build-tools/.github/actions/configure-git-author@v7.1.0
+      - uses: Alfresco/alfresco-build-tools/.github/actions/configure-git-author@v8.16.0
         with:
           username: ${{ env.GIT_USERNAME }}
           email: ${{ env.GIT_EMAIL }}

.secrets.baseline

@@ -1273,7 +1273,7 @@
         "filename": "repository/src/main/resources/alfresco/repository.properties",
         "hashed_secret": "84551ae5442affc9f1a2d3b4c86ae8b24860149d",
         "is_verified": false,
-        "line_number": 770,
+        "line_number": 771,
         "is_secret": false
       }
     ],
@@ -1539,7 +1539,7 @@
         "filename": "repository/src/test/java/org/alfresco/repo/rendition2/AbstractRenditionIntegrationTest.java",
         "hashed_secret": "5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8",
         "is_verified": false,
-        "line_number": 127,
+        "line_number": 130,
         "is_secret": false
       }
     ],
@@ -1627,7 +1627,7 @@
         "filename": "repository/src/test/java/org/alfresco/repo/security/authentication/identityservice/SpringBasedIdentityServiceFacadeUnitTest.java",
         "hashed_secret": "5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8",
         "is_verified": false,
-        "line_number": 46,
+        "line_number": 48,
         "is_secret": false
       }
     ],
@@ -1888,5 +1888,5 @@
       }
     ]
   },
-  "generated_at": "2024-10-09T09:32:52Z"
-}
+  "generated_at": "2025-05-15T21:47:13Z"
+}

amps/ags/pom.xml

@@ -7,7 +7,7 @@
    <parent>
       <groupId>org.alfresco</groupId>
       <artifactId>alfresco-community-repo-amps</artifactId>
-      <version>23.5.0.1</version>
+      <version>23.6.0.18</version>
    </parent>
 
    <modules>

amps/ags/rm-automation/pom.xml

@@ -7,7 +7,7 @@
    <parent>
       <groupId>org.alfresco</groupId>
       <artifactId>alfresco-governance-services-community-parent</artifactId>
-      <version>23.5.0.1</version>
+      <version>23.6.0.18</version>
    </parent>
 
    <modules>

amps/ags/rm-automation/rm-automation-community-rest-api/pom.xml

@@ -7,7 +7,7 @@
    <parent>
       <groupId>org.alfresco</groupId>
       <artifactId>alfresco-governance-services-automation-community-repo</artifactId>
-      <version>23.5.0.1</version>
+      <version>23.6.0.18</version>
    </parent>
 
    <build>

amps/ags/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/rm/community/util/DockerHelper.java

@@ -45,7 +45,7 @@ import com.github.dockerjava.netty.NettyDockerCmdExecFactory;
 import lombok.Getter;
 import lombok.Setter;
 import org.alfresco.utility.Utility;
-import org.apache.commons.lang.SystemUtils;
+import org.apache.commons.lang3.SystemUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;

amps/ags/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/hold/AddToHoldsBulkV1Tests.java

@@ -26,13 +26,6 @@
  */
 package org.alfresco.rest.rm.community.hold;
 
-import static org.alfresco.rest.rm.community.base.TestData.HOLD_DESCRIPTION;
-import static org.alfresco.rest.rm.community.base.TestData.HOLD_REASON;
-import static org.alfresco.rest.rm.community.model.fileplancomponents.FilePlanComponentAlias.FILE_PLAN_ALIAS;
-import static org.alfresco.rest.rm.community.model.user.UserPermissions.PERMISSION_FILING;
-import static org.alfresco.rest.rm.community.model.user.UserPermissions.PERMISSION_READ_RECORDS;
-import static org.alfresco.rest.rm.community.util.CommonTestUtils.generateTestPrefix;
-import static org.alfresco.utility.report.log.Step.STEP;
 import static org.awaitility.Awaitility.await;
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertNotNull;
@@ -44,12 +37,25 @@ import static org.springframework.http.HttpStatus.NOT_FOUND;
 import static org.springframework.http.HttpStatus.OK;
 import static org.springframework.http.HttpStatus.UNAUTHORIZED;
 
+import static org.alfresco.rest.rm.community.base.TestData.HOLD_DESCRIPTION;
+import static org.alfresco.rest.rm.community.base.TestData.HOLD_REASON;
+import static org.alfresco.rest.rm.community.model.fileplancomponents.FilePlanComponentAlias.FILE_PLAN_ALIAS;
+import static org.alfresco.rest.rm.community.model.user.UserPermissions.PERMISSION_FILING;
+import static org.alfresco.rest.rm.community.model.user.UserPermissions.PERMISSION_READ_RECORDS;
+import static org.alfresco.rest.rm.community.util.CommonTestUtils.generateTestPrefix;
+import static org.alfresco.utility.report.log.Step.STEP;
+
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.List;
 import java.util.Objects;
 import java.util.concurrent.TimeUnit;
 
+import org.springframework.beans.factory.annotation.Autowired;
+import org.testng.annotations.AfterClass;
+import org.testng.annotations.BeforeClass;
+import org.testng.annotations.Test;
+
 import org.alfresco.dataprep.CMISUtil;
 import org.alfresco.dataprep.ContentActions;
 import org.alfresco.rest.rm.community.base.BaseRMRestTest;
@@ -71,10 +77,6 @@ import org.alfresco.utility.constants.UserRole;
 import org.alfresco.utility.model.FileModel;
 import org.alfresco.utility.model.FolderModel;
 import org.alfresco.utility.model.UserModel;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.testng.annotations.AfterClass;
-import org.testng.annotations.BeforeClass;
-import org.testng.annotations.Test;
 
 /**
  * API tests for adding items to holds via the bulk process
@@ -82,7 +84,7 @@ import org.testng.annotations.Test;
 public class AddToHoldsBulkV1Tests extends BaseRMRestTest
 {
     private static final String ACCESS_DENIED_ERROR_MESSAGE = "Access Denied.  You do not have the appropriate " +
-        "permissions to perform this operation.";
+            "permissions to perform this operation.";
     private static final int NUMBER_OF_FILES = 5;
     private final List<FileModel> addedFiles = new ArrayList<>();
     private final List<UserModel> users = new ArrayList<>();
@@ -102,8 +104,9 @@ public class AddToHoldsBulkV1Tests extends BaseRMRestTest
     {
         STEP("Create a hold.");
         hold = getRestAPIFactory().getFilePlansAPI(getAdminUser()).createHold(
-            Hold.builder().name("HOLD" + generateTestPrefix(AddToHoldsV1Tests.class)).description(HOLD_DESCRIPTION)
-                .reason(HOLD_REASON).build(), FILE_PLAN_ALIAS);
+                Hold.builder().name("HOLD" + generateTestPrefix(AddToHoldsV1Tests.class)).description(HOLD_DESCRIPTION)
+                        .reason(HOLD_REASON).build(),
+                FILE_PLAN_ALIAS);
         holds.add(hold);
 
         STEP("Create test files.");
@@ -117,8 +120,8 @@ public class AddToHoldsBulkV1Tests extends BaseRMRestTest
         for (int i = 0; i < NUMBER_OF_FILES; i++)
         {
             FileModel documentHeld = dataContent.usingAdmin()
-                .usingResource(i % 2 == 0 ? folder1 : folder2)
-                .createContent(CMISUtil.DocumentType.TEXT_PLAIN);
+                    .usingResource(i % 2 == 0 ? folder1 : folder2)
+                    .createContent(CMISUtil.DocumentType.TEXT_PLAIN);
             addedFiles.add(documentHeld);
         }
 
@@ -128,29 +131,37 @@ public class AddToHoldsBulkV1Tests extends BaseRMRestTest
 
         STEP("Wait until all files are searchable.");
         await().atMost(30, TimeUnit.SECONDS)
-            .until(() -> getRestAPIFactory().getSearchAPI(null).search(searchRequest).getPagination()
-                .getTotalItems() == NUMBER_OF_FILES);
+                .until(() -> getRestAPIFactory().getSearchAPI(null).search(searchRequest).getPagination()
+                        .getTotalItems() == NUMBER_OF_FILES);
+
+        RestRequestQueryModel ancestorReq = getContentFromFolderAndAllSubfoldersQuery(rootFolder.getNodeRefWithoutVersion());
+        SearchRequest ancestorSearchRequest = new SearchRequest();
+        ancestorSearchRequest.setQuery(ancestorReq);
+
+        STEP("Wait until paths are indexed.");
+        // to improve stability on CI - seems that sometimes during big load we need to wait longer for the condition
+        await().atMost(120, TimeUnit.SECONDS)
+                .until(() -> getRestAPIFactory().getSearchAPI(null).search(ancestorSearchRequest).getPagination()
+                        .getTotalItems() == NUMBER_OF_FILES);
 
         holdBulkOperation = HoldBulkOperation.builder()
-            .query(queryReq)
-            .op(HoldBulkOperationType.ADD).build();
+                .query(queryReq)
+                .op(HoldBulkOperationType.ADD).build();
     }
 
     /**
-     * Given a user with the add to hold capability and hold filing permission
-     * When the user adds content from a site to a hold using the bulk API
-     * Then the content is added to the hold and the status of the bulk operation is DONE
+     * Given a user with the add to hold capability and hold filing permission When the user adds content from a site to a hold using the bulk API Then the content is added to the hold and the status of the bulk operation is DONE
      */
     @Test
     public void addContentFromTestSiteToHoldUsingBulkAPI()
     {
         UserModel userAddHoldPermission = roleService.createUserWithSiteRoleRMRoleAndPermission(testSite,
-            UserRole.SiteCollaborator, hold.getId(), UserRoles.ROLE_RM_MANAGER, PERMISSION_FILING);
+                UserRole.SiteCollaborator, hold.getId(), UserRoles.ROLE_RM_MANAGER, PERMISSION_FILING);
         users.add(userAddHoldPermission);
 
         STEP("Add content from the site to the hold using the bulk API.");
         HoldBulkOperationEntry bulkOperationEntry = getRestAPIFactory().getHoldsAPI(userAddHoldPermission)
-            .startBulkProcess(holdBulkOperation, hold.getId());
+                .startBulkProcess(holdBulkOperation, hold.getId());
 
         // Verify the status code
         assertStatusCode(ACCEPTED);
@@ -158,50 +169,49 @@ public class AddToHoldsBulkV1Tests extends BaseRMRestTest
 
         STEP("Wait until all files are added to the hold.");
         await().atMost(20, TimeUnit.SECONDS).until(
-            () -> getRestAPIFactory().getHoldsAPI(getAdminUser()).getChildren(hold.getId()).getEntries().size()
-                == NUMBER_OF_FILES);
+                () -> getRestAPIFactory().getHoldsAPI(getAdminUser()).getChildren(hold.getId()).getEntries().size() == NUMBER_OF_FILES);
         List<String> holdChildrenNodeRefs = getRestAPIFactory().getHoldsAPI(userAddHoldPermission)
-            .getChildren(hold.getId()).getEntries().stream().map(HoldChildEntry::getEntry).map(
-                HoldChild::getId).toList();
+                .getChildren(hold.getId()).getEntries().stream().map(HoldChildEntry::getEntry).map(
+                        HoldChild::getId)
+                .toList();
         assertEquals(addedFiles.stream().map(FileModel::getNodeRefWithoutVersion).sorted().toList(),
-            holdChildrenNodeRefs.stream().sorted().toList());
+                holdChildrenNodeRefs.stream().sorted().toList());
 
         STEP("Check the bulk status.");
         HoldBulkStatus holdBulkStatus = getRestAPIFactory().getHoldsAPI(userAddHoldPermission)
-            .getBulkStatus(hold.getId(), bulkOperationEntry.getBulkStatusId());
+                .getBulkStatus(hold.getId(), bulkOperationEntry.getBulkStatusId());
         assertBulkProcessStatus(holdBulkStatus, NUMBER_OF_FILES, 0, null, holdBulkOperation);
 
         STEP("Check the bulk statuses.");
         HoldBulkStatusCollection holdBulkStatusCollection = getRestAPIFactory().getHoldsAPI(userAddHoldPermission)
-            .getBulkStatuses(hold.getId());
+                .getBulkStatuses(hold.getId());
         assertEquals(Arrays.asList(holdBulkStatus),
-            holdBulkStatusCollection.getEntries().stream().map(HoldBulkStatusEntry::getEntry).toList());
+                holdBulkStatusCollection.getEntries().stream().map(HoldBulkStatusEntry::getEntry).toList());
     }
 
     /**
-     * Given a user with the add to hold capability and hold filing permission
-     * When the user adds content from a folder and all subfolders to a hold using the bulk API
-     * Then the content is added to the hold and the status of the bulk operation is DONE
+     * Given a user with the add to hold capability and hold filing permission When the user adds content from a folder and all subfolders to a hold using the bulk API Then the content is added to the hold and the status of the bulk operation is DONE
      */
     @Test
     public void addContentFromFolderAndAllSubfoldersToHoldUsingBulkAPI()
     {
         hold3 = getRestAPIFactory().getFilePlansAPI(getAdminUser()).createHold(
-            Hold.builder().name("HOLD" + generateTestPrefix(AddToHoldsV1Tests.class)).description(HOLD_DESCRIPTION)
-                .reason(HOLD_REASON).build(), FILE_PLAN_ALIAS);
+                Hold.builder().name("HOLD" + generateTestPrefix(AddToHoldsV1Tests.class)).description(HOLD_DESCRIPTION)
+                        .reason(HOLD_REASON).build(),
+                FILE_PLAN_ALIAS);
         holds.add(hold3);
 
         UserModel userAddHoldPermission = roleService.createUserWithSiteRoleRMRoleAndPermission(testSite,
-            UserRole.SiteCollaborator, hold3.getId(), UserRoles.ROLE_RM_MANAGER, PERMISSION_FILING);
+                UserRole.SiteCollaborator, hold3.getId(), UserRoles.ROLE_RM_MANAGER, PERMISSION_FILING);
         users.add(userAddHoldPermission);
 
         STEP("Add content from the site to the hold using the bulk API.");
         // Get content from folder and all subfolders of the root folder
         HoldBulkOperation bulkOperation = HoldBulkOperation.builder()
-            .query(getContentFromFolderAndAllSubfoldersQuery(rootFolder.getNodeRefWithoutVersion()))
-            .op(HoldBulkOperationType.ADD).build();
+                .query(getContentFromFolderAndAllSubfoldersQuery(rootFolder.getNodeRefWithoutVersion()))
+                .op(HoldBulkOperationType.ADD).build();
         HoldBulkOperationEntry bulkOperationEntry = getRestAPIFactory().getHoldsAPI(userAddHoldPermission)
-            .startBulkProcess(bulkOperation, hold3.getId());
+                .startBulkProcess(bulkOperation, hold3.getId());
 
         // Verify the status code
         assertStatusCode(ACCEPTED);
@@ -209,43 +219,40 @@ public class AddToHoldsBulkV1Tests extends BaseRMRestTest
 
         STEP("Wait until all files are added to the hold.");
         await().atMost(20, TimeUnit.SECONDS).until(
-            () -> getRestAPIFactory().getHoldsAPI(getAdminUser()).getChildren(hold3.getId()).getEntries().size()
-                == NUMBER_OF_FILES);
+                () -> getRestAPIFactory().getHoldsAPI(getAdminUser()).getChildren(hold3.getId()).getEntries().size() == NUMBER_OF_FILES);
         List<String> holdChildrenNodeRefs = getRestAPIFactory().getHoldsAPI(userAddHoldPermission)
-            .getChildren(hold3.getId()).getEntries().stream().map(HoldChildEntry::getEntry).map(
-                HoldChild::getId).toList();
+                .getChildren(hold3.getId()).getEntries().stream().map(HoldChildEntry::getEntry).map(
+                        HoldChild::getId)
+                .toList();
         assertEquals(addedFiles.stream().map(FileModel::getNodeRefWithoutVersion).sorted().toList(),
-            holdChildrenNodeRefs.stream().sorted().toList());
+                holdChildrenNodeRefs.stream().sorted().toList());
 
         STEP("Check the bulk status.");
         HoldBulkStatus holdBulkStatus = getRestAPIFactory().getHoldsAPI(userAddHoldPermission)
-            .getBulkStatus(hold3.getId(), bulkOperationEntry.getBulkStatusId());
+                .getBulkStatus(hold3.getId(), bulkOperationEntry.getBulkStatusId());
         assertBulkProcessStatus(holdBulkStatus, NUMBER_OF_FILES, 0, null, bulkOperation);
 
         STEP("Check the bulk statuses.");
         HoldBulkStatusCollection holdBulkStatusCollection = getRestAPIFactory().getHoldsAPI(userAddHoldPermission)
-            .getBulkStatuses(hold3.getId());
+                .getBulkStatuses(hold3.getId());
         assertEquals(List.of(holdBulkStatus),
-            holdBulkStatusCollection.getEntries().stream().map(HoldBulkStatusEntry::getEntry).toList());
+                holdBulkStatusCollection.getEntries().stream().map(HoldBulkStatusEntry::getEntry).toList());
     }
 
     /**
-     * Given a user without the add to hold capability
-     * When the user adds content from a site to a hold using the bulk API
-     * Then the user receives access denied error
+     * Given a user without the add to hold capability When the user adds content from a site to a hold using the bulk API Then the user receives access denied error
      */
     @Test
     public void testBulkProcessWithUserWithoutAddToHoldCapability()
     {
         UserModel userWithoutAddToHoldCapability = roleService.createUserWithSiteRoleRMRoleAndPermission(testSite,
-            UserRole
-                .SiteCollaborator,
-            hold.getId(), UserRoles.ROLE_RM_POWER_USER, PERMISSION_FILING);
+                UserRole.SiteCollaborator,
+                hold.getId(), UserRoles.ROLE_RM_POWER_USER, PERMISSION_FILING);
         users.add(userWithoutAddToHoldCapability);
 
         STEP("Add content from the site to the hold using the bulk API.");
         getRestAPIFactory().getHoldsAPI(userWithoutAddToHoldCapability)
-            .startBulkProcess(holdBulkOperation, hold.getId());
+                .startBulkProcess(holdBulkOperation, hold.getId());
 
         STEP("Verify the response status code and the error message.");
         assertStatusCode(FORBIDDEN);
@@ -253,21 +260,19 @@ public class AddToHoldsBulkV1Tests extends BaseRMRestTest
     }
 
     /**
-     * Given a user without the filing permission on a hold
-     * When the user adds content from a site to a hold using the bulk API
-     * Then the user receives access denied error
+     * Given a user without the filing permission on a hold When the user adds content from a site to a hold using the bulk API Then the user receives access denied error
      */
     @Test
     public void testBulkProcessWithUserWithoutFilingPermissionOnAHold()
     {
         // User without filing permission on a hold
         UserModel userWithoutPermission = roleService.createUserWithSiteRoleRMRoleAndPermission(testSite,
-            UserRole.SiteCollaborator, hold.getId(), UserRoles.ROLE_RM_MANAGER, PERMISSION_READ_RECORDS);
+                UserRole.SiteCollaborator, hold.getId(), UserRoles.ROLE_RM_MANAGER, PERMISSION_READ_RECORDS);
         users.add(userWithoutPermission);
 
         STEP("Add content from the site to the hold using the bulk API.");
         getRestAPIFactory().getHoldsAPI(userWithoutPermission)
-            .startBulkProcess(holdBulkOperation, hold.getId());
+                .startBulkProcess(holdBulkOperation, hold.getId());
 
         STEP("Verify the response status code and the error message.");
         assertStatusCode(FORBIDDEN);
@@ -276,68 +281,63 @@ public class AddToHoldsBulkV1Tests extends BaseRMRestTest
     }
 
     /**
-     * Given a user without the write permission on all the content
-     * When the user adds content from a site to a hold using the bulk API
-     * Then all processed items are marked as errors and the last error message contains access denied error
+     * Given a user without the write permission on all the content When the user adds content from a site to a hold using the bulk API Then all processed items are marked as errors and the last error message contains access denied error
      */
     @Test
     public void testBulkProcessWithUserWithoutWritePermissionOnTheContent()
     {
         // User without write permission on the content
         UserModel userWithoutPermission = roleService.createUserWithSiteRoleRMRoleAndPermission(
-            testSite, UserRole.SiteConsumer,
-            hold.getId(), UserRoles.ROLE_RM_MANAGER, PERMISSION_FILING);
+                testSite, UserRole.SiteConsumer,
+                hold.getId(), UserRoles.ROLE_RM_MANAGER, PERMISSION_FILING);
         users.add(userWithoutPermission);
 
         // Wait until permissions are reverted
         SearchRequest searchRequest = new SearchRequest();
         searchRequest.setQuery(holdBulkOperation.getQuery());
         await().atMost(30, TimeUnit.SECONDS)
-            .until(() -> getRestAPIFactory().getSearchAPI(userWithoutPermission).search(searchRequest).getPagination()
-                .getTotalItems() == NUMBER_OF_FILES);
+                .until(() -> getRestAPIFactory().getSearchAPI(userWithoutPermission).search(searchRequest).getPagination()
+                        .getTotalItems() == NUMBER_OF_FILES);
 
         STEP("Add content from the site to the hold using the bulk API.");
         HoldBulkOperationEntry bulkOperationEntry = getRestAPIFactory().getHoldsAPI(
-            userWithoutPermission).startBulkProcess(holdBulkOperation, hold.getId());
+                userWithoutPermission).startBulkProcess(holdBulkOperation, hold.getId());
 
         STEP("Verify the response.");
         assertStatusCode(ACCEPTED);
 
-        await().atMost(20, TimeUnit.SECONDS).until(() ->
-            Objects.equals(getRestAPIFactory().getHoldsAPI(userWithoutPermission)
+        await().atMost(20, TimeUnit.SECONDS).until(() -> Objects.equals(getRestAPIFactory().getHoldsAPI(userWithoutPermission)
                 .getBulkStatus(hold.getId(), bulkOperationEntry.getBulkStatusId()).getStatus(), "DONE"));
 
         HoldBulkStatus holdBulkStatus = getRestAPIFactory().getHoldsAPI(userWithoutPermission)
-            .getBulkStatus(hold.getId(), bulkOperationEntry.getBulkStatusId());
+                .getBulkStatus(hold.getId(), bulkOperationEntry.getBulkStatusId());
         assertBulkProcessStatus(holdBulkStatus, NUMBER_OF_FILES, NUMBER_OF_FILES, ACCESS_DENIED_ERROR_MESSAGE,
-            holdBulkOperation);
+                holdBulkOperation);
     }
 
     /**
-     * Given a user without the write permission on one file
-     * When the user adds content from a site to a hold using the bulk API
-     * Then all processed items are added to the hold except the one that the user does not have write permission
-     * And the status of the bulk operation is DONE, contains the error message and the number of errors is 1
+     * Given a user without the write permission on one file When the user adds content from a site to a hold using the bulk API Then all processed items are added to the hold except the one that the user does not have write permission And the status of the bulk operation is DONE, contains the error message and the number of errors is 1
      */
     @Test
     public void testBulkProcessWithUserWithoutWritePermissionOnOneFile()
     {
         hold2 = getRestAPIFactory().getFilePlansAPI(getAdminUser()).createHold(
-            Hold.builder().name("HOLD" + generateTestPrefix(AddToHoldsV1Tests.class)).description(HOLD_DESCRIPTION)
-                .reason(HOLD_REASON).build(), FILE_PLAN_ALIAS);
+                Hold.builder().name("HOLD" + generateTestPrefix(AddToHoldsV1Tests.class)).description(HOLD_DESCRIPTION)
+                        .reason(HOLD_REASON).build(),
+                FILE_PLAN_ALIAS);
         holds.add(hold2);
 
         UserModel userAddHoldPermission = roleService.createUserWithSiteRoleRMRoleAndPermission(testSite,
-            UserRole.SiteCollaborator, hold2.getId(), UserRoles.ROLE_RM_MANAGER, PERMISSION_FILING);
+                UserRole.SiteCollaborator, hold2.getId(), UserRoles.ROLE_RM_MANAGER, PERMISSION_FILING);
         users.add(userAddHoldPermission);
 
         contentActions.setPermissionForUser(getAdminUser().getUsername(), getAdminUser().getPassword(),
-            testSite.getId(), addedFiles.get(0).getName(), userAddHoldPermission.getUsername(),
-            UserRole.SiteConsumer.getRoleId(), false);
+                testSite.getId(), addedFiles.get(0).getName(), userAddHoldPermission.getUsername(),
+                UserRole.SiteConsumer.getRoleId(), false);
 
         STEP("Add content from the site to the hold using the bulk API.");
         HoldBulkOperationEntry bulkOperationEntry = getRestAPIFactory().getHoldsAPI(userAddHoldPermission)
-            .startBulkProcess(holdBulkOperation, hold2.getId());
+                .startBulkProcess(holdBulkOperation, hold2.getId());
 
         // Verify the status code
         assertStatusCode(ACCEPTED);
@@ -345,56 +345,50 @@ public class AddToHoldsBulkV1Tests extends BaseRMRestTest
 
         STEP("Wait until all files are added to the hold.");
         await().atMost(30, TimeUnit.SECONDS).until(
-            () -> getRestAPIFactory().getHoldsAPI(getAdminUser()).getChildren(hold2.getId()).getEntries().size()
-                == NUMBER_OF_FILES - 1);
+                () -> getRestAPIFactory().getHoldsAPI(getAdminUser()).getChildren(hold2.getId()).getEntries().size() == NUMBER_OF_FILES - 1);
         await().atMost(30, TimeUnit.SECONDS).until(
-            () -> getRestAPIFactory().getHoldsAPI(userAddHoldPermission)
-                .getBulkStatus(hold2.getId(), bulkOperationEntry.getBulkStatusId()).getProcessedItems()
-                == NUMBER_OF_FILES);
+                () -> getRestAPIFactory().getHoldsAPI(userAddHoldPermission)
+                        .getBulkStatus(hold2.getId(), bulkOperationEntry.getBulkStatusId()).getProcessedItems() == NUMBER_OF_FILES);
         List<String> holdChildrenNodeRefs = getRestAPIFactory().getHoldsAPI(userAddHoldPermission)
-            .getChildren(hold2.getId()).getEntries().stream().map(HoldChildEntry::getEntry).map(
-                HoldChild::getId).toList();
+                .getChildren(hold2.getId()).getEntries().stream().map(HoldChildEntry::getEntry).map(
+                        HoldChild::getId)
+                .toList();
         assertEquals(addedFiles.stream().skip(1).map(FileModel::getNodeRefWithoutVersion).sorted().toList(),
-            holdChildrenNodeRefs.stream().sorted().toList());
+                holdChildrenNodeRefs.stream().sorted().toList());
 
         STEP("Check the bulk status.");
         HoldBulkStatus holdBulkStatus = getRestAPIFactory().getHoldsAPI(userAddHoldPermission)
-            .getBulkStatus(hold2.getId(), bulkOperationEntry.getBulkStatusId());
+                .getBulkStatus(hold2.getId(), bulkOperationEntry.getBulkStatusId());
         assertBulkProcessStatus(holdBulkStatus, NUMBER_OF_FILES, 1, ACCESS_DENIED_ERROR_MESSAGE, holdBulkOperation);
 
         STEP("Check the bulk statuses.");
         HoldBulkStatusCollection holdBulkStatusCollection = getRestAPIFactory().getHoldsAPI(userAddHoldPermission)
-            .getBulkStatuses(hold2.getId());
+                .getBulkStatuses(hold2.getId());
         assertEquals(List.of(holdBulkStatus),
-            holdBulkStatusCollection.getEntries().stream().map(HoldBulkStatusEntry::getEntry).toList());
+                holdBulkStatusCollection.getEntries().stream().map(HoldBulkStatusEntry::getEntry).toList());
 
         // Revert the permissions
         contentActions.setPermissionForUser(getAdminUser().getUsername(), getAdminUser().getPassword(),
-            testSite.getId(), addedFiles.get(0).getName(), userAddHoldPermission.getUsername(),
-            UserRole.SiteCollaborator.getRoleId(), true);
+                testSite.getId(), addedFiles.get(0).getName(), userAddHoldPermission.getUsername(),
+                UserRole.SiteCollaborator.getRoleId(), true);
     }
 
     /**
-     * Given an unauthenticated user
-     * When the user adds content from a site to a hold using the bulk API
-     * Then the user receives unauthorized error
+     * Given an unauthenticated user When the user adds content from a site to a hold using the bulk API Then the user receives unauthorized error
      */
     @Test
     public void testBulkProcessAsUnauthenticatedUser()
     {
         STEP("Start bulk process as unauthenticated user");
         getRestAPIFactory().getHoldsAPI(new UserModel(getAdminUser().getUsername(), "wrongPassword"))
-            .startBulkProcess(holdBulkOperation, hold.getId());
+                .startBulkProcess(holdBulkOperation, hold.getId());
 
         STEP("Verify the response status code.");
         assertStatusCode(UNAUTHORIZED);
     }
 
     /**
-     * Given a user with the add to hold capability and hold filing permission
-     * When the user adds content from a site to a hold using the bulk API
-     * And the hold does not exist
-     * Then the user receives not found error
+     * Given a user with the add to hold capability and hold filing permission When the user adds content from a site to a hold using the bulk API And the hold does not exist Then the user receives not found error
      */
     @Test
     public void testBulkProcessForNonExistentHold()
@@ -407,10 +401,7 @@ public class AddToHoldsBulkV1Tests extends BaseRMRestTest
     }
 
     /**
-     * Given a user with the add to hold capability and hold filing permission
-     * When the user adds content from a site to a hold using the bulk API
-     * and the bulk operation is invalid
-     * Then the user receives bad request error
+     * Given a user with the add to hold capability and hold filing permission When the user adds content from a site to a hold using the bulk API and the bulk operation is invalid Then the user receives bad request error
      */
     @Test
     public void testGetBulkStatusesForInvalidOperation()
@@ -418,7 +409,7 @@ public class AddToHoldsBulkV1Tests extends BaseRMRestTest
         STEP("Start bulk process for non existent hold");
 
         HoldBulkOperation invalidHoldBulkOperation = HoldBulkOperation.builder().op(null)
-            .query(holdBulkOperation.getQuery()).build();
+                .query(holdBulkOperation.getQuery()).build();
         getRestAPIFactory().getHoldsAPI(getAdminUser()).startBulkProcess(invalidHoldBulkOperation, hold.getId());
 
         STEP("Verify the response status code.");
@@ -426,10 +417,7 @@ public class AddToHoldsBulkV1Tests extends BaseRMRestTest
     }
 
     /**
-     * Given a user with the add to hold capability and hold filing permission
-     * When the user adds content from a site to a hold using the bulk API
-     * And the hold does not exist
-     * Then the user receives not found error
+     * Given a user with the add to hold capability and hold filing permission When the user adds content from a site to a hold using the bulk API And the hold does not exist Then the user receives not found error
      */
     @Test
     public void testGetBulkStatusForNonExistentHold()
@@ -442,10 +430,7 @@ public class AddToHoldsBulkV1Tests extends BaseRMRestTest
     }
 
     /**
-     * Given a user with the add to hold capability and hold filing permission
-     * When the user adds content from a site to a hold using the bulk API
-     * And the bulk status does not exist
-     * Then the user receives not found error
+     * Given a user with the add to hold capability and hold filing permission When the user adds content from a site to a hold using the bulk API And the bulk status does not exist Then the user receives not found error
      */
     @Test
     public void testGetBulkStatusForNonExistentBulkStatus()
@@ -458,10 +443,7 @@ public class AddToHoldsBulkV1Tests extends BaseRMRestTest
     }
 
     /**
-     * Given a user with the add to hold capability and hold filing permission
-     * When the user adds content from a site to a hold using the bulk API
-     * And the hold does not exist
-     * Then the user receives not found error
+     * Given a user with the add to hold capability and hold filing permission When the user adds content from a site to a hold using the bulk API And the hold does not exist Then the user receives not found error
      */
     @Test
     public void testGetBulkStatusesForNonExistentHold()
@@ -474,9 +456,7 @@ public class AddToHoldsBulkV1Tests extends BaseRMRestTest
     }
 
     /**
-     * Given a user with the add to hold capability and hold filing permission
-     * When the user adds content from all sites to a hold using the bulk API to exceed the limit (30 items)
-     * Then the user receives bad request error
+     * Given a user with the add to hold capability and hold filing permission When the user adds content from all sites to a hold using the bulk API to exceed the limit (30 items) Then the user receives bad request error
      */
     @Test
     public void testExceedingBulkOperationLimit()
@@ -486,8 +466,8 @@ public class AddToHoldsBulkV1Tests extends BaseRMRestTest
         queryReq.setLanguage("afts");
 
         HoldBulkOperation exceedLimitOp = HoldBulkOperation.builder()
-            .query(queryReq)
-            .op(HoldBulkOperationType.ADD).build();
+                .query(queryReq)
+                .op(HoldBulkOperationType.ADD).build();
 
         STEP("Start bulk process to exceed the limit");
         getRestAPIFactory().getHoldsAPI(getAdminUser()).startBulkProcess(exceedLimitOp, hold.getId());
@@ -497,26 +477,24 @@ public class AddToHoldsBulkV1Tests extends BaseRMRestTest
     }
 
     /**
-     * Given a user with the add to hold capability and hold filing permission
-     * When the user adds content from a site to a hold using the bulk API
-     * And then the user cancels the bulk operation
-     * Then the user receives OK status code
+     * Given a user with the add to hold capability and hold filing permission When the user adds content from a site to a hold using the bulk API And then the user cancels the bulk operation Then the user receives OK status code
      */
     @Test
     public void testBulkProcessCancellationWithAllowedUser()
     {
         Hold hold4 = getRestAPIFactory().getFilePlansAPI(getAdminUser()).createHold(
-            Hold.builder().name("HOLD" + generateTestPrefix(AddToHoldsV1Tests.class)).description(HOLD_DESCRIPTION)
-                .reason(HOLD_REASON).build(), FILE_PLAN_ALIAS);
+                Hold.builder().name("HOLD" + generateTestPrefix(AddToHoldsV1Tests.class)).description(HOLD_DESCRIPTION)
+                        .reason(HOLD_REASON).build(),
+                FILE_PLAN_ALIAS);
         holds.add(hold4);
 
         UserModel userAddHoldPermission = roleService.createUserWithSiteRoleRMRoleAndPermission(testSite,
-            UserRole.SiteCollaborator, hold4.getId(), UserRoles.ROLE_RM_MANAGER, PERMISSION_FILING);
+                UserRole.SiteCollaborator, hold4.getId(), UserRoles.ROLE_RM_MANAGER, PERMISSION_FILING);
         users.add(userAddHoldPermission);
 
         STEP("Add content from the site to the hold using the bulk API.");
         HoldBulkOperationEntry bulkOperationEntry = getRestAPIFactory().getHoldsAPI(userAddHoldPermission)
-            .startBulkProcess(holdBulkOperation, hold4.getId());
+                .startBulkProcess(holdBulkOperation, hold4.getId());
 
         // Verify the status code
         assertStatusCode(ACCEPTED);
@@ -524,47 +502,44 @@ public class AddToHoldsBulkV1Tests extends BaseRMRestTest
 
         STEP("Cancel the bulk operation.");
         getRestAPIFactory().getHoldsAPI(userAddHoldPermission)
-            .cancelBulkOperation(hold4.getId(), bulkOperationEntry.getBulkStatusId(), new BulkBodyCancel());
+                .cancelBulkOperation(hold4.getId(), bulkOperationEntry.getBulkStatusId(), new BulkBodyCancel());
 
         // Verify the status code
         assertStatusCode(OK);
     }
 
     /**
-     * Given a user with the add to hold capability and hold filing permission
-     * When the user adds content from a site to a hold using the bulk API
-     * And a 2nd user without the add to hold capability cancels the bulk operation
-     * Then the 2nd user receives access denied error
+     * Given a user with the add to hold capability and hold filing permission When the user adds content from a site to a hold using the bulk API And a 2nd user without the add to hold capability cancels the bulk operation Then the 2nd user receives access denied error
      */
     @Test
     public void testBulkProcessCancellationWithUserWithoutAddToHoldCapability()
     {
         Hold hold5 = getRestAPIFactory().getFilePlansAPI(getAdminUser()).createHold(
-            Hold.builder().name("HOLD" + generateTestPrefix(AddToHoldsV1Tests.class)).description(HOLD_DESCRIPTION)
-                .reason(HOLD_REASON).build(), FILE_PLAN_ALIAS);
+                Hold.builder().name("HOLD" + generateTestPrefix(AddToHoldsV1Tests.class)).description(HOLD_DESCRIPTION)
+                        .reason(HOLD_REASON).build(),
+                FILE_PLAN_ALIAS);
         holds.add(hold5);
 
         UserModel userAddHoldPermission = roleService.createUserWithSiteRoleRMRoleAndPermission(testSite,
-            UserRole.SiteCollaborator, hold5.getId(), UserRoles.ROLE_RM_MANAGER, PERMISSION_FILING);
+                UserRole.SiteCollaborator, hold5.getId(), UserRoles.ROLE_RM_MANAGER, PERMISSION_FILING);
         users.add(userAddHoldPermission);
 
         STEP("Add content from the site to the hold using the bulk API.");
         HoldBulkOperationEntry bulkOperationEntry = getRestAPIFactory().getHoldsAPI(userAddHoldPermission)
-            .startBulkProcess(holdBulkOperation, hold5.getId());
+                .startBulkProcess(holdBulkOperation, hold5.getId());
 
         // Verify the status code
         assertStatusCode(ACCEPTED);
         assertEquals(NUMBER_OF_FILES, bulkOperationEntry.getTotalItems());
 
         UserModel userWithoutAddToHoldCapability = roleService.createUserWithSiteRoleRMRoleAndPermission(testSite,
-            UserRole
-                .SiteCollaborator,
-            hold5.getId(), UserRoles.ROLE_RM_POWER_USER, PERMISSION_FILING);
+                UserRole.SiteCollaborator,
+                hold5.getId(), UserRoles.ROLE_RM_POWER_USER, PERMISSION_FILING);
         users.add(userWithoutAddToHoldCapability);
 
         STEP("Cancel the bulk operation.");
         getRestAPIFactory().getHoldsAPI(userWithoutAddToHoldCapability)
-            .cancelBulkOperation(hold5.getId(), bulkOperationEntry.getBulkStatusId(), new BulkBodyCancel());
+                .cancelBulkOperation(hold5.getId(), bulkOperationEntry.getBulkStatusId(), new BulkBodyCancel());
 
         STEP("Verify the response status code and the error message.");
         assertStatusCode(FORBIDDEN);
@@ -572,7 +547,7 @@ public class AddToHoldsBulkV1Tests extends BaseRMRestTest
     }
 
     private void assertBulkProcessStatus(HoldBulkStatus holdBulkStatus, long expectedProcessedItems,
-        int expectedErrorsCount, String expectedErrorMessage, HoldBulkOperation holdBulkOperation)
+            int expectedErrorsCount, String expectedErrorMessage, HoldBulkOperation holdBulkOperation)
     {
         assertEquals("DONE", holdBulkStatus.getStatus());
         assertEquals(expectedProcessedItems, holdBulkStatus.getTotalItems());

amps/ags/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/records/AddRelationshipTests.java

@@ -42,7 +42,7 @@ import org.alfresco.rest.v0.RMRolesAndActionsAPI;
 import org.alfresco.rest.v0.RecordsAPI;
 import org.alfresco.rest.v0.RecordCategoriesAPI;
 import org.alfresco.test.AlfrescoTest;
-import org.apache.commons.lang.StringUtils;
+import org.apache.commons.lang3.StringUtils;
 import org.json.JSONObject;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.testng.annotations.Test;

amps/ags/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/smoke/DispositionScheduleLinkedRecordsTest.java

@@ -44,7 +44,7 @@ import org.alfresco.rest.v0.service.DispositionScheduleService;
 import org.alfresco.test.AlfrescoTest;
 import org.alfresco.utility.model.RepoTestModel;
 import org.alfresco.utility.model.UserModel;
-import org.apache.commons.lang.StringUtils;
+import org.apache.commons.lang3.StringUtils;
 import org.apache.http.HttpEntity;
 import org.apache.http.HttpResponse;
 import org.apache.http.HttpStatus;

amps/ags/rm-community/documentation/destruction/README.md

@@ -23,7 +23,7 @@ Recorded content can be explicitly destroyed whilst maintaining the original nod
 * License: Alfresco Community
 * Issue Tracker Link: [JIRA RM](https://issues.alfresco.com/jira/projects/RM/summary)
 * Contribution Model: Alfresco Closed Source
-* Documentation: [docs.alfresco.com (Records Management)](http://docs.alfresco.com/rm2.4/concepts/welcome-rm.html)
+* Documentation: [docs.alfresco.com (Records Management)](https://support.hyland.com/r/Alfresco/Alfresco-Governance-Services-Community-Edition/23.4/Alfresco-Governance-Services-Community-Edition/Introduction)
 
 *** 
 

amps/ags/rm-community/documentation/overview.md

@@ -21,18 +21,18 @@ RM is split into two main parts - a repository integration and a Share integrati
 * [Community License](../LICENSE.txt)
 * [Enterprise License](../../rm-enterprise/LICENSE.txt) (this file will only be present in clones of the Enterprise repository)
 * [Issue Tracker Link](https://issues.alfresco.com/jira/projects/RM)
-* [Community Documentation Link](http://docs.alfresco.com/rm-community/concepts/welcome-rm.html)
-* [Enterprise Documentation Link](http://docs.alfresco.com/rm/concepts/welcome-rm.html)
+* [Community Documentation Link](https://support.hyland.com/r/Alfresco/Alfresco-Governance-Services-Community-Edition/23.4/Alfresco-Governance-Services-Community-Edition/Introduction)
+* [Enterprise Documentation Link](https://support.hyland.com/r/Alfresco/Alfresco-Governance-Services/23.4/Alfresco-Governance-Services/Introduction)
 * [Contribution Model](../../CONTRIBUTING.md)
 
 *** 
 
 ### Prerequisite Knowledge
-An understanding of Alfresco Content Services is assumed. The following pages from the [developer documentation](http://docs.alfresco.com/5.2/concepts/dev-for-developers.html) give useful background information:
+An understanding of Alfresco Content Services is assumed. The following pages from the [developer documentation](https://support.hyland.com/r/Alfresco/Alfresco-Content-Services-Community-Edition/23.4/Alfresco-Content-Services-Community-Edition/Develop) give useful background information:
 
-* [ACS Architecture](http://docs.alfresco.com/5.2/concepts/dev-arch-overview.html)
-* [Platform Extensions](http://docs.alfresco.com/5.2/concepts/dev-platform-extensions.html)
-* [Share Extensions](http://docs.alfresco.com/5.2/concepts/dev-extensions-share.html)
+* [ACS Architecture](https://support.hyland.com/r/Alfresco/Alfresco-Content-Services/23.4/Alfresco-Content-Services/Develop/Software-Architecture)
+* [Platform Extensions](https://support.hyland.com/r/Alfresco/Alfresco-Content-Services/23.4/Alfresco-Content-Services/Develop/Extension-Points-Overview)
+* [Share Extensions](https://support.hyland.com/r/Alfresco/Alfresco-Content-Services/23.4/Alfresco-Content-Services/Develop/Share-UI-Extension-Points)
 
 *** 
 
@@ -44,12 +44,12 @@ The RM Share module communicates with the repository module via REST APIs. Inter
 * A DAO layer responsible for CRUD operations against the database.
 
 #### REST API
-The REST API endpoints fall into two main types - v0 (Webscripts) and v1. The [v0 API](http://docs.alfresco.com/5.2/references/dev-extension-points-webscripts.html) is older and not recommended for integrations. The [v1 API](http://docs.alfresco.com/5.1/pra/1/topics/pra-welcome-aara.html) is newer but isn't yet feature complete. If you are running RM locally then the GS API Explorer will be available at [this link](http://localhost:8080/gs-api-explorer/).
+The REST API endpoints fall into two main types - v0 (Webscripts) and v1. The [v0 API](https://support.hyland.com/r/Alfresco/Alfresco-Content-Services/23.4/Alfresco-Content-Services/Develop/In-Process-Platform-Extension-Points/Web-Scripts) is older and not recommended for integrations. The [v1 API](https://support.hyland.com/r/Alfresco/Alfresco-Content-Services/23.4/Alfresco-Content-Services/Develop/REST-API-Guide) is newer but isn't yet feature complete. If you are running RM locally then the GS API Explorer will be available at [this link](http://localhost:8080/gs-api-explorer/).
 
 Internally the GS v1 REST API is built on the [Alfresco v1 REST API framework](https://community.alfresco.com/community/ecm/blog/2016/10/11/v1-rest-api-part-1-introduction). It aims to be consistent with this in terms of behaviour and naming.
 
 #### Java Public API
-The Java service layer is fronted by a [Java Public API](http://docs.alfresco.com/5.2/concepts/java-public-api-list.html), which we will ensure backward compatible with previous releases. Before we remove any methods there will first be a release containing that method deprecated to allow third party integrations to migrate to a new method.  The Java Public API also includes a set of POJO objects which are needed to communicate with the services. It is easy to identify classes that are part of the Java Public API as they are annotated `@AlfrescoPublicApi`.
+The Java service layer is fronted by a [Java Public API](https://support.hyland.com/r/Alfresco/Alfresco-Content-Services/23.4/Alfresco-Content-Services/Develop/Reference/Java-Foundation-API), which we will ensure backward compatible with previous releases. Before we remove any methods there will first be a release containing that method deprecated to allow third party integrations to migrate to a new method.  The Java Public API also includes a set of POJO objects which are needed to communicate with the services. It is easy to identify classes that are part of the Java Public API as they are annotated `@AlfrescoPublicApi`.
 
 Each Java service will have at least four beans defined for it:
 
@@ -61,7 +61,7 @@ Each Java service will have at least four beans defined for it:
 #### DAOs
 The DAOs are not part of the Java Public API, but handle CRUD operations against RM stored data. We have some custom queries to improve performance for particularly heavy operations.
 
-We use standard Alfresco [data modelling](http://docs.alfresco.com/5.2/references/dev-extension-points-content-model.html) to store RM metadata. We extend the [Alfresco patching mechanism](http://docs.alfresco.com/5.2/references/dev-extension-points-patch.html) to provide community and enterprise schema upgrades.
+We use standard Alfresco [data modelling](https://support.hyland.com/r/Alfresco/Alfresco-Content-Services/23.4/Alfresco-Content-Services/Develop/In-Process-Platform-Extension-Points/Content-Model-Extension-Point) to store RM metadata. We extend the [Alfresco patching mechanism](https://support.hyland.com/r/Alfresco/Alfresco-Content-Services/23.4/Alfresco-Content-Services/Develop/In-Process-Platform-Extension-Points/Patches) to provide community and enterprise schema upgrades.
 
 ***
 

amps/ags/rm-community/pom.xml

@@ -7,7 +7,7 @@
    <parent>
       <groupId>org.alfresco</groupId>
       <artifactId>alfresco-governance-services-community-parent</artifactId>
-      <version>23.5.0.1</version>
+      <version>23.6.0.18</version>
    </parent>
 
    <modules>

amps/ags/rm-community/rm-community-repo/config/alfresco/module/org_alfresco_module_rm/alfresco-global.properties

@@ -119,6 +119,11 @@ rm.patch.v35.holdNewChildAssocPatch.batchSize=1000
 rm.haspermissionmap.read=Read
 rm.haspermissionmap.write=WriteProperties,AddChildren,ReadContent
 
+# Extended Permissions
+# Enable matching the given username with the correct casing username when retrieving an IPR group.
+# Only needs to be used if there are owners that don't have the username in the correct casing.
+rm.extendedSecurity.enableUsernameNormalization=false
+
 #
 # Extended auto-version behaviour.  If true and other auto-version properties are satisfied, then
 # a document will be auto-versioned when its type is changed.

amps/ags/rm-community/rm-community-repo/config/alfresco/module/org_alfresco_module_rm/content-context.xml

@@ -34,4 +34,7 @@
    <!-- content cleanser -->
    <bean id="contentCleanser.522022M" class="org.alfresco.module.org_alfresco_module_rm.content.cleanser.ContentCleanser522022M"/>
 
+    <!-- content cleanser -->
+    <bean id="contentCleanser.SevenPass" class="org.alfresco.module.org_alfresco_module_rm.content.cleanser.ContentCleanserSevenPass"/>
+
 </beans>

amps/ags/rm-community/rm-community-repo/config/alfresco/module/org_alfresco_module_rm/rm-service-context.xml

@@ -611,6 +611,7 @@
         <property name="authorityService" ref="authorityService"/>
         <property name="permissionService" ref="permissionService"/>
         <property name="transactionService" ref="transactionService"/>
+        <property name="enableUsernameNormalization" value="${rm.extendedSecurity.enableUsernameNormalization}" />
     </bean>
 
     <bean id="ExtendedSecurityService" class="org.springframework.aop.framework.ProxyFactoryBean">

amps/ags/rm-community/rm-community-repo/pom.xml

@@ -8,7 +8,7 @@
    <parent>
       <groupId>org.alfresco</groupId>
       <artifactId>alfresco-governance-services-community-repo-parent</artifactId>
-      <version>23.5.0.1</version>
+      <version>23.6.0.18</version>
    </parent>
 
    <properties>

amps/ags/rm-community/rm-community-repo/source/java/org/alfresco/module/org_alfresco_module_rm/content/cleanser/ContentCleanserSevenPass.java

@@ -0,0 +1,51 @@
+/*
+ * #%L
+ * Alfresco Records Management Module
+ * %%
+ * Copyright (C) 2005 - 2025 Alfresco Software Limited
+ * %%
+ * This file is part of the Alfresco software.
+ * -
+ * If the software was purchased under a paid Alfresco license, the terms of
+ * the paid license agreement will prevail.  Otherwise, the software is
+ * provided under the following open source license terms:
+ * -
+ * Alfresco is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ * -
+ * Alfresco is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Lesser General Public License for more details.
+ * -
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
+ * #L%
+ */
+
+package org.alfresco.module.org_alfresco_module_rm.content.cleanser;
+
+import java.io.File;
+
+/**
+ * DoD 5220-22M Seven Pass data cleansing implementation.
+ *
+ */
+public class ContentCleanserSevenPass extends ContentCleanser522022M
+{
+    /**
+     * @see org.alfresco.module.org_alfresco_module_rm.content.cleanser.ContentCleanser#cleanse(java.io.File)
+     */
+    @Override
+    public void cleanse(File file)
+    {
+        super.cleanse(file);
+        overwrite(file, overwriteZeros);
+        overwrite(file, overwriteZeros);
+        overwrite(file, overwriteOnes);
+        overwrite(file, overwriteRandom);
+
+    }
+}

amps/ags/rm-community/rm-community-repo/source/java/org/alfresco/module/org_alfresco_module_rm/security/ExtendedSecurityServiceImpl.java

@@ -34,6 +34,12 @@ import java.util.HashSet;
 import java.util.List;
 import java.util.Set;
 
+import org.springframework.context.ApplicationListener;
+import org.springframework.context.event.ContextRefreshedEvent;
+import org.springframework.dao.ConcurrencyFailureException;
+import org.springframework.extensions.webscripts.ui.common.StringUtils;
+
+import org.alfresco.model.ContentModel;
 import org.alfresco.model.RenditionModel;
 import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel;
 import org.alfresco.module.org_alfresco_module_rm.fileplan.FilePlanService;
@@ -42,7 +48,10 @@ import org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService;
 import org.alfresco.module.org_alfresco_module_rm.util.ServiceBaseImpl;
 import org.alfresco.query.PagingRequest;
 import org.alfresco.query.PagingResults;
+import org.alfresco.repo.security.authentication.AuthenticationUtil;
+import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
 import org.alfresco.repo.security.authority.RMAuthority;
+import org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback;
 import org.alfresco.service.cmr.repository.ChildAssociationRef;
 import org.alfresco.service.cmr.repository.DuplicateChildNodeNameException;
 import org.alfresco.service.cmr.repository.NodeRef;
@@ -54,12 +63,6 @@ import org.alfresco.service.namespace.RegexQNamePattern;
 import org.alfresco.service.transaction.TransactionService;
 import org.alfresco.util.Pair;
 import org.alfresco.util.ParameterCheck;
-import org.springframework.context.ApplicationListener;
-import org.springframework.context.event.ContextRefreshedEvent;
-import org.springframework.extensions.webscripts.ui.common.StringUtils;
-import org.alfresco.repo.security.authentication.AuthenticationUtil;
-import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
-import org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback;
 
 /**
  * Extended security service implementation.
@@ -68,9 +71,9 @@ import org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransacti
  * @since 2.1
  */
 public class ExtendedSecurityServiceImpl extends ServiceBaseImpl
-                                         implements ExtendedSecurityService,
-                                                    RecordsManagementModel,
-                                                    ApplicationListener<ContextRefreshedEvent>
+        implements ExtendedSecurityService,
+        RecordsManagementModel,
+        ApplicationListener<ContextRefreshedEvent>
 {
     /** ipr group names */
     static final String ROOT_IPR_GROUP = "INPLACE_RECORD_MANAGEMENT";
@@ -95,8 +98,11 @@ public class ExtendedSecurityServiceImpl extends ServiceBaseImpl
     /** transaction service */
     private TransactionService transactionService;
 
+    private boolean enableUsernameNormalization;
+
     /**
-     * @param filePlanService   file plan service
+     * @param filePlanService
+     *            file plan service
      */
     public void setFilePlanService(FilePlanService filePlanService)
     {
@@ -104,7 +110,8 @@ public class ExtendedSecurityServiceImpl extends ServiceBaseImpl
     }
 
     /**
-     * @param filePlanRoleService   file plan role service
+     * @param filePlanRoleService
+     *            file plan role service
      */
     public void setFilePlanRoleService(FilePlanRoleService filePlanRoleService)
     {
@@ -112,7 +119,8 @@ public class ExtendedSecurityServiceImpl extends ServiceBaseImpl
     }
 
     /**
-     * @param authorityService  authority service
+     * @param authorityService
+     *            authority service
      */
     public void setAuthorityService(AuthorityService authorityService)
     {
@@ -120,7 +128,8 @@ public class ExtendedSecurityServiceImpl extends ServiceBaseImpl
     }
 
     /**
-     * @param permissionService permission service
+     * @param permissionService
+     *            permission service
      */
     public void setPermissionService(PermissionService permissionService)
     {
@@ -128,13 +137,23 @@ public class ExtendedSecurityServiceImpl extends ServiceBaseImpl
     }
 
     /**
-     * @param transactionService    transaction service
+     * @param transactionService
+     *            transaction service
      */
     public void setTransactionService(TransactionService transactionService)
     {
         this.transactionService = transactionService;
     }
 
+    /**
+     * @param enableUsernameNormalization
+     *            enable username normalization to ensure correct casing
+     */
+    public void setEnableUsernameNormalization(boolean enableUsernameNormalization)
+    {
+        this.enableUsernameNormalization = enableUsernameNormalization;
+    }
+
     /**
      * Application context refresh event handler
      */
@@ -142,19 +161,17 @@ public class ExtendedSecurityServiceImpl extends ServiceBaseImpl
     public void onApplicationEvent(ContextRefreshedEvent contextRefreshedEvent)
     {
         // run as System on bootstrap
-        AuthenticationUtil.runAs(new RunAsWork<Object>()
-        {
+        AuthenticationUtil.runAs(new RunAsWork<Object>() {
             public Object doWork()
             {
-                RetryingTransactionCallback<Void> callback = new RetryingTransactionCallback<Void>()
-                {
+                RetryingTransactionCallback<Void> callback = new RetryingTransactionCallback<Void>() {
                     public Void execute()
                     {
                         // if the root group doesn't exist then create it
                         if (!authorityService.authorityExists(getRootIRPGroup()))
                         {
                             authorityService.createAuthority(AuthorityType.GROUP, ROOT_IPR_GROUP, ROOT_IPR_GROUP,
-                                        Collections.singleton(RMAuthority.ZONE_APP_RM));
+                                    Collections.singleton(RMAuthority.ZONE_APP_RM));
                         }
                         return null;
                     }
@@ -174,7 +191,7 @@ public class ExtendedSecurityServiceImpl extends ServiceBaseImpl
         return GROUP_PREFIX + ROOT_IPR_GROUP;
     }
 
-	/**
+    /**
      * @see org.alfresco.module.org_alfresco_module_rm.security.ExtendedSecurityService#hasExtendedSecurity(org.alfresco.service.cmr.repository.NodeRef)
      */
     @Override
@@ -224,8 +241,9 @@ public class ExtendedSecurityServiceImpl extends ServiceBaseImpl
     /**
      * Helper to get authorities for a given group
      *
-     * @param group         group name
-     * @return Set<String>  immediate authorities
+     * @param group
+     *            group name
+     * @return Set<String> immediate authorities
      */
     private Set<String> getAuthorities(String group)
     {
@@ -284,8 +302,9 @@ public class ExtendedSecurityServiceImpl extends ServiceBaseImpl
      * <p>
      * Return null if none found.
      *
-     * @param nodeRef                node reference
-     * @return Pair<String, String>  where first is the read group and second if the write group, null if none found
+     * @param nodeRef
+     *            node reference
+     * @return Pair<String, String> where first is the read group and second if the write group, null if none found
      */
     private Pair<String, String> getIPRGroups(NodeRef nodeRef)
     {
@@ -321,17 +340,17 @@ public class ExtendedSecurityServiceImpl extends ServiceBaseImpl
     /**
      * Given a set of readers and writers find or create the appropriate IPR groups.
      * <p>
-     * The IPR groups are named with hashes of the authority lists in order to reduce
-     * the set of groups that require exact match.  A further index is used to handle
-     * a situation where there is a hash clash, but a difference in the authority lists.
+     * The IPR groups are named with hashes of the authority lists in order to reduce the set of groups that require exact match. A further index is used to handle a situation where there is a hash clash, but a difference in the authority lists.
      * <p>
-     * When no match is found the groups are created.  Once created
+     * When no match is found the groups are created. Once created
      *
-     * @param filePlan              file plan
-     * @param readers               authorities with read
-     * @param writers               authorities with write
-     * @return Pair<String, String> where first is the full name of the read group and
-     *                              second is the full name of the write group
+     * @param filePlan
+     *            file plan
+     * @param readers
+     *            authorities with read
+     * @param writers
+     *            authorities with write
+     * @return Pair<String, String> where first is the full name of the read group and second is the full name of the write group
      */
     private Pair<String, String> createOrFindIPRGroups(Set<String> readers, Set<String> writers)
     {
@@ -343,20 +362,28 @@ public class ExtendedSecurityServiceImpl extends ServiceBaseImpl
     /**
      * Create or find an IPR group based on the provided prefix and authorities.
      *
-     * @param groupPrefix   group prefix
-     * @param authorities   authorities
-     * @return String       full group name
+     * @param groupPrefix
+     *            group prefix
+     * @param authorities
+     *            authorities
+     * @return String full group name
      */
     private String createOrFindIPRGroup(String groupPrefix, Set<String> authorities)
     {
         String group = null;
 
+        // If enabled, the authorities are forced to match the correct casing of the usernames in case they were set
+        // with the incorrect casing.
+        // If not, it will just use the authorities as they are.
+        // In normal circumstances, the authorities are in the correct casing, so this is disabled by default.
+        Set<String> authoritySet = normalizeAuthorities(authorities);
+
         // find group or determine what the next index is if no group exists or there is a clash
-        Pair<String, Integer> groupResult = findIPRGroup(groupPrefix, authorities);
+        Pair<String, Integer> groupResult = findIPRGroup(groupPrefix, authoritySet);
 
         if (groupResult.getFirst() == null)
         {
-            group = createIPRGroup(groupPrefix, authorities, groupResult.getSecond());
+            group = createIPRGroup(groupPrefix, authoritySet, groupResult.getSecond());
         }
         else
         {
@@ -369,13 +396,13 @@ public class ExtendedSecurityServiceImpl extends ServiceBaseImpl
     /**
      * Given a group name prefix and the authorities, finds the exact match existing group.
      * <p>
-     * If the group does not exist then the group returned is null and the index shows the next available
-     * group index for creation.
+     * If the group does not exist then the group returned is null and the index shows the next available group index for creation.
      *
-     * @param groupPrefix             group name prefix
-     * @param authorities             authorities
-     * @return Pair<String, Integer>  where first is the name of the found group, null if none found and second
-     *                                if the next available create index
+     * @param groupPrefix
+     *            group name prefix
+     * @param authorities
+     *            authorities
+     * @return Pair<String, Integer> where first is the name of the found group, null if none found and second if the next available create index
      */
     private Pair<String, Integer> findIPRGroup(String groupPrefix, Set<String> authorities)
     {
@@ -391,12 +418,13 @@ public class ExtendedSecurityServiceImpl extends ServiceBaseImpl
         while (hasMoreItems == true)
         {
             // get matching authorities
-            PagingResults<String> results = authorityService.getAuthorities(AuthorityType.GROUP,
-                        RMAuthority.ZONE_APP_RM,
-                        groupShortNamePrefix,
-                        false,
-                        false,
-                        new PagingRequest(MAX_ITEMS*pageCount, MAX_ITEMS));
+            PagingResults<String> results = authorityService.getAuthorities(
+                    AuthorityType.GROUP,
+                    RMAuthority.ZONE_APP_RM,
+                    groupShortNamePrefix,
+                    false,
+                    false,
+                    new PagingRequest(MAX_ITEMS * pageCount, MAX_ITEMS));
 
             // record the total count
             nextGroupIndex = nextGroupIndex + results.getPage().size();
@@ -413,29 +441,88 @@ public class ExtendedSecurityServiceImpl extends ServiceBaseImpl
 
             // determine if there are any more pages to inspect
             hasMoreItems = results.hasMoreItems();
-            pageCount ++;
+            pageCount++;
         }
 
         return new Pair<>(iprGroup, nextGroupIndex);
     }
 
+    /**
+     * Given a set of authorities, normalizes the authority names to ensure correct casing.
+     * 
+     * @param authNames
+     * @return
+     */
+    private Set<String> normalizeAuthorities(Set<String> authNames)
+    {
+        // If disabled or no authorities, return as is
+        if (!enableUsernameNormalization || authNames == null || authNames.isEmpty())
+        {
+            return authNames;
+        }
+
+        Set<String> normalizedAuthorities = new HashSet<>();
+        for (String authorityName : authNames)
+        {
+            normalizedAuthorities.add(normalizeAuthorityName(authorityName));
+        }
+        return normalizedAuthorities;
+    }
+
+    /**
+     * Usernames are case insensitive but affect the IPR group matching when set with different casing. For a given authority of type user, this method normalizes the authority name. If group, it returns the name as-is.
+     *
+     * @param authorityName
+     *            the authority name to normalize
+     * @return the normalized authority name
+     */
+    private String normalizeAuthorityName(String authorityName)
+    {
+        if (authorityName == null || authorityName.startsWith(GROUP_PREFIX))
+        {
+            return authorityName;
+        }
+
+        // For users, attempt to get the correct casing from the username property of the user node
+        if (authorityService.authorityExists(authorityName))
+        {
+            try
+            {
+                NodeRef authorityNodeRef = authorityService.getAuthorityNodeRef(authorityName);
+                if (authorityNodeRef != null)
+                {
+                    String username = (String) nodeService.getProperty(authorityNodeRef, ContentModel.PROP_USERNAME);
+                    return username != null ? username : authorityName;
+                }
+            }
+            catch (Exception e)
+            {
+                // If anything goes wrong, fallback to the original name
+            }
+        }
+
+        return authorityName;
+    }
+
     /**
      * Determines whether a group exactly matches a list of authorities.
      *
-     * @param authorities           list of authorities
-     * @param group                 group
+     * @param authorities
+     *            list of authorities
+     * @param group
+     *            group
      * @return
      */
     private boolean isIPRGroupTrueMatch(String group, Set<String> authorities)
     {
-        //Remove GROUP_EVERYONE for proper comparison as GROUP_EVERYONE is never included in an IPR group
+        // Remove GROUP_EVERYONE for proper comparison as GROUP_EVERYONE is never included in an IPR group
         Set<String> plainAuthorities = new HashSet<String>();
         if (authorities != null)
         {
             plainAuthorities.addAll(authorities);
             plainAuthorities.remove(PermissionService.ALL_AUTHORITIES);
         }
-        Set<String> contained =  authorityService.getContainedAuthorities(null, group, true);
+        Set<String> contained = authorityService.getContainedAuthorities(null, group, true);
         return contained.equals(plainAuthorities);
     }
 
@@ -444,15 +531,17 @@ public class ExtendedSecurityServiceImpl extends ServiceBaseImpl
      * <p>
      * 'package' scope to help testing.
      *
-     * @param prefix        prefix
-     * @param authorities   authorities
-     * @return String       group prefix short name
+     * @param prefix
+     *            prefix
+     * @param authorities
+     *            authorities
+     * @return String group prefix short name
      */
-    /*package*/ String getIPRGroupPrefixShortName(String prefix, Set<String> authorities)
+    /* package */ String getIPRGroupPrefixShortName(String prefix, Set<String> authorities)
     {
         StringBuilder builder = new StringBuilder(128)
-               .append(prefix)
-               .append(getAuthoritySetHashCode(authorities));
+                .append(prefix)
+                .append(getAuthoritySetHashCode(authorities));
 
         return builder.toString();
     }
@@ -464,13 +553,17 @@ public class ExtendedSecurityServiceImpl extends ServiceBaseImpl
      * <p>
      * 'package' scope to help testing.
      *
-     * @param prefix    prefix
-     * @param readers   read authorities
-     * @param writers   write authorities
-     * @param index     group index
-     * @return String   group short name
+     * @param prefix
+     *            prefix
+     * @param readers
+     *            read authorities
+     * @param writers
+     *            write authorities
+     * @param index
+     *            group index
+     * @return String group short name
      */
-    /*package*/ String getIPRGroupShortName(String prefix, Set<String> authorities, int index)
+    /* package */ String getIPRGroupShortName(String prefix, Set<String> authorities, int index)
     {
         return getIPRGroupShortName(prefix, authorities, Integer.toString(index));
     }
@@ -480,17 +573,21 @@ public class ExtendedSecurityServiceImpl extends ServiceBaseImpl
      * <p>
      * Note this excludes the "GROUP_" prefix.
      *
-     * @param prefix    prefix
-     * @param readers   read authorities
-     * @param writers   write authorities
-     * @param index     group index
-     * @return String   group short name
+     * @param prefix
+     *            prefix
+     * @param readers
+     *            read authorities
+     * @param writers
+     *            write authorities
+     * @param index
+     *            group index
+     * @return String group short name
      */
     private String getIPRGroupShortName(String prefix, Set<String> authorities, String index)
     {
         StringBuilder builder = new StringBuilder(128)
-               .append(getIPRGroupPrefixShortName(prefix, authorities))
-               .append(index);
+                .append(getIPRGroupPrefixShortName(prefix, authorities))
+                .append(index);
 
         return builder.toString();
     }
@@ -498,8 +595,9 @@ public class ExtendedSecurityServiceImpl extends ServiceBaseImpl
     /**
      * Gets the hashcode value of a set of authorities.
      *
-     * @param authorities   set of authorities
-     * @return int          hash code
+     * @param authorities
+     *            set of authorities
+     * @return int hash code
      */
     private int getAuthoritySetHashCode(Set<String> authorities)
     {
@@ -514,10 +612,13 @@ public class ExtendedSecurityServiceImpl extends ServiceBaseImpl
     /**
      * Creates a new IPR group.
      *
-     * @param groupNamePrefix   group name prefix
-     * @param children          child authorities
-     * @param index             group index
-     * @return String           full name of created group
+     * @param groupNamePrefix
+     *            group name prefix
+     * @param children
+     *            child authorities
+     * @param index
+     *            group index
+     * @return String full name of created group
      */
     private String createIPRGroup(String groupNamePrefix, Set<String> children, int index)
     {
@@ -547,10 +648,10 @@ public class ExtendedSecurityServiceImpl extends ServiceBaseImpl
                 }
             }
         }
-        catch(DuplicateChildNodeNameException ex)
+        catch (DuplicateChildNodeNameException ex)
         {
-            // the group was concurrently created
-            group = authorityService.getName(AuthorityType.GROUP, groupShortName);
+            // Rethrow as ConcurrencyFailureException so that is can be retried and linked to the group created by the concurrent transaction
+            throw new ConcurrencyFailureException("IPR group creation failed due to concurrent duplicate group name creation: " + groupShortName);
         }
 
         return group;
@@ -559,8 +660,10 @@ public class ExtendedSecurityServiceImpl extends ServiceBaseImpl
     /**
      * Assign IPR groups to a node reference with the correct permissions.
      *
-     * @param iprGroups iprGroups, first read and second write
-     * @param nodeRef   node reference
+     * @param iprGroups
+     *            iprGroups, first read and second write
+     * @param nodeRef
+     *            node reference
      */
     private void assignIPRGroupsToNode(Pair<String, String> iprGroups, NodeRef nodeRef)
     {
@@ -598,7 +701,8 @@ public class ExtendedSecurityServiceImpl extends ServiceBaseImpl
     /**
      * Clear the nodes IPR permissions
      *
-     * @param nodeRef   node reference
+     * @param nodeRef
+     *            node reference
      */
     private void clearPermissions(NodeRef nodeRef, Pair<String, String> iprGroups)
     {
@@ -610,7 +714,9 @@ public class ExtendedSecurityServiceImpl extends ServiceBaseImpl
     /**
      * @see org.alfresco.module.org_alfresco_module_rm.security.DeprecatedExtendedSecurityService#getExtendedReaders(org.alfresco.service.cmr.repository.NodeRef)
      */
-    @Override @Deprecated public Set<String> getExtendedReaders(NodeRef nodeRef)
+    @Override
+    @Deprecated
+    public Set<String> getExtendedReaders(NodeRef nodeRef)
     {
         return getReaders(nodeRef);
     }
@@ -618,7 +724,9 @@ public class ExtendedSecurityServiceImpl extends ServiceBaseImpl
     /**
      * @see org.alfresco.module.org_alfresco_module_rm.security.DeprecatedExtendedSecurityService#getExtendedWriters(org.alfresco.service.cmr.repository.NodeRef)
      */
-    @Override @Deprecated public Set<String> getExtendedWriters(NodeRef nodeRef)
+    @Override
+    @Deprecated
+    public Set<String> getExtendedWriters(NodeRef nodeRef)
     {
         return getWriters(nodeRef);
     }
@@ -626,7 +734,9 @@ public class ExtendedSecurityServiceImpl extends ServiceBaseImpl
     /**
      * @see org.alfresco.module.org_alfresco_module_rm.security.DeprecatedExtendedSecurityService#addExtendedSecurity(org.alfresco.service.cmr.repository.NodeRef, java.util.Set, java.util.Set)
      */
-    @Override @Deprecated public void addExtendedSecurity(NodeRef nodeRef, Set<String> readers, Set<String> writers)
+    @Override
+    @Deprecated
+    public void addExtendedSecurity(NodeRef nodeRef, Set<String> readers, Set<String> writers)
     {
         set(nodeRef, readers, writers);
     }
@@ -634,7 +744,9 @@ public class ExtendedSecurityServiceImpl extends ServiceBaseImpl
     /**
      * @see org.alfresco.module.org_alfresco_module_rm.security.DeprecatedExtendedSecurityService#addExtendedSecurity(org.alfresco.service.cmr.repository.NodeRef, java.util.Set, java.util.Set, boolean)
      */
-    @Override @Deprecated public void addExtendedSecurity(NodeRef nodeRef, Set<String> readers, Set<String> writers, boolean applyToParents)
+    @Override
+    @Deprecated
+    public void addExtendedSecurity(NodeRef nodeRef, Set<String> readers, Set<String> writers, boolean applyToParents)
     {
         set(nodeRef, readers, writers);
     }
@@ -642,7 +754,9 @@ public class ExtendedSecurityServiceImpl extends ServiceBaseImpl
     /**
      * @see org.alfresco.module.org_alfresco_module_rm.security.DeprecatedExtendedSecurityService#removeAllExtendedSecurity(org.alfresco.service.cmr.repository.NodeRef)
      */
-    @Override @Deprecated public void removeAllExtendedSecurity(NodeRef nodeRef)
+    @Override
+    @Deprecated
+    public void removeAllExtendedSecurity(NodeRef nodeRef)
     {
         remove(nodeRef);
     }
@@ -650,7 +764,9 @@ public class ExtendedSecurityServiceImpl extends ServiceBaseImpl
     /**
      * @see org.alfresco.module.org_alfresco_module_rm.security.DeprecatedExtendedSecurityService#removeExtendedSecurity(org.alfresco.service.cmr.repository.NodeRef, java.util.Set, java.util.Set)
      */
-    @Override @Deprecated public void removeExtendedSecurity(NodeRef nodeRef, Set<String> readers, Set<String> writers)
+    @Override
+    @Deprecated
+    public void removeExtendedSecurity(NodeRef nodeRef, Set<String> readers, Set<String> writers)
     {
         remove(nodeRef);
     }
@@ -658,7 +774,9 @@ public class ExtendedSecurityServiceImpl extends ServiceBaseImpl
     /**
      * @see org.alfresco.module.org_alfresco_module_rm.security.DeprecatedExtendedSecurityService#removeExtendedSecurity(org.alfresco.service.cmr.repository.NodeRef, java.util.Set, java.util.Set, boolean)
      */
-    @Override @Deprecated public void removeExtendedSecurity(NodeRef nodeRef, Set<String> readers, Set<String>writers, boolean applyToParents)
+    @Override
+    @Deprecated
+    public void removeExtendedSecurity(NodeRef nodeRef, Set<String> readers, Set<String> writers, boolean applyToParents)
     {
         remove(nodeRef);
     }
@@ -666,7 +784,9 @@ public class ExtendedSecurityServiceImpl extends ServiceBaseImpl
     /**
      * @see org.alfresco.module.org_alfresco_module_rm.security.DeprecatedExtendedSecurityService#removeAllExtendedSecurity(org.alfresco.service.cmr.repository.NodeRef, boolean)
      */
-    @Override @Deprecated public void removeAllExtendedSecurity(NodeRef nodeRef, boolean applyToParents)
+    @Override
+    @Deprecated
+    public void removeAllExtendedSecurity(NodeRef nodeRef, boolean applyToParents)
     {
         remove(nodeRef);
     }

amps/ags/rm-community/rm-community-repo/test/java/org/alfresco/module/org_alfresco_module_rm/test/legacy/service/ExtendedSecurityServiceImplTest.java

@@ -29,14 +29,23 @@ package org.alfresco.module.org_alfresco_module_rm.test.legacy.service;
 
 import java.util.HashSet;
 import java.util.Set;
+import java.util.concurrent.CompletableFuture;
+
+import org.junit.Assert;
+import org.springframework.dao.ConcurrencyFailureException;
 
 import org.alfresco.model.ContentModel;
 import org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase;
+import org.alfresco.query.PagingRequest;
+import org.alfresco.query.PagingResults;
 import org.alfresco.repo.security.authentication.AuthenticationUtil;
 import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
 import org.alfresco.repo.site.SiteModel;
+import org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback;
 import org.alfresco.service.cmr.repository.NodeRef;
+import org.alfresco.service.cmr.security.AccessPermission;
 import org.alfresco.service.cmr.security.AccessStatus;
+import org.alfresco.service.cmr.security.AuthorityType;
 import org.alfresco.service.cmr.site.SiteService;
 import org.alfresco.service.cmr.site.SiteVisibility;
 import org.alfresco.util.GUID;
@@ -73,8 +82,7 @@ public class ExtendedSecurityServiceImplTest extends BaseRMTestCase
 
     private String createTestUser()
     {
-        return doTestInTransaction(new Test<String>()
-        {
+        return doTestInTransaction(new Test<String>() {
             public String run()
             {
                 String userName = GUID.generate();
@@ -90,8 +98,7 @@ public class ExtendedSecurityServiceImplTest extends BaseRMTestCase
         final String elephant = createTestUser();
         final String snake = createTestUser();
 
-        doTestInTransaction(new Test<Void>()
-        {
+        doTestInTransaction(new Test<Void>() {
             public Void run()
             {
                 assertFalse(extendedSecurityService.hasExtendedSecurity(filePlan));
@@ -118,7 +125,7 @@ public class ExtendedSecurityServiceImplTest extends BaseRMTestCase
 
                 // test remove
                 extendedSecurityService.remove(recordToo);
-                
+
                 assertFalse(extendedSecurityService.hasExtendedSecurity(recordToo));
                 assertTrue(extendedSecurityService.getReaders(recordToo).isEmpty());
                 assertTrue(extendedSecurityService.getWriters(recordToo).isEmpty());
@@ -133,8 +140,7 @@ public class ExtendedSecurityServiceImplTest extends BaseRMTestCase
         final String monkey = createTestUser();
         final String elephant = createTestUser();
 
-        doTestInTransaction(new Test<Void>()
-        {
+        doTestInTransaction(new Test<Void>() {
             Set<String> extendedReaders = new HashSet<>(2);
 
             public Void run() throws Exception
@@ -184,112 +190,337 @@ public class ExtendedSecurityServiceImplTest extends BaseRMTestCase
 
     public void testDifferentUsersDifferentPermissions()
     {
-    	final String userNone = createTestUser();
-    	final String userRead = createTestUser();
-    	final String userWrite = createTestUser();
-    	final String siteShortName = GUID.generate();
+        final String userNone = createTestUser();
+        final String userRead = createTestUser();
+        final String userWrite = createTestUser();
+        final String siteShortName = GUID.generate();
 
-    	doTestInTransaction(new Test<Void>()
-        {
+        doTestInTransaction(new Test<Void>() {
             public Void run() throws Exception
             {
-            	siteService.createSite(null, siteShortName, "test", "test", SiteVisibility.PRIVATE);
-            	return null;
+                siteService.createSite(null, siteShortName, "test", "test", SiteVisibility.PRIVATE);
+                return null;
             }
         });
 
-    	final NodeRef documentLibrary = doTestInTransaction(new Test<NodeRef>()
-        {
+        final NodeRef documentLibrary = doTestInTransaction(new Test<NodeRef>() {
             public NodeRef run() throws Exception
             {
-            	siteService.setMembership(siteShortName, userRead, SiteModel.SITE_CONSUMER);
-            	siteService.setMembership(siteShortName, userWrite, SiteModel.SITE_COLLABORATOR);
-            	return siteService.createContainer(siteShortName, SiteService.DOCUMENT_LIBRARY, null, null);
+                siteService.setMembership(siteShortName, userRead, SiteModel.SITE_CONSUMER);
+                siteService.setMembership(siteShortName, userWrite, SiteModel.SITE_COLLABORATOR);
+                return siteService.createContainer(siteShortName, SiteService.DOCUMENT_LIBRARY, null, null);
             }
         });
 
-    	final NodeRef record = doTestInTransaction(new Test<NodeRef>()
-        {
+        final NodeRef record = doTestInTransaction(new Test<NodeRef>() {
             public NodeRef run() throws Exception
             {
-            	NodeRef record = fileFolderService.create(documentLibrary, GUID.generate(), ContentModel.TYPE_CONTENT).getNodeRef();
-            	recordService.createRecord(filePlan, record);
-            	return record;
+                NodeRef record = fileFolderService.create(documentLibrary, GUID.generate(), ContentModel.TYPE_CONTENT)
+                        .getNodeRef();
+                recordService.createRecord(filePlan, record);
+                return record;
             }
         });
 
-    	doTestInTransaction(new Test<Void>()
-        {
+        doTestInTransaction(new Test<Void>() {
             public Void run() throws Exception
             {
-            	AuthenticationUtil.runAs(new RunAsWork<Void>()
-            	{
-					public Void doWork() throws Exception
-					{
-						// check permissions
-		            	assertEquals(AccessStatus.DENIED, permissionService.hasPermission(record, READ_RECORDS));
-		            	assertEquals(AccessStatus.DENIED, permissionService.hasPermission(record, FILING));
-						return null;
-					}
-				}, userNone);
+                AuthenticationUtil.runAs(new RunAsWork<Void>() {
+                    public Void doWork() throws Exception
+                    {
+                        // check permissions
+                        assertEquals(AccessStatus.DENIED, permissionService.hasPermission(record, READ_RECORDS));
+                        assertEquals(AccessStatus.DENIED, permissionService.hasPermission(record, FILING));
+                        return null;
+                    }
+                }, userNone);
 
-            	AuthenticationUtil.runAs(new RunAsWork<Void>()
-            	{
-					public Void doWork() throws Exception
-					{
-						// check permissions
-		            	assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(record, READ_RECORDS));
-		            	assertEquals(AccessStatus.DENIED, permissionService.hasPermission(record, FILING));
-						return null;
-					}
-				}, userRead);
+                AuthenticationUtil.runAs(new RunAsWork<Void>() {
+                    public Void doWork() throws Exception
+                    {
+                        // check permissions
+                        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(record, READ_RECORDS));
+                        assertEquals(AccessStatus.DENIED, permissionService.hasPermission(record, FILING));
+                        return null;
+                    }
+                }, userRead);
 
-            	AuthenticationUtil.runAs(new RunAsWork<Void>()
-            	{
-					public Void doWork() throws Exception
-					{
-						// check permissions
-		            	assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(record, READ_RECORDS));
-		            	assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(record, FILING));
-						return null;
-					}
-				}, userWrite);
+                AuthenticationUtil.runAs(new RunAsWork<Void>() {
+                    public Void doWork() throws Exception
+                    {
+                        // check permissions
+                        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(record, READ_RECORDS));
+                        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(record, FILING));
+                        return null;
+                    }
+                }, userWrite);
 
-            	AuthenticationUtil.runAs(new RunAsWork<Void>()
-            	{
-					public Void doWork() throws Exception
-					{
-						// check permissions
-		            	assertEquals(AccessStatus.DENIED, permissionService.hasPermission(record, READ_RECORDS));
-		            	assertEquals(AccessStatus.DENIED, permissionService.hasPermission(record, FILING));
-						return null;
-					}
-				}, userNone);
+                AuthenticationUtil.runAs(new RunAsWork<Void>() {
+                    public Void doWork() throws Exception
+                    {
+                        // check permissions
+                        assertEquals(AccessStatus.DENIED, permissionService.hasPermission(record, READ_RECORDS));
+                        assertEquals(AccessStatus.DENIED, permissionService.hasPermission(record, FILING));
+                        return null;
+                    }
+                }, userNone);
 
-            	AuthenticationUtil.runAs(new RunAsWork<Void>()
-            	{
-					public Void doWork() throws Exception
-					{
-						// check permissions
-		            	assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(record, READ_RECORDS));
-		            	assertEquals(AccessStatus.DENIED, permissionService.hasPermission(record, FILING));
-						return null;
-					}
-				}, userRead);
+                AuthenticationUtil.runAs(new RunAsWork<Void>() {
+                    public Void doWork() throws Exception
+                    {
+                        // check permissions
+                        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(record, READ_RECORDS));
+                        assertEquals(AccessStatus.DENIED, permissionService.hasPermission(record, FILING));
+                        return null;
+                    }
+                }, userRead);
 
-            	AuthenticationUtil.runAs(new RunAsWork<Void>()
-            	{
-					public Void doWork() throws Exception
-					{
-						// check permissions
-		            	assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(record, READ_RECORDS));
-		            	assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(record, FILING));
-						return null;
-					}
-				}, userWrite);
+                AuthenticationUtil.runAs(new RunAsWork<Void>() {
+                    public Void doWork() throws Exception
+                    {
+                        // check permissions
+                        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(record, READ_RECORDS));
+                        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(record, FILING));
+                        return null;
+                    }
+                }, userWrite);
 
-            	return null;
+                return null;
             }
         });
     }
+
+    public void testConcurrentSetWithRetry()
+    {
+        Set<String> extendedReaders = new HashSet<>(2);
+        Set<String> extendedWriters = new HashSet<>(2);
+
+        Set<NodeRef> documents = setupConcurrentTestCase(10, extendedReaders, extendedWriters);
+
+        // For each record created previously, spawn a thread to set extended security so we cause concurrency
+        // failure trying to create IPR groups with the same name
+        fireParallelExecutionOfSetExtendedSecurity(documents, extendedReaders, extendedWriters, true);
+
+        // Look for duplicated IPR groups and verify all documents have the same groups assigned
+        verifyCreatedGroups(documents, false);
+
+        AuthenticationUtil.clearCurrentSecurityContext();
+    }
+
+    public void testConcurrentSetWithoutRetry()
+    {
+        Set<String> extendedReaders = new HashSet<>(2);
+        Set<String> extendedWriters = new HashSet<>(2);
+
+        Set<NodeRef> documents = setupConcurrentTestCase(10, extendedReaders, extendedWriters);
+
+        // For each record created previously, spawn a thread to set extended security so we cause concurrency
+        // failure trying to create IPR groups with the same name.
+        // Since there is no retry, we expect to get a ConcurrencyFailureException
+        Assert.assertThrows(ConcurrencyFailureException.class, () -> {
+            fireParallelExecutionOfSetExtendedSecurity(documents, extendedReaders, extendedWriters, false);
+        });
+
+        // Look for duplicated IPR groups and verify all documents have the same groups assigned
+        // Since there was a ConcurrencyFailureException some threads failed to set extended security so some
+        // documents may not have IPR groups created.
+        verifyCreatedGroups(documents, true);
+
+        AuthenticationUtil.clearCurrentSecurityContext();
+    }
+
+    private Set<NodeRef> setupConcurrentTestCase(int concurrentThreads, Set<String> extendedReaders, Set<String> extendedWriters)
+    {
+        final String usera = createTestUser();
+        final String userb = createTestUser();
+        final String owner = createTestUser();
+
+        extendedReaders.add(usera);
+        extendedReaders.add(userb);
+        extendedWriters.add(usera);
+        extendedWriters.add(userb);
+
+        AuthenticationUtil.setAdminUserAsFullyAuthenticatedUser();
+
+        // Create a site
+        NodeRef documentLib = createSite(new HashSet<>(), new HashSet<>());
+
+        // Create records in the site document library
+        return createRecords(concurrentThreads, documentLib, owner);
+    }
+
+    private NodeRef createSite(Set<String> readers, Set<String> writers)
+    {
+        return retryingTransactionHelper.doInTransaction(new RetryingTransactionCallback<NodeRef>() {
+            @Override
+            public NodeRef execute() throws Throwable
+            {
+                final String siteShortName = GUID.generate();
+                siteService.createSite(null, siteShortName, "test", "test", SiteVisibility.PRIVATE);
+                readers.forEach(reader -> siteService.setMembership(siteShortName, reader, SiteModel.SITE_CONSUMER));
+                writers.forEach(writer -> siteService.setMembership(siteShortName, writer, SiteModel.SITE_COLLABORATOR));
+                return siteService.createContainer(siteShortName, SiteService.DOCUMENT_LIBRARY, null, null);
+            }
+        }, false, true);
+    }
+
+    private Set<NodeRef> createRecords(int numRecords, NodeRef parent, String owner)
+    {
+        return retryingTransactionHelper.doInTransaction(new RetryingTransactionCallback<Set<NodeRef>>() {
+            @Override
+            public Set<NodeRef> execute() throws Throwable
+            {
+                int createdRecords = 0;
+                Set<NodeRef> documents = new HashSet<>();
+                while (createdRecords < numRecords)
+                {
+                    final NodeRef doc = fileFolderService.create(parent, GUID.generate(), ContentModel.TYPE_CONTENT).getNodeRef();
+                    ownableService.setOwner(doc, owner);
+                    recordService.createRecord(filePlan, doc, rmFolder, true);
+                    recordService.file(doc);
+                    recordService.complete(doc);
+                    documents.add(doc);
+                    createdRecords++;
+                }
+                return documents;
+            }
+        }, false, true);
+    }
+
+    private void setExtendedSecurity(NodeRef doc, Set<String> readers, Set<String> writers, boolean useRetry)
+    {
+        if (!useRetry)
+        {
+            setExtendedSecurity(doc, readers, writers);
+            return;
+        }
+
+        retryingTransactionHelper.doInTransaction(new RetryingTransactionCallback<Void>() {
+            @Override
+            public Void execute() throws Throwable
+            {
+                setExtendedSecurity(doc, readers, writers);
+                return null;
+            }
+        }, false, true);
+    }
+
+    private void setExtendedSecurity(NodeRef doc, Set<String> readers, Set<String> writers)
+    {
+        AuthenticationUtil.setAdminUserAsFullyAuthenticatedUser();
+        extendedSecurityService.set(doc, readers, writers);
+    }
+
+    private void fireParallelExecutionOfSetExtendedSecurity(Set<NodeRef> documents, Set<String> extendedReaders, Set<String> extendedWriters, boolean useRetry)
+    {
+        CompletableFuture<?>[] futures = documents.stream()
+                .map(doc -> CompletableFuture.runAsync(() -> setExtendedSecurity(doc, extendedReaders, extendedWriters, useRetry)))
+                .toArray(CompletableFuture[]::new);
+
+        try
+        {
+            CompletableFuture.allOf(futures).join();
+        }
+        catch (Exception e)
+        {
+            Throwable cause = e.getCause();
+            if (cause instanceof ConcurrencyFailureException)
+            {
+                throw (ConcurrencyFailureException) cause;
+            }
+            throw new RuntimeException("Error during parallel execution", e);
+        }
+    }
+
+    private void verifyCreatedGroups(Set<NodeRef> documents, boolean onlyDuplicatesValidation)
+    {
+        retryingTransactionHelper.doInTransaction(new RetryingTransactionCallback<Void>() {
+            @Override
+            public Void execute() throws Throwable
+            {
+                Set<String> expectedAuthorities = null;
+                Set<Set<String>> errors = new HashSet<>();
+                for (NodeRef doc : documents)
+                {
+                    Set<AccessPermission> permissions = permissionService.getAllSetPermissions(doc);
+                    Set<String> authorities = getDocumentAuthorities(permissions);
+                    Set<String> authoritiesById = getAuthorityIds(authorities);
+
+                    verifyIPRGroups(authorities, onlyDuplicatesValidation);
+
+                    if (onlyDuplicatesValidation)
+                    {
+                        // Some documents may not have IPR groups created if there was a ConcurrencyFailureException
+                        continue;
+                    }
+
+                    // All documents should have the same exact set of groups assigned
+                    if (expectedAuthorities == null)
+                    {
+                        expectedAuthorities = authoritiesById;
+                    }
+
+                    if (!expectedAuthorities.equals(authoritiesById))
+                    {
+                        errors.add(authoritiesById);
+                    }
+                }
+
+                assertTrue("Unexpected authorities linked to document", errors.isEmpty());
+
+                return null;
+            }
+        }, false, true);
+    }
+
+    private Set<String> getDocumentAuthorities(Set<AccessPermission> permissions)
+    {
+        Set<String> authorities = new HashSet<>();
+
+        for (AccessPermission accessPermission : permissions)
+        {
+            String authority = accessPermission.getAuthority();
+            String authName = authorityService.getName(AuthorityType.GROUP, authority);
+            authorities.add(authName);
+
+        }
+        return authorities;
+    }
+
+    private Set<String> getAuthorityIds(Set<String> authorities)
+    {
+        Set<String> authorityIds = new HashSet<>();
+        for (String authority : authorities)
+        {
+            String authId = authorityService.getAuthorityNodeRef(authority) != null
+                    ? authorityService.getAuthorityNodeRef(authority).getId()
+                    : null;
+            authorityIds.add(authId);
+        }
+        return authorityIds;
+    }
+
+    private void verifyIPRGroups(Set<String> authorities, boolean onlyDuplicatesValidation)
+    {
+        boolean hasGroupIPR = false;
+
+        for (String authorityName : authorities)
+        {
+            String shortName = authorityService.getShortName(authorityName);
+
+            if (authorityName.startsWith("GROUP_IPR"))
+            {
+                hasGroupIPR = true;
+                PagingResults<String> results = authorityService.getAuthorities(AuthorityType.GROUP, null, shortName, false,
+                        false, new PagingRequest(0, 10));
+
+                assertEquals("No duplicated IPR group expected", 1, results.getPage().size());
+            }
+        }
+
+        if (!onlyDuplicatesValidation)
+        {
+            assertTrue("No IPR Groups created", hasGroupIPR);
+        }
+    }
 }

amps/ags/rm-community/rm-community-repo/test/resources/alfresco/version.properties

@@ -4,7 +4,7 @@
 
 # Version label
 version.major=23
-version.minor=5
+version.minor=6
 version.revision=0
 version.label=
 

amps/ags/rm-community/rm-community-repo/unit-test/java/org/alfresco/module/org_alfresco_module_rm/content/cleanser/ContentCleanserSevenPassUnitTest.java

@@ -0,0 +1,100 @@
+/*
+ * #%L
+ * Alfresco Records Management Module
+ * %%
+ * Copyright (C) 2005 - 2025 Alfresco Software Limited
+ * %%
+ * This file is part of the Alfresco software.
+ * -
+ * If the software was purchased under a paid Alfresco license, the terms of
+ * the paid license agreement will prevail.  Otherwise, the software is
+ * provided under the following open source license terms:
+ * -
+ * Alfresco is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ * -
+ * Alfresco is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Lesser General Public License for more details.
+ * -
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
+ * #L%
+ */
+package org.alfresco.module.org_alfresco_module_rm.content.cleanser;
+
+import static org.mockito.Mockito.times;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
+
+import java.io.File;
+
+import org.junit.Test;
+import org.mockito.InjectMocks;
+import org.mockito.Mock;
+import org.mockito.Spy;
+
+import org.alfresco.module.org_alfresco_module_rm.test.util.BaseUnitTest;
+import org.alfresco.service.cmr.repository.ContentIOException;
+
+/**
+ * Eager content store cleaner unit test.
+ *
+ */
+public class ContentCleanserSevenPassUnitTest extends BaseUnitTest
+{
+    @InjectMocks
+    @Spy
+    private ContentCleanserSevenPass contentCleanserSevenPass = new ContentCleanserSevenPass()
+    {
+        /** dummy implementations */
+        @Override
+        protected void overwrite(File file, OverwriteOperation overwriteOperation)
+        {
+            // Intentionally left empty
+        }
+    };
+
+    @Mock
+    private File mockedFile;
+
+    /**
+     * Given that a file exists When I cleanse it Then the content is overwritten
+     */
+    @Test
+    public void cleanseFile()
+    {
+        when(mockedFile.exists()).thenReturn(true);
+        when(mockedFile.canWrite()).thenReturn(true);
+        contentCleanserSevenPass.cleanse(mockedFile);
+        verify(contentCleanserSevenPass, times(2)).overwrite(mockedFile, contentCleanserSevenPass.overwriteOnes);
+        verify(contentCleanserSevenPass, times(3)).overwrite(mockedFile, contentCleanserSevenPass.overwriteZeros);
+        verify(contentCleanserSevenPass, times(2)).overwrite(mockedFile, contentCleanserSevenPass.overwriteRandom);
+
+    }
+
+    /**
+     * Given that the file does not exist When I cleanse it Then an exception is thrown
+     */
+    @Test(expected = ContentIOException.class)
+    public void fileDoesNotExist()
+    {
+        when(mockedFile.exists()).thenReturn(false);
+        when(mockedFile.canWrite()).thenReturn(true);
+        contentCleanserSevenPass.cleanse(mockedFile);
+    }
+
+    /**
+     * Given that I can not write to the file When I cleanse it Then an exception is thrown
+     */
+    @Test(expected = ContentIOException.class)
+    public void cantWriteToFile()
+    {
+        when(mockedFile.exists()).thenReturn(true);
+        when(mockedFile.canWrite()).thenReturn(false);
+        contentCleanserSevenPass.cleanse(mockedFile);
+    }
+}

amps/ags/rm-community/rm-community-repo/unit-test/java/org/alfresco/module/org_alfresco_module_rm/patch/v33/RMv33HoldAuditEntryValuesPatchUnitTest.java

@@ -33,14 +33,15 @@ import static org.mockito.Mockito.times;
 import static org.mockito.Mockito.verify;
 import static org.mockito.Mockito.when;
 
-import org.alfresco.module.org_alfresco_module_rm.query.RecordsManagementQueryDAO;
-import org.alfresco.repo.domain.propval.PropertyStringValueEntity;
 import org.junit.Before;
 import org.junit.Test;
 import org.mockito.InjectMocks;
 import org.mockito.Mock;
 import org.mockito.MockitoAnnotations;
 
+import org.alfresco.module.org_alfresco_module_rm.query.RecordsManagementQueryDAO;
+import org.alfresco.repo.domain.propval.PropertyStringValueEntity;
+
 /**
  * RM V3.3 Hold audit entries values patch unit test
  *
@@ -55,7 +56,6 @@ public class RMv33HoldAuditEntryValuesPatchUnitTest
     @InjectMocks
     private RMv33HoldAuditEntryValuesPatch patch;
 
-
     @Before
     public void setUp()
     {
@@ -93,15 +93,15 @@ public class RMv33HoldAuditEntryValuesPatchUnitTest
         verify(mockedRecordsManagementQueryDAO, times(1)).updatePropertyStringValueEntity(deleteHoldPropertyStringValueEntity);
 
         assertEquals("Add To Hold", addToHoldPropertyStringValueEntity.getStringValue());
-        assertEquals("add to hold", addToHoldPropertyStringValueEntity.getStringLower());
+        assertEquals("add to hold", addToHoldPropertyStringValueEntity.getStringEndLower());
         assertEquals(Long.valueOf(770_786_109L), addToHoldPropertyStringValueEntity.getStringCrc());
 
         assertEquals("Remove From Hold", removeFromHoldPropertyStringValueEntity.getStringValue());
-        assertEquals("remove from hold", removeFromHoldPropertyStringValueEntity.getStringLower());
+        assertEquals("remove from hold", removeFromHoldPropertyStringValueEntity.getStringEndLower());
         assertEquals(Long.valueOf(2_967_613_012L), removeFromHoldPropertyStringValueEntity.getStringCrc());
 
         assertEquals("Delete Hold", deleteHoldPropertyStringValueEntity.getStringValue());
-        assertEquals("delete hold", deleteHoldPropertyStringValueEntity.getStringLower());
+        assertEquals("delete hold", deleteHoldPropertyStringValueEntity.getStringEndLower());
         assertEquals(Long.valueOf(132_640_810L), deleteHoldPropertyStringValueEntity.getStringCrc());
     }
 
@@ -123,5 +123,3 @@ public class RMv33HoldAuditEntryValuesPatchUnitTest
         verify(mockedRecordsManagementQueryDAO, times(0)).updatePropertyStringValueEntity(any());
     }
 }
-
-

amps/ags/rm-community/rm-community-repo/unit-test/java/org/alfresco/module/org_alfresco_module_rm/security/ExtendedSecurityServiceImplUnitTest.java

@@ -52,6 +52,7 @@ import java.util.Set;
 import java.util.stream.Collectors;
 import java.util.stream.Stream;
 
+import org.alfresco.model.ContentModel;
 import org.alfresco.model.RenditionModel;
 import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel;
 import org.alfresco.module.org_alfresco_module_rm.fileplan.FilePlanService;
@@ -67,6 +68,7 @@ import org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransacti
 import org.alfresco.service.cmr.repository.ChildAssociationRef;
 import org.alfresco.service.cmr.repository.NodeRef;
 import org.alfresco.service.cmr.repository.NodeService;
+import org.alfresco.service.cmr.repository.StoreRef;
 import org.alfresco.service.cmr.security.AccessPermission;
 import org.alfresco.service.cmr.security.AccessStatus;
 import org.alfresco.service.cmr.security.AuthorityService;
@@ -522,6 +524,104 @@ public class ExtendedSecurityServiceImplUnitTest
         verify(mockedPermissionService).setPermission(nodeRef, writeGroup, RMPermissionModel.FILING, true);
         
     }
+
+    /**
+     * Given a node with no previous IPR groups assigned
+     * And having pre-existing IPR groups matching the ones we need
+     * When I add some read and write authorities but with a different casing
+     * Then the existing IPR groups are used
+     */
+    @SuppressWarnings("unchecked")
+    @Test public void addExtendedSecurityWithMixedCasingUsernames()
+    {
+        // Have the usernames in the node as the correct usernames but with incorrect casing
+        String user1 = "UseR";
+        String user2 = "UseR_w";
+
+        // Incorrect IPR Group names
+        Set<String> diffCasingReaders = Stream.of(user1, GROUP).collect(Collectors.toSet());
+        Set<String> diffCasingWriters = Stream.of(user2, GROUP_W).collect(Collectors.toSet());
+        String wrongReadGroupPrefix = extendedSecurityService.getIPRGroupPrefixShortName(READER_GROUP_PREFIX, diffCasingReaders);
+        String wrongWriteGroupPrefix = extendedSecurityService.getIPRGroupPrefixShortName(WRITER_GROUP_PREFIX, diffCasingWriters);
+        String wrongReadGroup = wrongReadGroupPrefix + "0";
+        String wrongWriteGroup = wrongWriteGroupPrefix + "0";
+
+        // Correct Group names
+        String correctReadGroup = readGroupPrefix + "0";
+        String correctWriteGroup = writeGroupPrefix + "0";
+
+        // If queried for the correct groups, return the results
+        PagingResults<String> mockedCorrectReadPResults = mock(PagingResults.class);
+        PagingResults<String> mockedCorrectWritePResults = mock(PagingResults.class);
+        when(mockedCorrectReadPResults.getPage())
+            .thenReturn(Stream.of(GROUP_PREFIX + correctReadGroup).collect(Collectors.toList()));
+        when(mockedAuthorityService.getAuthorities(
+                eq(AuthorityType.GROUP), 
+                eq(RMAuthority.ZONE_APP_RM), 
+                eq(readGroupPrefix),
+                eq(false), 
+                eq(false), 
+                any(PagingRequest.class)))
+            .thenReturn(mockedCorrectReadPResults);
+        
+        when(mockedCorrectWritePResults.getPage())
+            .thenReturn(Stream.of(GROUP_PREFIX + correctWriteGroup).collect(Collectors.toList()));
+        when(mockedAuthorityService.getAuthorities(
+                eq(AuthorityType.GROUP), 
+                eq(RMAuthority.ZONE_APP_RM), 
+                eq(writeGroupPrefix),
+                eq(false), 
+                eq(false), 
+                any(PagingRequest.class)))
+            .thenReturn(mockedCorrectWritePResults);
+
+        // Don't return results for the incorrect groups (lenient as these may not be called with normalization enabled)
+        PagingResults<String> mockedWrongReadPResults = mock(PagingResults.class);
+        PagingResults<String> mockedWrongWritePResults = mock(PagingResults.class);
+        lenient().when(mockedWrongReadPResults.getPage())
+            .thenReturn(Collections.emptyList());
+        lenient().when(mockedAuthorityService.getAuthorities(
+                eq(AuthorityType.GROUP), 
+                eq(RMAuthority.ZONE_APP_RM), 
+                eq(wrongReadGroupPrefix),
+                eq(false), 
+                eq(false), 
+                any(PagingRequest.class)))
+            .thenReturn(mockedWrongReadPResults);
+        
+        lenient().when(mockedWrongWritePResults.getPage())
+            .thenReturn(Collections.emptyList());
+        lenient().when(mockedAuthorityService.getAuthorities(
+                eq(AuthorityType.GROUP), 
+                eq(RMAuthority.ZONE_APP_RM), 
+                eq(wrongWriteGroupPrefix),
+                eq(false), 
+                eq(false), 
+                any(PagingRequest.class)))
+            .thenReturn(mockedWrongWritePResults);
+
+        // The users do exist, despite being in a different casing and are able to be retrieved
+        NodeRef noderefUser1 = new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, USER);
+        when(mockedAuthorityService.authorityExists(user1)).thenReturn(true);
+        when(mockedAuthorityService.getAuthorityNodeRef(user1)).thenReturn(noderefUser1);
+        when(mockedNodeService.getProperty(noderefUser1, ContentModel.PROP_USERNAME)).thenReturn(USER);
+
+        NodeRef noderefUser2 = new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, USER_W);
+        when(mockedAuthorityService.authorityExists(user2)).thenReturn(true);
+        when(mockedAuthorityService.getAuthorityNodeRef(user2)).thenReturn(noderefUser2);
+        when(mockedNodeService.getProperty(noderefUser2, ContentModel.PROP_USERNAME)).thenReturn(USER_W);
+
+        // Set the extended security service to normalize usernames
+        extendedSecurityService.setEnableUsernameNormalization(true);
+        extendedSecurityService.set(nodeRef, diffCasingReaders, diffCasingWriters);
+
+        // Verify that the incorrect read group is not created
+        verify(mockedAuthorityService, never()).createAuthority(AuthorityType.GROUP, wrongReadGroup, wrongReadGroup, Collections.singleton(RMAuthority.ZONE_APP_RM));
+
+        // Verify that the incorrect write group is not created
+        verify(mockedAuthorityService, never()).createAuthority(AuthorityType.GROUP, wrongWriteGroup, wrongWriteGroup, Collections.singleton(RMAuthority.ZONE_APP_RM));
+
+    }
     
     /**
      * Given a node with no previous IPR groups assigned
@@ -571,7 +671,7 @@ public class ExtendedSecurityServiceImplUnitTest
             .thenReturn(Stream
                 .of(USER_W, AlfMock.generateText())
                 .collect(Collectors.toSet()));
-        
+
         // add extended security
         extendedSecurityService.set(nodeRef, READERS, WRITERS);
         
@@ -895,7 +995,7 @@ public class ExtendedSecurityServiceImplUnitTest
         // group names
         String readGroup = extendedSecurityService.getIPRGroupShortName(READER_GROUP_FULL_PREFIX, READERS, 0);
         String writeGroup = extendedSecurityService.getIPRGroupShortName(WRITER_GROUP_FULL_PREFIX, WRITERS, 0);
-        
+
         // setup renditions
         NodeRef renditionNodeRef = AlfMock.generateNodeRef(mockedNodeService);
         when(mockedNodeService.hasAspect(nodeRef, RecordsManagementModel.ASPECT_RECORD))
@@ -904,7 +1004,7 @@ public class ExtendedSecurityServiceImplUnitTest
             .thenReturn(renditionNodeRef);
         when(mockedNodeService.getChildAssocs(nodeRef, RenditionModel.ASSOC_RENDITION, RegexQNamePattern.MATCH_ALL))
             .thenReturn(Collections.singletonList(mockedChildAssociationRef));        
-        
+
         // setup permissions
         Set<AccessPermission> permissions = Stream
             .of(new AccessPermissionImpl(AlfMock.generateText(), AccessStatus.ALLOWED, readGroup, 0),
@@ -913,17 +1013,17 @@ public class ExtendedSecurityServiceImplUnitTest
             .collect(Collectors.toSet());        
         when(mockedPermissionService.getAllSetPermissions(nodeRef))
             .thenReturn(permissions);      
-        
+
         // remove extended security
         extendedSecurityService.remove(nodeRef);
-        
+
         // verify that the groups permissions have been removed
         verify(mockedPermissionService).clearPermission(nodeRef, readGroup);
         verify(mockedPermissionService).clearPermission(nodeRef, writeGroup);
-        
+
         // verify that the groups permissions have been removed from the rendition
         verify(mockedPermissionService).clearPermission(renditionNodeRef, readGroup);
         verify(mockedPermissionService).clearPermission(renditionNodeRef, writeGroup);
-        
+
     }
-}
+}

amps/ags/rm-community/rm-community-rest-api-explorer/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-governance-services-community-repo-parent</artifactId>
-        <version>23.5.0.1</version>
+        <version>23.6.0.18</version>
     </parent>
 
     <build>

amps/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo</artifactId>
-        <version>23.5.0.1</version>
+        <version>23.6.0.18</version>
     </parent>
 
     <modules>

amps/share-services/pom.xml

@@ -8,7 +8,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo-amps</artifactId>
-        <version>23.5.0.1</version>
+        <version>23.6.0.18</version>
     </parent>
 
     <properties>
@@ -51,8 +51,8 @@
             </exclusions>
         </dependency>
         <dependency>
-            <groupId>commons-lang</groupId>
-            <artifactId>commons-lang</artifactId>
+            <groupId>org.apache.commons</groupId>
+            <artifactId>commons-lang3</artifactId>
             <scope>provided</scope>
         </dependency>
 

amps/share-services/src/main/java/org/alfresco/repo/web/scripts/wiki/WikiPageGet.java

@@ -30,7 +30,7 @@ import java.util.regex.Pattern;
 
 import org.alfresco.service.cmr.site.SiteInfo;
 import org.alfresco.service.cmr.wiki.WikiPageInfo;
-import org.apache.commons.lang.StringEscapeUtils;
+import org.apache.commons.lang3.StringEscapeUtils;
 import org.json.simple.JSONObject;
 import org.springframework.extensions.webscripts.Cache;
 import org.springframework.extensions.webscripts.Status;
@@ -92,7 +92,7 @@ public class WikiPageGet extends AbstractWikiWebScript
             {
                links.add(link);
                // build the list of available pages
-               WikiPageInfo wikiPage = wikiService.getWikiPage(site.getShortName(), StringEscapeUtils.unescapeHtml(link));
+               WikiPageInfo wikiPage = wikiService.getWikiPage(site.getShortName(), StringEscapeUtils.unescapeHtml4(link));
                if (wikiPage != null)
                {
                    pageTitles.add(wikiPage.getTitle());

amps/share-services/src/main/resources/alfresco/templates/webscripts/org/alfresco/slingshot/documentlibrary-v2/doclist.lib.js

@@ -91,6 +91,15 @@ function doclist_getAllNodes(parsedArgs, filterParams, query, totalItemCount)
    };
 }
 
+function sanitizeJunkFavouriteKeys(favourites){
+   for (var key in favourites) {
+      if (!key || key.trim() === "") {
+         delete favourites[key];
+      }
+   }
+   return favourites;
+}
+
 /**
  * Main entry point: Create collection of documents and folders in the given space
  *
@@ -123,6 +132,28 @@ function doclist_main()
    
    if (logger.isLoggingEnabled())
       logger.log("doclist.lib.js - NodeRef: " + parsedArgs.nodeRef + " Query: " + query);
+
+   favourites = sanitizeJunkFavouriteKeys(favourites);
+
+   if(Object.keys(favourites).length === 0 && query === null)
+   {
+      return {
+         luceneQuery: "",
+         paging: {
+            totalRecords: 0,
+            startIndex: 0
+         },
+         container: parsedArgs.rootNode,
+         parent: null,
+         onlineEditing: utils.moduleInstalled("org.alfresco.module.vti"),
+         itemCount: {
+            folders: 0,
+            documents: 0
+         },
+         items: [],
+         customJSON: slingshotDocLib.getJSON()
+      };
+   }
    
    var totalItemCount = filterParams.limitResults ? parseInt(filterParams.limitResults, 10) : -1;
    // For all sites documentLibrary query we pull in all available results and post filter

amps/share-services/src/main/resources/alfresco/templates/webscripts/org/alfresco/slingshot/documentlibrary-v2/filters.lib.js

@@ -182,11 +182,14 @@ var Filters =
          case "favourites":
             for (var favourite in favourites)
             {
-               if (filterQuery)
+               if (favourite && favourite.trim() !== "")
                {
-                  filterQuery += " OR ";
+                  if (filterQuery)
+                  {
+                     filterQuery += " OR ";
+                  }
+                  filterQuery += "ID:\"" + favourite + "\"";
                }
-               filterQuery += "ID:\"" + favourite + "\"";
             }
             
             if (filterQuery.length !== 0)
@@ -201,7 +204,13 @@ var Filters =
             else
             {
                // empty favourites query
-               filterQuery = "+ID:\"\"";
+               logger.warn("No favourites found for user: " + person.properties.userName);
+               return {
+                  query: null,
+                  limitResults: 0,
+                  sort: [],
+                  language: "lucene"
+               };
             }
             
             filterParams.query = filterQuery;

amps/share-services/src/main/resources/alfresco/templates/webscripts/org/alfresco/slingshot/documentlibrary/action/unzip-to.post.json.js

@@ -80,6 +80,11 @@ function runAction(p_params)
          {
             result.fileExist = true;
          }
+         if (error.indexOf("FolderExistsException") != -1)
+         {
+            result.fileExist = true;
+            result.type = "folder";
+         }
       }
       
       results.push(result);

amps/share-services/src/test/java/org/alfresco/repo/web/scripts/wiki/WikiRestApiTest.java

@@ -45,7 +45,7 @@ import org.alfresco.service.cmr.wiki.WikiPageInfo;
 import org.alfresco.service.cmr.wiki.WikiService;
 import org.alfresco.service.transaction.TransactionService;
 import org.alfresco.util.PropertyMap;
-import org.apache.commons.lang.StringEscapeUtils;
+import org.apache.commons.lang3.StringEscapeUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.json.JSONArray;
@@ -996,7 +996,7 @@ public class WikiRestApiTest extends BaseWebScriptTest
     			String link = m.group(1); 
     			link += "?title=<script>alert('xss');</script>";
     			WikiPageInfo wikiPage2 = this.wikiService.getWikiPage(SITE_SHORT_NAME_WIKI, link);
-    			WikiPageInfo wikiPage1 = this.wikiService.getWikiPage(SITE_SHORT_NAME_WIKI, StringEscapeUtils.unescapeHtml(link));
+    			WikiPageInfo wikiPage1 = this.wikiService.getWikiPage(SITE_SHORT_NAME_WIKI, StringEscapeUtils.unescapeHtml4(link));
     			assertEquals(wikiPage2, wikiPage1);
     		}
       
@@ -1006,4 +1006,4 @@ public class WikiRestApiTest extends BaseWebScriptTest
     		 this.wikiService.deleteWikiPage(wikiPageNew); 
     	}
     }
-}
+}

core/pom.xml

@@ -7,7 +7,7 @@
    <parent>
       <groupId>org.alfresco</groupId>
       <artifactId>alfresco-community-repo</artifactId>
-      <version>23.5.0.1</version>
+      <version>23.6.0.18</version>
    </parent>
 
    <dependencies>

data-model/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo</artifactId>
-        <version>23.5.0.1</version>
+        <version>23.6.0.18</version>
     </parent>
 
     <properties>

mmt/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo</artifactId>
-        <version>23.5.0.1</version>
+        <version>23.6.0.18</version>
     </parent>
 
     <dependencies>

packaging/distribution/pom.xml

@@ -9,6 +9,6 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo-packaging</artifactId>
-        <version>23.5.0.1</version>
+        <version>23.6.0.18</version>
     </parent>
 </project>

packaging/distribution/src/main/resources/licenses/notice.txt

@@ -36,8 +36,7 @@ commons-email   http://jakarta.apache.org/commons/
 commons-fileupload  http://jakarta.apache.org/commons/ 
 commons-httpclient  http://jakarta.apache.org/commons/ 
 commons-io  http://jakarta.apache.org/commons/ 
-commons-jxpath  http://jakarta.apache.org/commons/ 
-commons-lang    http://jakarta.apache.org/commons/ 
+commons-jxpath  http://jakarta.apache.org/commons/
 commons-lang3   http://jakarta.apache.org/commons/ 
 commons-logging http://jakarta.apache.org/commons/ 
 commons-net http://jakarta.apache.org/commons/

packaging/docker-alfresco/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo-packaging</artifactId>
-        <version>23.5.0.1</version>
+        <version>23.6.0.18</version>
     </parent>
 
     <properties>

packaging/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo</artifactId>
-        <version>23.5.0.1</version>
+        <version>23.6.0.18</version>
     </parent>
 
     <modules>

packaging/tests/pom.xml

@@ -6,7 +6,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo-packaging</artifactId>
-        <version>23.5.0.1</version>
+        <version>23.6.0.18</version>
     </parent>
 
     <modules>

packaging/tests/tas-cmis/README.md

@@ -27,7 +27,7 @@
 
 ## Synopsis
 
-**TAS**( **T**est **A**utomation **S**ystem)- **CMIS** is the project that handles the automated tests related only to CMIS API integrated with Alfresco One [Alfresco CMIS API](http://docs.alfresco.com/5.1/pra/1/topics/cmis-welcome.html). 
+**TAS**( **T**est **A**utomation **S**ystem)- **CMIS** is the project that handles the automated tests related only to CMIS API integrated with Alfresco One [Alfresco CMIS API](https://support.hyland.com/r/Alfresco/Alfresco-Content-Services/23.4/Alfresco-Content-Services/Develop/Reference/CMIS-API). 
 
 It is based on Apache Maven, compatible with major IDEs and is using also Spring capabilities for dependency injection.
 

packaging/tests/tas-cmis/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo-tests</artifactId>
-        <version>23.5.0.1</version>
+        <version>23.6.0.18</version>
     </parent>
 
     <organization>

packaging/tests/tas-cmis/src/test/java/org/alfresco/cmis/SecondaryTypesTests.java

@@ -16,7 +16,7 @@ import org.alfresco.utility.testrail.annotation.TestRail;
 import org.apache.chemistry.opencmis.commons.exceptions.CmisObjectNotFoundException;
 import org.apache.chemistry.opencmis.commons.exceptions.CmisPermissionDeniedException;
 import org.apache.chemistry.opencmis.commons.exceptions.CmisUnauthorizedException;
-import org.apache.commons.lang.time.DateUtils;
+import org.apache.commons.lang3.time.DateUtils;
 import org.testng.annotations.BeforeClass;
 import org.testng.annotations.Test;
 

packaging/tests/tas-email/pom.xml

@@ -9,7 +9,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo-tests</artifactId>
-        <version>23.5.0.1</version>
+        <version>23.6.0.18</version>
     </parent>
 
     <developers>

packaging/tests/tas-integration/pom.xml

@@ -9,7 +9,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo-tests</artifactId>
-        <version>23.5.0.1</version>
+        <version>23.6.0.18</version>
     </parent>
 
     <developers>

packaging/tests/tas-restapi/README.md

@@ -27,7 +27,7 @@ Back to [TAS Master Documentation](https://git.alfresco.com/tas/alfresco-tas-uti
 
 ## Synopsis
 
-**TAS**( **T**est **A**utomation **S**ystem)- **RESTAPI** is the project that handles the automated tests related only to [Alfresco REST API](http://docs.alfresco.com/5.1/pra/1/topics/pra-welcome.html).
+**TAS**( **T**est **A**utomation **S**ystem)- **RESTAPI** is the project that handles the automated tests related only to [Alfresco REST API](https://support.hyland.com/r/Alfresco/Alfresco-Content-Services/23.4/Alfresco-Content-Services/Develop/REST-API-Guide).
 
 It is based on Apache Maven, compatible with major IDEs and is using also Spring capabilities for dependency injection.
 
@@ -271,7 +271,7 @@ restClient.onResponse().assertThat().body("entry.modifiedBy.firstName", org.hamc
 
 ### How to generate models or check coverage
 
-There are some simple generators that could parse [Swagger YAML](http://docs.alfresco.com/community/concepts/alfresco-sdk-tutorials-using-rest-api-explorer.html) files and provide some usefull information to you like:
+There are some simple generators that could parse [Swagger YAML](https://support.hyland.com/r/Alfresco/Alfresco-Content-Services/23.4/Alfresco-Content-Services/Develop/REST-API-Guide/Things-to-Know-Before-You-Start/The-API-Explorer-is-Your-Source-of-Truth) files and provide some usefull information to you like:
  
 a) Show on screen the actual coverage of TAS vs requests that exists in each YAML file - defined in pom.xml) 
 

packaging/tests/tas-restapi/pom.xml

@@ -8,7 +8,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo-tests</artifactId>
-        <version>23.5.0.1</version>
+        <version>23.6.0.18</version>
     </parent>
 
     <properties>
@@ -17,7 +17,7 @@
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <rest.api.explorer.branch>master</rest.api.explorer.branch>
         <httpclient-osgi-version>4.5.6</httpclient-osgi-version>
-        <commons-lang3.version>3.17.0</commons-lang3.version>
+        <commons-lang3.version>3.18.0</commons-lang3.version>
         <scribejava-apis.version>8.3.3</scribejava-apis.version>
         <java.version>17</java.version>
     </properties>

packaging/tests/tas-restapi/src/test/java/org/alfresco/rest/rules/CreateRulesTests.java

@@ -2,7 +2,7 @@
  * #%L
  * Alfresco Repository
  * %%
- * Copyright (C) 2005 - 2022 Alfresco Software Limited
+ * Copyright (C) 2005 - 2025 Alfresco Software Limited
  * %%
  * This file is part of the Alfresco software.
  * If the software was purchased under a paid Alfresco license, the terms of
@@ -26,6 +26,13 @@
 package org.alfresco.rest.rules;
 
 import static java.util.stream.Collectors.toList;
+
+import static org.junit.Assert.assertEquals;
+import static org.springframework.http.HttpStatus.BAD_REQUEST;
+import static org.springframework.http.HttpStatus.CREATED;
+import static org.springframework.http.HttpStatus.FORBIDDEN;
+import static org.springframework.http.HttpStatus.NOT_FOUND;
+
 import static org.alfresco.rest.actions.access.AccessRestrictionUtil.ERROR_MESSAGE_ACCESS_RESTRICTED;
 import static org.alfresco.rest.actions.access.AccessRestrictionUtil.MAIL_ACTION;
 import static org.alfresco.rest.rules.RulesTestsUtils.CHECKIN_ACTION;
@@ -45,11 +52,6 @@ import static org.alfresco.utility.model.FileModel.getRandomFileModel;
 import static org.alfresco.utility.model.FileType.TEXT_PLAIN;
 import static org.alfresco.utility.model.UserModel.getRandomUserModel;
 import static org.alfresco.utility.report.log.Step.STEP;
-import static org.junit.Assert.assertEquals;
-import static org.springframework.http.HttpStatus.BAD_REQUEST;
-import static org.springframework.http.HttpStatus.CREATED;
-import static org.springframework.http.HttpStatus.FORBIDDEN;
-import static org.springframework.http.HttpStatus.NOT_FOUND;
 
 import java.io.Serializable;
 import java.util.Collections;
@@ -61,10 +63,13 @@ import java.util.stream.IntStream;
 import jakarta.json.Json;
 import jakarta.json.JsonObject;
 
+import org.apache.chemistry.opencmis.client.api.CmisObject;
+import org.testng.annotations.BeforeClass;
+import org.testng.annotations.Test;
+
 import org.alfresco.rest.model.RestActionBodyExecTemplateModel;
 import org.alfresco.rest.model.RestActionConstraintModel;
 import org.alfresco.rest.model.RestCompositeConditionDefinitionModel;
-import org.alfresco.rest.model.RestPaginationModel;
 import org.alfresco.rest.model.RestRuleModel;
 import org.alfresco.rest.model.RestRuleModelsCollection;
 import org.alfresco.utility.constants.UserRole;
@@ -74,9 +79,6 @@ import org.alfresco.utility.model.FolderModel;
 import org.alfresco.utility.model.SiteModel;
 import org.alfresco.utility.model.TestGroup;
 import org.alfresco.utility.model.UserModel;
-import org.apache.chemistry.opencmis.client.api.CmisObject;
-import org.testng.annotations.BeforeClass;
-import org.testng.annotations.Test;
 
 /**
  * Tests for POST /nodes/{nodeId}/rule-sets/{ruleSetId}/rules.
@@ -101,13 +103,13 @@ public class CreateRulesTests extends RulesRestTest
      * <p>
      * Also check that the isShared field is not returned when not requested.
      */
-    @Test (groups = { TestGroup.REST_API, TestGroup.RULES, TestGroup.SANITY })
+    @Test(groups = {TestGroup.REST_API, TestGroup.RULES, TestGroup.SANITY})
     public void createRule()
     {
         RestRuleModel ruleModel = rulesUtils.createRuleModelWithModifiedValues();
 
         RestRuleModel rule = restClient.authenticateUser(user).withPrivateAPI().usingNode(ruleFolder).usingDefaultRuleSet()
-                                       .createSingleRule(ruleModel);
+                .createSingleRule(ruleModel);
 
         RestRuleModel expectedRuleModel = rulesUtils.createRuleModelWithModifiedValues();
         restClient.assertStatusCodeIs(CREATED);
@@ -117,7 +119,7 @@ public class CreateRulesTests extends RulesRestTest
     }
 
     /** Check creating a rule in a non-existent folder returns an error. */
-    @Test (groups = { TestGroup.REST_API, TestGroup.RULES })
+    @Test(groups = {TestGroup.REST_API, TestGroup.RULES})
     public void createRuleInNonExistentFolder()
     {
         STEP("Try to create a rule in non-existent folder.");
@@ -134,7 +136,7 @@ public class CreateRulesTests extends RulesRestTest
     }
 
     /** Check creating a rule in a non-existent rule set returns an error. */
-    @Test (groups = { TestGroup.REST_API, TestGroup.RULES })
+    @Test(groups = {TestGroup.REST_API, TestGroup.RULES})
     public void createRuleInNonExistentRuleSet()
     {
         STEP("Try to create a rule in non-existent rule set.");
@@ -148,7 +150,7 @@ public class CreateRulesTests extends RulesRestTest
     }
 
     /** Try to create a rule without a name and check the error. */
-    @Test (groups = { TestGroup.REST_API, TestGroup.RULES })
+    @Test(groups = {TestGroup.REST_API, TestGroup.RULES})
     public void createRuleWithEmptyName()
     {
         RestRuleModel ruleModel = rulesUtils.createRuleModel("");
@@ -160,7 +162,7 @@ public class CreateRulesTests extends RulesRestTest
     }
 
     /** Check we can create two rules with the same name. */
-    @Test (groups = { TestGroup.REST_API, TestGroup.RULES })
+    @Test(groups = {TestGroup.REST_API, TestGroup.RULES})
     public void duplicateRuleNameIsAcceptable()
     {
         RestRuleModel ruleModel = rulesUtils.createRuleModel("duplicateRuleName");
@@ -175,7 +177,7 @@ public class CreateRulesTests extends RulesRestTest
     }
 
     /** Check that a user without permission to view the folder cannot create a rule in it. */
-    @Test (groups = { TestGroup.REST_API, TestGroup.RULES })
+    @Test(groups = {TestGroup.REST_API, TestGroup.RULES})
     public void requireReadPermissionToCreateRule()
     {
         STEP("Create a user and use them to create a private site containing a folder");
@@ -194,7 +196,7 @@ public class CreateRulesTests extends RulesRestTest
     }
 
     /** Check that a Collaborator cannot create a rule in a folder in a private site. */
-    @Test (groups = { TestGroup.REST_API, TestGroup.RULES })
+    @Test(groups = {TestGroup.REST_API, TestGroup.RULES})
     public void siteCollaboratorCannotCreateRule()
     {
         testRolePermissionsWith(SiteCollaborator);
@@ -204,7 +206,7 @@ public class CreateRulesTests extends RulesRestTest
     }
 
     /** Check that a Contributor cannot create a rule in a private folder. */
-    @Test (groups = { TestGroup.REST_API, TestGroup.RULES })
+    @Test(groups = {TestGroup.REST_API, TestGroup.RULES})
     public void siteContributorCannotCreateRule()
     {
         testRolePermissionsWith(SiteContributor);
@@ -214,7 +216,7 @@ public class CreateRulesTests extends RulesRestTest
     }
 
     /** Check that a Consumer cannot create a rule in a folder in a private site. */
-    @Test (groups = { TestGroup.REST_API, TestGroup.RULES })
+    @Test(groups = {TestGroup.REST_API, TestGroup.RULES})
     public void siteConsumerCannotCreateRule()
     {
         testRolePermissionsWith(SiteConsumer);
@@ -224,7 +226,7 @@ public class CreateRulesTests extends RulesRestTest
     }
 
     /** Check that a siteManager can create a rule in a folder in a private site. */
-    @Test (groups = { TestGroup.REST_API, TestGroup.RULES })
+    @Test(groups = {TestGroup.REST_API, TestGroup.RULES})
     public void siteManagerCanCreateRule()
     {
         testRolePermissionsWith(SiteManager)
@@ -234,7 +236,7 @@ public class CreateRulesTests extends RulesRestTest
     }
 
     /** Check we can't create a rule under a document node. */
-    @Test (groups = { TestGroup.REST_API, TestGroup.RULES })
+    @Test(groups = {TestGroup.REST_API, TestGroup.RULES})
     public void tryToCreateRuleUnderDocument()
     {
         STEP("Create a document.");
@@ -250,7 +252,7 @@ public class CreateRulesTests extends RulesRestTest
     }
 
     /** Check we can create several rules. */
-    @Test (groups = { TestGroup.REST_API, TestGroup.RULES })
+    @Test(groups = {TestGroup.REST_API, TestGroup.RULES})
     public void createRules()
     {
         STEP("Create a list of rules in one POST request");
@@ -258,19 +260,18 @@ public class CreateRulesTests extends RulesRestTest
         List<RestRuleModel> ruleModels = ruleNames.stream().map(rulesUtils::createRuleModel).collect(toList());
 
         RestRuleModelsCollection rules = restClient.authenticateUser(user).withPrivateAPI().usingNode(ruleFolder).usingDefaultRuleSet()
-                                                   .createListOfRules(ruleModels);
+                .createListOfRules(ruleModels);
 
         restClient.assertStatusCodeIs(CREATED);
 
         assertEquals("Unexpected number of rules received in response.", ruleNames.size(), rules.getEntries().size());
-        IntStream.range(0, ruleModels.size()).forEach(i ->
-                rules.getEntries().get(i).onModel()
-                    .assertThat().field("id").isNotNull()
-                    .assertThat().field("name").is(ruleNames.get(i)));
+        IntStream.range(0, ruleModels.size()).forEach(i -> rules.getEntries().get(i).onModel()
+                .assertThat().field("id").isNotNull()
+                .assertThat().field("name").is(ruleNames.get(i)));
     }
 
     /** Check we can create over 100 rules and get them all back in response. */
-    @Test (groups = { TestGroup.REST_API, TestGroup.RULES })
+    @Test(groups = {TestGroup.REST_API, TestGroup.RULES})
     public void createOver100Rules()
     {
         STEP("Create a list of 120 rules in one POST request");
@@ -287,10 +288,9 @@ public class CreateRulesTests extends RulesRestTest
         restClient.assertStatusCodeIs(CREATED);
 
         assertEquals("Unexpected number of rules received in response.", ruleCount, rules.getEntries().size());
-        IntStream.range(0, ruleModels.size()).forEach(i ->
-                rules.getEntries().get(i).onModel()
-                        .assertThat().field("id").isNotNull()
-                        .assertThat().field("name").is(ruleNamePrefix + (i + 1)));
+        IntStream.range(0, ruleModels.size()).forEach(i -> rules.getEntries().get(i).onModel()
+                .assertThat().field("id").isNotNull()
+                .assertThat().field("name").is(ruleNamePrefix + (i + 1)));
 
         rules.getPagination()
                 .assertThat().field("count").is(ruleCount)
@@ -302,7 +302,7 @@ public class CreateRulesTests extends RulesRestTest
     }
 
     /** Try to create several rules with an error in one of them. */
-    @Test (groups = { TestGroup.REST_API, TestGroup.RULES })
+    @Test(groups = {TestGroup.REST_API, TestGroup.RULES})
     public void createRulesWithOneError()
     {
         STEP("Try to create a three rules but the middle one has an error.");
@@ -319,55 +319,55 @@ public class CreateRulesTests extends RulesRestTest
     }
 
     /** Check we can create a rule without description. */
-    @Test (groups = { TestGroup.REST_API, TestGroup.RULES })
+    @Test(groups = {TestGroup.REST_API, TestGroup.RULES})
     public void createRuleWithoutDescription()
     {
         RestRuleModel ruleModel = rulesUtils.createRuleModelWithDefaultValues();
         UserModel admin = dataUser.getAdminUser();
 
         RestRuleModel rule = restClient.authenticateUser(admin).withPrivateAPI().usingNode(ruleFolder).usingDefaultRuleSet()
-            .createSingleRule(ruleModel);
+                .createSingleRule(ruleModel);
 
         restClient.assertStatusCodeIs(CREATED);
         rule.assertThat().field("id").isNotNull()
-            .assertThat().field("name").is(RULE_NAME_DEFAULT)
-            .assertThat().field("description").isNull();
+                .assertThat().field("name").is(RULE_NAME_DEFAULT)
+                .assertThat().field("description").isNull();
     }
 
     /** Check we can create a rule without specifying triggers but with the default "inbound" value. */
-    @Test (groups = { TestGroup.REST_API, TestGroup.RULES })
+    @Test(groups = {TestGroup.REST_API, TestGroup.RULES})
     public void createRuleWithoutTriggers()
     {
         RestRuleModel ruleModel = rulesUtils.createRuleModelWithDefaultValues();
         UserModel admin = dataUser.getAdminUser();
 
         RestRuleModel rule = restClient.authenticateUser(admin).withPrivateAPI().usingNode(ruleFolder).usingDefaultRuleSet()
-            .createSingleRule(ruleModel);
+                .createSingleRule(ruleModel);
 
         restClient.assertStatusCodeIs(CREATED);
         rule.assertThat().field("id").isNotNull()
-            .assertThat().field("name").is(RULE_NAME_DEFAULT)
-            .assertThat().field("triggers").is(List.of("inbound"));
+                .assertThat().field("name").is(RULE_NAME_DEFAULT)
+                .assertThat().field("triggers").is(List.of("inbound"));
     }
 
     /** Check we can create a rule without error script. */
-    @Test (groups = { TestGroup.REST_API, TestGroup.RULES })
+    @Test(groups = {TestGroup.REST_API, TestGroup.RULES})
     public void createRuleWithoutErrorScript()
     {
         RestRuleModel ruleModel = rulesUtils.createRuleModelWithDefaultValues();
         UserModel admin = dataUser.getAdminUser();
 
         RestRuleModel rule = restClient.authenticateUser(admin).withPrivateAPI().usingNode(ruleFolder).usingDefaultRuleSet()
-            .createSingleRule(ruleModel);
+                .createSingleRule(ruleModel);
 
         restClient.assertStatusCodeIs(CREATED);
         rule.assertThat().field("id").isNotNull()
-            .assertThat().field("name").is(RULE_NAME_DEFAULT)
-            .assertThat().field("errorScript").isNull();
+                .assertThat().field("name").is(RULE_NAME_DEFAULT)
+                .assertThat().field("errorScript").isNull();
     }
 
     /** Check we can create a rule with irrelevant isShared flag, and it doesn't have impact to the process. */
-    @Test (groups = { TestGroup.REST_API, TestGroup.RULES })
+    @Test(groups = {TestGroup.REST_API, TestGroup.RULES})
     public void createRuleWithSharedFlag()
     {
         RestRuleModel ruleModel = rulesUtils.createRuleModelWithDefaultValues();
@@ -375,23 +375,23 @@ public class CreateRulesTests extends RulesRestTest
         UserModel admin = dataUser.getAdminUser();
 
         RestRuleModel rule = restClient.authenticateUser(admin).withPrivateAPI().usingNode(ruleFolder).usingDefaultRuleSet()
-            .createSingleRule(ruleModel);
+                .createSingleRule(ruleModel);
 
         restClient.assertStatusCodeIs(CREATED);
         rule.assertThat().field("id").isNotNull()
-            .assertThat().field("name").is(RULE_NAME_DEFAULT)
-            .assertThat().field("isShared").isNull();
+                .assertThat().field("name").is(RULE_NAME_DEFAULT)
+                .assertThat().field("isShared").isNull();
     }
 
     /** Check we can create a rule. */
-    @Test (groups = { TestGroup.REST_API, TestGroup.RULES, TestGroup.SANITY })
+    @Test(groups = {TestGroup.REST_API, TestGroup.RULES, TestGroup.SANITY})
     public void createRuleAndIncludeFieldsInResponse()
     {
         RestRuleModel ruleModel = rulesUtils.createRuleModel("ruleName");
 
         RestRuleModel rule = restClient.authenticateUser(user).withPrivateAPI().usingNode(ruleFolder).usingDefaultRuleSet()
-                                       .include("isShared")
-                                       .createSingleRule(ruleModel);
+                .include("isShared")
+                .createSingleRule(ruleModel);
 
         restClient.assertStatusCodeIs(CREATED);
         rule.assertThat().field("isShared").isNotNull();
@@ -412,7 +412,7 @@ public class CreateRulesTests extends RulesRestTest
     }
 
     /** Check that the folder's owner can create rules, even if it is in a private site they aren't a member of. */
-    @Test (groups = { TestGroup.REST_API, TestGroup.RULES })
+    @Test(groups = {TestGroup.REST_API, TestGroup.RULES})
     public void checkOwnerCanCreateRule()
     {
         STEP("Use admin to create a private site.");
@@ -431,7 +431,7 @@ public class CreateRulesTests extends RulesRestTest
     }
 
     /** Check that an administrator can create a rule in a private site even if they aren't a member. */
-    @Test (groups = { TestGroup.REST_API, TestGroup.RULES })
+    @Test(groups = {TestGroup.REST_API, TestGroup.RULES})
     public void checkAdminCanCreateRule()
     {
         STEP("Use a user to create a private site with a folder.");
@@ -446,7 +446,7 @@ public class CreateRulesTests extends RulesRestTest
     }
 
     /** Check that a coordinator can create rules in folders outside sites. */
-    @Test (groups = { TestGroup.REST_API, TestGroup.RULES })
+    @Test(groups = {TestGroup.REST_API, TestGroup.RULES})
     public void checkCoordinatorCanCreateRule()
     {
         STEP("Create a folder in the user's file space.");
@@ -454,11 +454,7 @@ public class CreateRulesTests extends RulesRestTest
 
         STEP("Create another user as a coordinator for this folder.");
         UserModel coordinator = dataUser.createRandomTestUser("Rules");
-        /*
-        Update folder node properties to add a coordinator
-        { "permissions": { "isInheritanceEnabled": true, "locallySet": { "authorityId": "coordinator.getUsername()",
-         "name": "Coordinator", "accessStatus":"ALLOWED" } } }
-        */
+        /* Update folder node properties to add a coordinator { "permissions": { "isInheritanceEnabled": true, "locallySet": { "authorityId": "coordinator.getUsername()", "name": "Coordinator", "accessStatus":"ALLOWED" } } } */
         String putBody = getAddPermissionsBody(coordinator.getUsername(), "Coordinator");
         restClient.authenticateUser(user).withCoreAPI().usingNode(folder).updateNode(putBody);
 
@@ -470,7 +466,7 @@ public class CreateRulesTests extends RulesRestTest
     }
 
     /** Check that an editor cannot create rules in folders outside sites. */
-    @Test (groups = { TestGroup.REST_API, TestGroup.RULES })
+    @Test(groups = {TestGroup.REST_API, TestGroup.RULES})
     public void checkEditorCannotCreateRule()
     {
         STEP("Create a folder in the user's file space.");
@@ -478,11 +474,7 @@ public class CreateRulesTests extends RulesRestTest
 
         STEP("Create another user as a editor for this folder.");
         UserModel editor = dataUser.createRandomTestUser();
-        /*
-        Update folder node properties to add an editor
-        { "permissions": { "isInheritanceEnabled": true, "locallySet": { "authorityId": "editor.getUsername()",
-         "name": "Coordinator", "accessStatus":"ALLOWED" } } }
-        */
+        /* Update folder node properties to add an editor { "permissions": { "isInheritanceEnabled": true, "locallySet": { "authorityId": "editor.getUsername()", "name": "Coordinator", "accessStatus":"ALLOWED" } } } */
         String putBody = getAddPermissionsBody(editor.getUsername(), "Editor");
         restClient.authenticateUser(user).withCoreAPI().usingNode(folder).updateNode(putBody);
 
@@ -494,7 +486,7 @@ public class CreateRulesTests extends RulesRestTest
     }
 
     /** Check that a collaborator cannot create rules in folders outside sites. */
-    @Test (groups = { TestGroup.REST_API, TestGroup.RULES })
+    @Test(groups = {TestGroup.REST_API, TestGroup.RULES})
     public void checkCollaboratorCannotCreateRule()
     {
         STEP("Create a folder in the user's file space.");
@@ -502,11 +494,7 @@ public class CreateRulesTests extends RulesRestTest
 
         STEP("Create another user as a collaborator for this folder.");
         UserModel collaborator = dataUser.createRandomTestUser();
-        /*
-        Update folder node properties to add a collaborator
-        { "permissions": { "isInheritanceEnabled": true, "locallySet": { "authorityId": "collaborator.getUsername()",
-         "name": "Coordinator", "accessStatus":"ALLOWED" } } }
-        */
+        /* Update folder node properties to add a collaborator { "permissions": { "isInheritanceEnabled": true, "locallySet": { "authorityId": "collaborator.getUsername()", "name": "Coordinator", "accessStatus":"ALLOWED" } } } */
         String putBody = getAddPermissionsBody(collaborator.getUsername(), "Collaborator");
         restClient.authenticateUser(user).withCoreAPI().usingNode(folder).updateNode(putBody);
 
@@ -572,10 +560,10 @@ public class CreateRulesTests extends RulesRestTest
     public void createRuleWithActions_userCannotUsePrivateAction()
     {
         restClient.authenticateUser(user).withPrivateAPI().usingNode(ruleFolder).usingDefaultRuleSet()
-                  .createSingleRule(rulesUtils.createRuleWithPrivateAction());
+                .createSingleRule(rulesUtils.createRuleWithPrivateAction());
 
         restClient.assertStatusCodeIs(FORBIDDEN)
-                  .assertLastError().containsSummary(ERROR_MESSAGE_ACCESS_RESTRICTED);
+                .assertLastError().containsSummary(ERROR_MESSAGE_ACCESS_RESTRICTED);
     }
 
     /** Check that an administrator can create rules that use private actions. */
@@ -583,7 +571,7 @@ public class CreateRulesTests extends RulesRestTest
     public void createRuleWithActions_adminCanUsePrivateAction()
     {
         restClient.authenticateUser(dataUser.getAdminUser()).withPrivateAPI().usingNode(ruleFolder).usingDefaultRuleSet()
-                  .createSingleRule(rulesUtils.createRuleWithPrivateAction());
+                .createSingleRule(rulesUtils.createRuleWithPrivateAction());
 
         restClient.assertStatusCodeIs(CREATED);
     }
@@ -656,8 +644,7 @@ public class CreateRulesTests extends RulesRestTest
     public void createRuleWithNotApplicableActionShouldFail()
     {
         final RestRuleModel ruleModel = rulesUtils.createRuleModelWithDefaultValues();
-        final RestActionBodyExecTemplateModel invalidAction =
-                rulesUtils.createCustomActionModel(RulesTestsUtils.DELETE_RENDITION_ACTION, Map.of("dummy-key", "dummy-value"));
+        final RestActionBodyExecTemplateModel invalidAction = rulesUtils.createCustomActionModel(RulesTestsUtils.DELETE_RENDITION_ACTION, Map.of("dummy-key", "dummy-value"));
         ruleModel.setActions(List.of(invalidAction));
 
         restClient.authenticateUser(user).withPrivateAPI().usingNode(ruleFolder).usingDefaultRuleSet().createSingleRule(ruleModel);
@@ -673,8 +660,7 @@ public class CreateRulesTests extends RulesRestTest
     public void createRuleWithMissingActionParametersShouldFail()
     {
         final RestRuleModel ruleModel = rulesUtils.createRuleModelWithDefaultValues();
-        final RestActionBodyExecTemplateModel invalidAction =
-                rulesUtils.createCustomActionModel(RulesTestsUtils.COPY_ACTION, Collections.emptyMap());
+        final RestActionBodyExecTemplateModel invalidAction = rulesUtils.createCustomActionModel(RulesTestsUtils.COPY_ACTION, Collections.emptyMap());
         ruleModel.setActions(List.of(invalidAction));
 
         restClient.authenticateUser(user).withPrivateAPI().usingNode(ruleFolder).usingDefaultRuleSet()
@@ -736,7 +722,7 @@ public class CreateRulesTests extends RulesRestTest
     public void createRuleWithoutMandatoryActionParametersShouldFail()
     {
         final RestRuleModel ruleModel = rulesUtils.createRuleModelWithDefaultValues();
-        final RestActionBodyExecTemplateModel invalidAction = rulesUtils.createCustomActionModel(COPY_ACTION, Map.of("deep-copy",false));
+        final RestActionBodyExecTemplateModel invalidAction = rulesUtils.createCustomActionModel(COPY_ACTION, Map.of("deep-copy", false));
         ruleModel.setActions(List.of(invalidAction));
 
         restClient.authenticateUser(user).withPrivateAPI().usingNode(ruleFolder).usingDefaultRuleSet()
@@ -749,7 +735,7 @@ public class CreateRulesTests extends RulesRestTest
     /**
      * Check we get error when attempting to create a rule that copies files to a non-existent folder.
      */
-    @Test (groups = { TestGroup.REST_API, TestGroup.RULES })
+    @Test(groups = {TestGroup.REST_API, TestGroup.RULES})
     public void createRuleThatUsesNonExistentNode()
     {
         RestRuleModel ruleModel = rulesUtils.createRuleModelWithDefaultValues();
@@ -758,16 +744,16 @@ public class CreateRulesTests extends RulesRestTest
         ruleModel.setActions(List.of(invalidAction));
 
         restClient.authenticateUser(user).withPrivateAPI().usingNode(ruleFolder).usingDefaultRuleSet()
-                  .createSingleRule(ruleModel);
+                .createSingleRule(ruleModel);
 
         restClient.assertStatusCodeIs(NOT_FOUND);
-        restClient.assertLastError().containsSummary("The entity with id: non-existent-node was not found");
+        restClient.assertLastError().containsSummary("Destination folder having Id: non-existent-node no longer exists. Please update your rule definition.");
     }
 
     /**
      * Check we get error when attempting to create a rule that references a folder that the user does not have read permission for.
      */
-    @Test (groups = { TestGroup.REST_API, TestGroup.RULES })
+    @Test(groups = {TestGroup.REST_API, TestGroup.RULES})
     public void createRuleThatUsesNodeWithoutReadPermission()
     {
         SiteModel privateSite = dataSite.usingAdmin().createPrivateRandomSite();
@@ -779,7 +765,7 @@ public class CreateRulesTests extends RulesRestTest
         ruleModel.setActions(List.of(invalidAction));
 
         restClient.authenticateUser(user).withPrivateAPI().usingNode(ruleFolder).usingDefaultRuleSet()
-                  .createSingleRule(ruleModel);
+                .createSingleRule(ruleModel);
 
         restClient.assertStatusCodeIs(NOT_FOUND);
         restClient.assertLastError().containsSummary("The entity with id: " + privateFolder.getNodeRef() + " was not found");
@@ -788,7 +774,7 @@ public class CreateRulesTests extends RulesRestTest
     /**
      * Check we get error when attempting to create a rule that copies files to a folder that a user only has read permission for.
      */
-    @Test (groups = { TestGroup.REST_API, TestGroup.RULES })
+    @Test(groups = {TestGroup.REST_API, TestGroup.RULES})
     public void createRuleThatWritesToNodeWithoutPermission()
     {
         SiteModel privateSite = dataSite.usingAdmin().createPrivateRandomSite();
@@ -802,7 +788,7 @@ public class CreateRulesTests extends RulesRestTest
         ruleModel.setActions(List.of(invalidAction));
 
         restClient.authenticateUser(user).withPrivateAPI().usingNode(ruleFolder).usingDefaultRuleSet()
-                  .createSingleRule(ruleModel);
+                .createSingleRule(ruleModel);
 
         restClient.assertStatusCodeIs(FORBIDDEN);
         restClient.assertLastError().containsSummary("No proper permissions for node: " + privateFolder.getNodeRef());
@@ -828,7 +814,6 @@ public class CreateRulesTests extends RulesRestTest
         restClient.assertLastError().containsSummary("Node is not a folder " + fileModel.getNodeRef());
     }
 
-
     /**
      * Check we get error when attempting to create a rule with mail action defined with non-existing mail template.
      */
@@ -850,7 +835,7 @@ public class CreateRulesTests extends RulesRestTest
         ruleModel.setActions(List.of(mailAction));
 
         restClient.authenticateUser(user).withPrivateAPI().usingNode(ruleFolder).usingDefaultRuleSet()
-                  .createSingleRule(ruleModel);
+                .createSingleRule(ruleModel);
 
         restClient.assertStatusCodeIs(BAD_REQUEST);
         restClient.assertLastError().containsSummary("Action parameter: template has invalid value (" + mailTemplate +
@@ -860,7 +845,7 @@ public class CreateRulesTests extends RulesRestTest
     /**
      * Check the user can create a rule with a script.
      */
-    @Test (groups = { TestGroup.REST_API, TestGroup.RULES })
+    @Test(groups = {TestGroup.REST_API, TestGroup.RULES})
     public void checkCanUseScriptInRule()
     {
         RestRuleModel ruleModel = rulesUtils.createRuleModelWithDefaultValues();
@@ -869,7 +854,7 @@ public class CreateRulesTests extends RulesRestTest
         ruleModel.setActions(List.of(scriptAction));
 
         restClient.authenticateUser(user).withPrivateAPI().usingNode(ruleFolder).usingDefaultRuleSet()
-                  .createSingleRule(ruleModel);
+                .createSingleRule(ruleModel);
 
         restClient.assertStatusCodeIs(CREATED);
     }
@@ -877,7 +862,7 @@ public class CreateRulesTests extends RulesRestTest
     /**
      * Check the script has to be stored in the scripts directory in the data dictionary.
      */
-    @Test (groups = { TestGroup.REST_API, TestGroup.RULES })
+    @Test(groups = {TestGroup.REST_API, TestGroup.RULES})
     public void checkCantUseNodeOutsideScriptsDirectory()
     {
         STEP("Copy script to location outside data dictionary.");
@@ -898,16 +883,16 @@ public class CreateRulesTests extends RulesRestTest
         ruleModel.setActions(List.of(scriptAction));
 
         restClient.authenticateUser(user).withPrivateAPI().usingNode(ruleFolder).usingDefaultRuleSet()
-                  .createSingleRule(ruleModel);
+                .createSingleRule(ruleModel);
 
         restClient.assertStatusCodeIs(BAD_REQUEST)
-                  .assertLastError().containsSummary("script-ref has invalid value");
+                .assertLastError().containsSummary("script-ref has invalid value");
     }
 
     /**
      * Check a real category needs to be supplied when linking to a category.
      */
-    @Test (groups = { TestGroup.REST_API, TestGroup.RULES })
+    @Test(groups = {TestGroup.REST_API, TestGroup.RULES})
     public void checkLinkToCategoryNeedsRealCategory()
     {
         STEP("Attempt to link to a category with a folder node, rather than a category node.");
@@ -918,7 +903,7 @@ public class CreateRulesTests extends RulesRestTest
         ruleModel.setActions(List.of(categoryAction));
 
         restClient.authenticateUser(user).withPrivateAPI().usingNode(ruleFolder).usingDefaultRuleSet()
-                  .createSingleRule(ruleModel);
+                .createSingleRule(ruleModel);
 
         restClient.assertStatusCodeIs(BAD_REQUEST);
     }
@@ -933,7 +918,7 @@ public class CreateRulesTests extends RulesRestTest
         ruleModel.setConditions(rulesUtils.createVariousConditions());
 
         RestRuleModel rule = restClient.authenticateUser(user).withPrivateAPI().usingNode(ruleFolder).usingDefaultRuleSet()
-            .createSingleRule(ruleModel);
+                .createSingleRule(ruleModel);
 
         RestRuleModel expectedRuleModel = rulesUtils.createRuleModelWithDefaultValues();
         expectedRuleModel.setConditions(rulesUtils.createVariousConditions());
@@ -952,7 +937,7 @@ public class CreateRulesTests extends RulesRestTest
         ruleModel.setConditions(rulesUtils.createCompositeCondition(null));
 
         RestRuleModel rule = restClient.authenticateUser(user).withPrivateAPI().usingNode(ruleFolder).usingDefaultRuleSet()
-            .createSingleRule(ruleModel);
+                .createSingleRule(ruleModel);
 
         RestRuleModel expectedRuleModel = rulesUtils.createRuleModelWithDefaultValues();
         expectedRuleModel.setTriggers(List.of("inbound"));
@@ -969,10 +954,8 @@ public class CreateRulesTests extends RulesRestTest
         STEP("Try to create a rule with non existing category in conditions.");
         String fakeCategoryId = "bdba5f9f-fake-id22-803b-349bcfd06fd1";
         RestCompositeConditionDefinitionModel conditions = rulesUtils.createCompositeCondition(List.of(
-            rulesUtils.createCompositeCondition(!INVERTED, List.of(
-                    rulesUtils.createSimpleCondition("category", "equals", fakeCategoryId)
-            ))
-        ));
+                rulesUtils.createCompositeCondition(!INVERTED, List.of(
+                        rulesUtils.createSimpleCondition("category", "equals", fakeCategoryId)))));
         RestRuleModel ruleModel = rulesUtils.createRuleModelWithDefaultValues();
         ruleModel.setConditions(conditions);
 
@@ -992,9 +975,7 @@ public class CreateRulesTests extends RulesRestTest
         final String comparator = "greaterthan";
         RestCompositeConditionDefinitionModel conditions = rulesUtils.createCompositeCondition(List.of(
                 rulesUtils.createCompositeCondition(!INVERTED, List.of(
-                        rulesUtils.createSimpleCondition("size", comparator, "500")
-                ))
-        ));
+                        rulesUtils.createSimpleCondition("size", comparator, "500")))));
         RestRuleModel ruleModel = rulesUtils.createRuleModelWithDefaultValues();
         ruleModel.setConditions(conditions);
 

packaging/tests/tas-webdav/pom.xml

@@ -9,7 +9,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo-tests</artifactId>
-        <version>23.5.0.1</version>
+        <version>23.6.0.18</version>
     </parent>
 
     <developers>

packaging/war/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo-packaging</artifactId>
-        <version>23.5.0.1</version>
+        <version>23.6.0.18</version>
     </parent>
 
     <properties>

packaging/war/src/main/webapp/META-INF/context.xml

@@ -4,7 +4,7 @@
   <!-- Resource defaultTransactionIsolation="-1" defaultAutoCommit="false" maxActive="100" initialSize="10" password="alfresco" username="alfresco" url="jdbc:mysql:///alfresco" driverClassName="org.gjt.mm.mysql.Driver" type="javax.sql.DataSource" auth="Container" name="jdbc/dataSource"/-->
   <Environment override="false" type="java.lang.Boolean" name="properties/startup.enable" description="A flag that globally enables or disables startup of the major Alfresco subsystems." value="true"/>
   <Environment override="false" type="java.lang.String" name="properties/dir.root" description="The filesystem directory below which content and index data is stored. Should be on a shared disk if this is a clustered installation."/>
-  <Environment override="false" type="java.lang.String" name="properties/hibernate.dialect" description="The fully qualified name of a org.hibernate.dialect.Dialect subclass that allows Hibernate to generate SQL optimized for a particular relational database. Choose from org.hibernate.dialect.DerbyDialect, org.hibernate.dialect.MySQLInnoDBDialect, org.alfresco.repo.domain.hibernate.dialect.AlfrescoOracle9Dialect, org.alfresco.repo.domain.hibernate.dialect.AlfrescoSybaseAnywhereDialect, org.alfresco.repo.domain.hibernate.dialect.AlfrescoSQLServerDialect, org.hibernate.dialect.PostgreSQLDialect"/>
+  <Environment override="false" type="java.lang.String" name="properties/hibernate.dialect" description="The fully qualified name of a org.hibernate.dialect.Dialect subclass that allows Hibernate to generate SQL optimized for a particular relational database. Choose from org.hibernate.dialect.DerbyDialect, org.hibernate.dialect.MySQLInnoDBDialect, org.alfresco.repo.domain.hibernate.dialect.AlfrescoOracle9Dialect, org.alfresco.repo.domain.hibernate.dialect.AlfrescoSybaseAnywhereDialect, org.alfresco.repo.domain.hibernate.dialect.SQLServerDialect, org.hibernate.dialect.PostgreSQLDialect"/>
   <Environment override="false" type="java.lang.String" name="properties/hibernate.query.substitutions" description="Mapping from tokens in Hibernate queries to SQL tokens. For PostgreSQL, set this to &quot;true TRUE, false FALSE&quot;."/>
   <Environment override="false" type="java.lang.Boolean" name="properties/hibernate.jdbc.use_get_generated_keys" description="Enable use of JDBC3 PreparedStatement.getGeneratedKeys() to retrieve natively generated keys after insert. Requires JDBC3+ driver. Set to false if your driver has problems with the Hibernate identifier generators. By default, tries to determine the driver capabilities using connection metadata."/>
   <Environment override="false" type="java.lang.String" name="properties/hibernate.default_schema" description="Qualify unqualified table names with the given schema/tablespace in generated SQL. It may be necessary to set this when the target database has more than one schema."/>

packaging/war/src/main/webapp/WEB-INF/web.xml

@@ -500,7 +500,7 @@
          org.hibernate.dialect.MySQLInnoDBDialect,
          org.alfresco.repo.domain.hibernate.dialect.AlfrescoOracle9Dialect,
          org.alfresco.repo.domain.hibernate.dialect.AlfrescoSybaseAnywhereDialect,
-         org.alfresco.repo.domain.hibernate.dialect.AlfrescoSQLServerDialect, org.hibernate.dialect.PostgreSQLDialect</description>
+         org.alfresco.repo.domain.hibernate.dialect.SQLServerDialect, org.hibernate.dialect.PostgreSQLDialect</description>
       <env-entry-name>properties/hibernate.dialect</env-entry-name>
       <env-entry-type>java.lang.String</env-entry-type>
       <env-entry-value/> <!-- Empty value included for JBoss compatibility -->

packaging/war/src/main/webapp/index.jsp

@@ -74,7 +74,7 @@ ModuleDetails shareServicesModule = moduleService.getModule("alfresco-share-serv
          <div class="index-list">
             <h4><%=descriptorService.getServerDescriptor().getEdition()%></h4>
             <p></p>
-            <p><a href="http://docs.alfresco.com/">Online Documentation</a></p>
+            <p><a href="https://support.hyland.com/p/alfresco">Online Documentation</a></p>
             <p></p>
              <%
                  if (shareServicesModule != null && ModuleInstallState.INSTALLED.equals(shareServicesModule.getInstallState()))

pom.xml

@@ -2,7 +2,7 @@
 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <modelVersion>4.0.0</modelVersion>
     <artifactId>alfresco-community-repo</artifactId>
-    <version>23.5.0.1</version>
+    <version>23.6.0.18</version>
     <packaging>pom</packaging>
     <name>Alfresco Community Repo Parent</name>
 
@@ -24,7 +24,7 @@
 
     <properties>
         <acs.version.major>23</acs.version.major>
-        <acs.version.minor>5</acs.version.minor>
+        <acs.version.minor>6</acs.version.minor>
         <acs.version.revision>0</acs.version.revision>
         <acs.version.label />
         <amp.min.version>${acs.version.major}.0.0</amp.min.version>
@@ -57,13 +57,13 @@
         <dependency.acs-event-model.version>0.0.33</dependency.acs-event-model.version>
 
         <dependency.aspectj.version>1.9.22.1</dependency.aspectj.version>
-        <dependency.spring.version>6.1.14</dependency.spring.version>
-        <dependency.spring-security.version>6.3.4</dependency.spring-security.version>
+        <dependency.spring.version>6.2.8</dependency.spring.version>
+        <dependency.spring-security.version>6.3.9</dependency.spring-security.version>
         <dependency.antlr.version>3.5.3</dependency.antlr.version>
         <dependency.jackson.version>2.17.2</dependency.jackson.version>
-        <dependency.cxf.version>4.0.5</dependency.cxf.version>
+        <dependency.cxf.version>4.1.2</dependency.cxf.version>
         <dependency.opencmis.version>1.0.0-jakarta-1</dependency.opencmis.version>
-        <dependency.webscripts.version>9.4</dependency.webscripts.version>
+        <dependency.webscripts.version>10.2</dependency.webscripts.version>
         <dependency.bouncycastle.version>1.78.1</dependency.bouncycastle.version>
         <dependency.mockito-core.version>5.14.1</dependency.mockito-core.version>
         <dependency.assertj.version>3.26.3</dependency.assertj.version>
@@ -83,10 +83,10 @@
         <dependency.groovy.version>3.0.22</dependency.groovy.version>
         <dependency.tika.version>2.9.2</dependency.tika.version>
         <dependency.truezip.version>7.7.10</dependency.truezip.version>
-        <dependency.poi.version>5.3.0</dependency.poi.version>
+        <dependency.poi.version>5.4.1</dependency.poi.version>
         <dependency.jboss.logging.version>3.5.0.Final</dependency.jboss.logging.version>
-        <dependency.camel.version>4.6.0</dependency.camel.version> <!-- when bumping this version, please keep track/sync with included netty.io dependencies -->
-        <dependency.netty.version>4.1.113.Final</dependency.netty.version> <!-- must be in sync with camels transitive dependencies, e.g.: netty-common -->
+        <dependency.camel.version>4.10.2</dependency.camel.version> <!-- when bumping this version, please keep track/sync with included netty.io dependencies -->
+        <dependency.netty.version>4.1.118.Final</dependency.netty.version> <!-- must be in sync with camels transitive dependencies, e.g.: netty-common -->
         <dependency.activemq.version>5.18.3</dependency.activemq.version>
         <dependency.apache-compress.version>1.27.1</dependency.apache-compress.version>
         <dependency.awaitility.version>4.2.2</dependency.awaitility.version>
@@ -111,9 +111,9 @@
         <dependency.jakarta-ee-json-api.version>2.1.3</dependency.jakarta-ee-json-api.version>
         <dependency.jakarta-ee-json-impl.version>1.1.7</dependency.jakarta-ee-json-impl.version>
         <dependency.jakarta-json-path.version>2.9.0</dependency.jakarta-json-path.version>
-        <dependency.json-smart.version>2.5.1</dependency.json-smart.version>
+        <dependency.json-smart.version>2.5.2</dependency.json-smart.version>
         <alfresco.googledrive.version>4.1.0</alfresco.googledrive.version>
-        <alfresco.aos-module.version>3.2.0</alfresco.aos-module.version>
+        <alfresco.aos-module.version>3.3.0</alfresco.aos-module.version>
         <alfresco.api-explorer.version>23.4.0</alfresco.api-explorer.version> <!-- Also in alfresco-enterprise-share -->
 
         <alfresco.maven-plugin.version>2.2.0</alfresco.maven-plugin.version>
@@ -154,7 +154,7 @@
         <connection>scm:git:https://github.com/Alfresco/alfresco-community-repo.git</connection>
         <developerConnection>scm:git:https://github.com/Alfresco/alfresco-community-repo.git</developerConnection>
         <url>https://github.com/Alfresco/alfresco-community-repo</url>
-        <tag>23.5.0.1</tag>
+        <tag>23.6.0.18</tag>
     </scm>
 
     <distributionManagement>
@@ -409,7 +409,7 @@
             <dependency>
                 <groupId>commons-beanutils</groupId>
                 <artifactId>commons-beanutils</artifactId>
-                <version>1.9.4</version>
+                <version>1.11.0</version>
             </dependency>
             <dependency>
                 <groupId>commons-codec</groupId>
@@ -417,9 +417,9 @@
                 <version>1.17.1</version>
             </dependency>
             <dependency>
-                <groupId>commons-lang</groupId>
-                <artifactId>commons-lang</artifactId>
-                <version>2.6</version>
+                <groupId>org.apache.commons</groupId>
+                <artifactId>commons-lang3</artifactId>
+                <version>3.18.0</version>
             </dependency>
             <dependency>
                 <groupId>commons-io</groupId>
@@ -439,8 +439,8 @@
             </dependency>
             <dependency>
                 <groupId>org.apache.commons</groupId>
-                <artifactId>commons-fileupload2-jakarta</artifactId>
-                <version>2.0.0-M1</version>
+                <artifactId>commons-fileupload2-jakarta-servlet6</artifactId>
+                <version>2.0.0-M4</version>
             </dependency>
             <dependency>
                 <groupId>commons-net</groupId>

remote-api/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo</artifactId>
-        <version>23.5.0.1</version>
+        <version>23.6.0.18</version>
     </parent>
 
     <dependencies>

remote-api/src/main/java/org/alfresco/repo/web/scripts/servlet/RemoteUserAuthenticatorFactory.java

@@ -2,7 +2,7 @@
  * #%L
  * Alfresco Remote API
  * %%
- * Copyright (C) 2005 - 2023 Alfresco Software Limited
+ * Copyright (C) 2005 - 2025 Alfresco Software Limited
  * %%
  * This file is part of the Alfresco software. 
  * If the software was purchased under a paid Alfresco license, the terms of 
@@ -34,7 +34,7 @@ import org.alfresco.repo.management.subsystems.ActivateableBean;
 import org.alfresco.repo.security.authentication.AuthenticationComponent;
 import org.alfresco.repo.security.authentication.AuthenticationException;
 import org.alfresco.repo.security.authentication.AuthenticationUtil;
-import org.alfresco.repo.security.authentication.external.AdminConsoleAuthenticator;
+import org.alfresco.repo.security.authentication.external.ExternalUserAuthenticator;
 import org.alfresco.repo.security.authentication.external.RemoteUserMapper;
 import org.alfresco.repo.web.auth.AuthenticationListener;
 import org.alfresco.repo.web.auth.TicketCredentials;
@@ -55,7 +55,7 @@ import java.util.List;
 import java.util.Set;
 
 /**
- * Authenticator to provide Remote User based Header authentication dropping back to Basic Auth otherwise. 
+ * Authenticator to provide Remote User based Header authentication dropping back to Basic Auth otherwise.
  * Statelessly authenticating via a secure header now does not require a Session so can be used with
  * request-level load balancers which was not previously possible.
  * <p>
@@ -73,9 +73,11 @@ public class RemoteUserAuthenticatorFactory extends BasicHttpAuthenticatorFactor
 
     protected RemoteUserMapper remoteUserMapper;
     protected AuthenticationComponent authenticationComponent;
-    protected AdminConsoleAuthenticator adminConsoleAuthenticator;
+    protected ExternalUserAuthenticator adminConsoleAuthenticator;
+    protected ExternalUserAuthenticator webScriptsHomeAuthenticator;
 
     private boolean alwaysAllowBasicAuthForAdminConsole = true;
+    private boolean alwaysAllowBasicAuthForWebScriptsHome = true;
     List<String> adminConsoleScriptFamilies;
     long getRemoteUserTimeoutMilliseconds = GET_REMOTE_USER_TIMEOUT_MILLISECONDS_DEFAULT;
 
@@ -84,7 +86,7 @@ public class RemoteUserAuthenticatorFactory extends BasicHttpAuthenticatorFactor
     {
         this.remoteUserMapper = remoteUserMapper;
     }
-    
+
     public void setAuthenticationComponent(AuthenticationComponent authenticationComponent)
     {
         this.authenticationComponent = authenticationComponent;
@@ -100,6 +102,16 @@ public class RemoteUserAuthenticatorFactory extends BasicHttpAuthenticatorFactor
         this.alwaysAllowBasicAuthForAdminConsole = alwaysAllowBasicAuthForAdminConsole;
     }
 
+    public boolean isAlwaysAllowBasicAuthForWebScriptsHome()
+    {
+        return alwaysAllowBasicAuthForWebScriptsHome;
+    }
+
+    public void setAlwaysAllowBasicAuthForWebScriptsHome(boolean alwaysAllowBasicAuthForWebScriptsHome)
+    {
+        this.alwaysAllowBasicAuthForWebScriptsHome = alwaysAllowBasicAuthForWebScriptsHome;
+    }
+
     public List<String> getAdminConsoleScriptFamilies()
     {
         return adminConsoleScriptFamilies;
@@ -121,11 +133,17 @@ public class RemoteUserAuthenticatorFactory extends BasicHttpAuthenticatorFactor
     }
 
     public void setAdminConsoleAuthenticator(
-        AdminConsoleAuthenticator adminConsoleAuthenticator)
+            ExternalUserAuthenticator adminConsoleAuthenticator)
     {
         this.adminConsoleAuthenticator = adminConsoleAuthenticator;
     }
 
+    public void setWebScriptsHomeAuthenticator(
+            ExternalUserAuthenticator webScriptsHomeAuthenticator)
+    {
+        this.webScriptsHomeAuthenticator = webScriptsHomeAuthenticator;
+    }
+
     @Override
     public Authenticator create(WebScriptServletRequest req, WebScriptServletResponse res)
     {
@@ -139,11 +157,13 @@ public class RemoteUserAuthenticatorFactory extends BasicHttpAuthenticatorFactor
      */
     public class RemoteUserAuthenticator extends BasicHttpAuthenticator
     {
+        private static final String WEB_SCRIPTS_BASE_PATH = "org/springframework/extensions/webscripts";
+
         public RemoteUserAuthenticator(WebScriptServletRequest req, WebScriptServletResponse res, AuthenticationListener listener)
         {
             super(req, res, listener);
         }
-        
+
         @Override
         public boolean authenticate(RequiredAuthentication required, boolean isGuest)
         {
@@ -159,24 +179,47 @@ public class RemoteUserAuthenticatorFactory extends BasicHttpAuthenticatorFactor
             {
 
                 if (servletReq.getServiceMatch() != null &&
-                    isAdminConsoleWebScript(servletReq.getServiceMatch().getWebScript()) && isAdminConsoleAuthenticatorActive())
+                        isAdminConsole(servletReq.getServiceMatch().getWebScript()) && isAdminConsoleAuthenticatorActive())
                 {
                     userId = getAdminConsoleUser();
                 }
+                else if (servletReq.getServiceMatch() != null &&
+                        isWebScriptsHome(servletReq.getServiceMatch().getWebScript()) && isWebScriptsHomeAuthenticatorActive())
+                {
+                    userId = getWebScriptsHomeUser();
+                }
 
                 if (userId == null)
                 {
                     if (isAlwaysAllowBasicAuthForAdminConsole())
                     {
-                        final boolean useTimeoutForAdminAccessingAdminConsole = shouldUseTimeoutForAdminAccessingAdminConsole(required, isGuest);
+                        boolean shouldUseTimeout = shouldUseTimeoutForAdminAccessingAdminConsole(required, isGuest);
 
-                        if (useTimeoutForAdminAccessingAdminConsole && isBasicAuthHeaderPresentForAdmin())
+                        if (shouldUseTimeout && isBasicAuthHeaderPresentForAdmin())
                         {
-                            return callBasicAuthForAdminConsoleAccess(required, isGuest);
+                            return callBasicAuthForAdminConsoleOrWebScriptsHomeAccess(required, isGuest);
                         }
                         try
                         {
-                            userId = getRemoteUserWithTimeout(useTimeoutForAdminAccessingAdminConsole);
+                            userId = getRemoteUserWithTimeout(shouldUseTimeout);
+                        }
+                        catch (AuthenticationTimeoutException e)
+                        {
+                            // return basic auth challenge
+                            return false;
+                        }
+                    }
+                    else if (isAlwaysAllowBasicAuthForWebScriptsHome())
+                    {
+                        boolean shouldUseTimeout = shouldUseTimeoutForAdminAccessingWebScriptsHome(required, isGuest);
+
+                        if (shouldUseTimeout && isBasicAuthHeaderPresentForAdmin())
+                        {
+                            return callBasicAuthForAdminConsoleOrWebScriptsHomeAccess(required, isGuest);
+                        }
+                        try
+                        {
+                            userId = getRemoteUserWithTimeout(shouldUseTimeout);
                         }
                         catch (AuthenticationTimeoutException e)
                         {
@@ -255,38 +298,63 @@ public class RemoteUserAuthenticatorFactory extends BasicHttpAuthenticatorFactor
                     authenticated = super.authenticate(required, isGuest);
                 }
             }
-            if(!authenticated && servletReq.getServiceMatch() != null &&
-                isAdminConsoleWebScript(servletReq.getServiceMatch().getWebScript()) && isAdminConsoleAuthenticatorActive())
+            if (!authenticated && servletReq.getServiceMatch() != null)
             {
-                adminConsoleAuthenticator.requestAuthentication(this.servletReq.getHttpServletRequest(), this.servletRes.getHttpServletResponse());
+                WebScript webScript = servletReq.getServiceMatch().getWebScript();
+
+                if (isAdminConsole(webScript) && isAdminConsoleAuthenticatorActive())
+                {
+                    adminConsoleAuthenticator.requestAuthentication(
+                            this.servletReq.getHttpServletRequest(),
+                            this.servletRes.getHttpServletResponse());
+                }
+                else if (isWebScriptsHome(webScript)
+                        && isWebScriptsHomeAuthenticatorActive())
+                {
+                    webScriptsHomeAuthenticator.requestAuthentication(
+                            this.servletReq.getHttpServletRequest(),
+                            this.servletRes.getHttpServletResponse());
+                }
             }
             return authenticated;
         }
 
-        private boolean callBasicAuthForAdminConsoleAccess(RequiredAuthentication required, boolean isGuest)
+        private boolean callBasicAuthForAdminConsoleOrWebScriptsHomeAccess(RequiredAuthentication required, boolean isGuest)
         {
             // return REST call, after a timeout/basic auth challenge
             if (LOGGER.isTraceEnabled())
             {
-                LOGGER.trace("An Admin Console request has come in with Basic Auth headers present for an admin user.");
+                LOGGER.trace("An Admin Console or WebScripts Home request has come in with Basic Auth headers present for an admin user.");
             }
             // In order to prompt for another password, in case it was not entered correctly,
             // the output of this method should be returned by the calling "authenticate" method;
             // This would also mean, that once the admin basic auth header is present,
-            // the authentication chain will not be used for the admin console access
+            // the authentication chain will not be used for access
             return super.authenticate(required, isGuest);
         }
 
         private boolean shouldUseTimeoutForAdminAccessingAdminConsole(RequiredAuthentication required, boolean isGuest)
         {
-            boolean useTimeoutForAdminAccessingAdminConsole = RequiredAuthentication.admin.equals(required) && !isGuest &&
-                servletReq.getServiceMatch() != null && isAdminConsoleWebScript(servletReq.getServiceMatch().getWebScript());
+            boolean adminConsoleTimeout = RequiredAuthentication.admin.equals(required) && !isGuest &&
+                    servletReq.getServiceMatch() != null && isAdminConsole(servletReq.getServiceMatch().getWebScript());
 
             if (LOGGER.isTraceEnabled())
             {
-                LOGGER.trace("Should ensure that the admins can login with basic auth: " + useTimeoutForAdminAccessingAdminConsole);
+                LOGGER.trace("Should ensure that the admins can login with basic auth: " + adminConsoleTimeout);
             }
-            return useTimeoutForAdminAccessingAdminConsole;
+            return adminConsoleTimeout;
+        }
+
+        private boolean shouldUseTimeoutForAdminAccessingWebScriptsHome(RequiredAuthentication required, boolean isGuest)
+        {
+            boolean adminWebScriptsHomeTimeout = RequiredAuthentication.admin.equals(required) && !isGuest &&
+                    servletReq.getServiceMatch() != null && isWebScriptsHome(servletReq.getServiceMatch().getWebScript());
+
+            if (LOGGER.isTraceEnabled())
+            {
+                LOGGER.trace("Should ensure that the admins can login with basic auth: " + adminWebScriptsHomeTimeout);
+            }
+            return adminWebScriptsHomeTimeout;
         }
 
         private boolean isRemoteUserMapperActive()
@@ -299,7 +367,12 @@ public class RemoteUserAuthenticatorFactory extends BasicHttpAuthenticatorFactor
             return adminConsoleAuthenticator != null && (!(adminConsoleAuthenticator instanceof ActivateableBean) || ((ActivateableBean) adminConsoleAuthenticator).isActive());
         }
 
-        protected boolean isAdminConsoleWebScript(WebScript webScript)
+        private boolean isWebScriptsHomeAuthenticatorActive()
+        {
+            return webScriptsHomeAuthenticator != null && (!(webScriptsHomeAuthenticator instanceof ActivateableBean) || ((ActivateableBean) webScriptsHomeAuthenticator).isActive());
+        }
+
+        protected boolean isAdminConsole(WebScript webScript)
         {
             if (webScript == null || adminConsoleScriptFamilies == null || webScript.getDescription() == null
                 || webScript.getDescription().getFamilys() == null)
@@ -313,7 +386,7 @@ public class RemoteUserAuthenticatorFactory extends BasicHttpAuthenticatorFactor
             }
 
             // intersect the "family" sets defined
-            Set<String> families = new HashSet<String>(webScript.getDescription().getFamilys());
+            Set<String> families = new HashSet<>(webScript.getDescription().getFamilys());
             families.retainAll(adminConsoleScriptFamilies);
             final boolean isAdminConsole = !families.isEmpty();
 
@@ -325,6 +398,23 @@ public class RemoteUserAuthenticatorFactory extends BasicHttpAuthenticatorFactor
             return isAdminConsole;
         }
 
+        protected boolean isWebScriptsHome(WebScript webScript)
+        {
+            if (webScript == null || webScript.toString() == null)
+            {
+                return false;
+            }
+
+            boolean isWebScriptsHome = webScript.toString().startsWith(WEB_SCRIPTS_BASE_PATH);
+
+            if (LOGGER.isTraceEnabled() && isWebScriptsHome)
+            {
+                LOGGER.trace("Detected a WebScripts Home webscript: " + webScript);
+            }
+
+            return isWebScriptsHome;
+        }
+
         protected String getRemoteUserWithTimeout(boolean useTimeout) throws AuthenticationTimeoutException
         {
             if (!useTimeout)
@@ -394,7 +484,7 @@ public class RemoteUserAuthenticatorFactory extends BasicHttpAuthenticatorFactor
         protected String getRemoteUser()
         {
             String userId = null;
-            
+
             // If the remote user mapper is configured, we may be able to map in an externally authenticated user
             if (isRemoteUserMapperActive())
             {
@@ -423,7 +513,21 @@ public class RemoteUserAuthenticatorFactory extends BasicHttpAuthenticatorFactor
 
             if (isRemoteUserMapperActive())
             {
-                userId = adminConsoleAuthenticator.getAdminConsoleUser(this.servletReq.getHttpServletRequest(), this.servletRes.getHttpServletResponse());
+                userId = adminConsoleAuthenticator.getUserId(this.servletReq.getHttpServletRequest(), this.servletRes.getHttpServletResponse());
+            }
+
+            logRemoteUserID(userId);
+
+            return userId;
+        }
+
+        protected String getWebScriptsHomeUser()
+        {
+            String userId = null;
+
+            if (isRemoteUserMapperActive())
+            {
+                userId = webScriptsHomeAuthenticator.getUserId(this.servletReq.getHttpServletRequest(), this.servletRes.getHttpServletResponse());
             }
 
             logRemoteUserID(userId);

remote-api/src/main/java/org/alfresco/repo/web/scripts/transfer/PostContentCommandProcessor.java

@@ -28,11 +28,9 @@ package org.alfresco.repo.web.scripts.transfer;
 
 import jakarta.servlet.http.HttpServletRequest;
 
-import org.alfresco.service.cmr.transfer.TransferException;
-import org.alfresco.service.cmr.transfer.TransferReceiver;
 import org.apache.commons.fileupload2.core.FileItemInput;
 import org.apache.commons.fileupload2.core.FileItemInputIterator;
-import org.apache.commons.fileupload2.jakarta.JakartaServletFileUpload;
+import org.apache.commons.fileupload2.jakarta.servlet6.JakartaServletFileUpload;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.springframework.extensions.webscripts.Status;
@@ -41,6 +39,9 @@ import org.springframework.extensions.webscripts.WebScriptResponse;
 import org.springframework.extensions.webscripts.WrappingWebScriptRequest;
 import org.springframework.extensions.webscripts.servlet.WebScriptServletRequest;
 
+import org.alfresco.service.cmr.transfer.TransferException;
+import org.alfresco.service.cmr.transfer.TransferReceiver;
+
 /**
  * This command processor is used to receive one or more content files for a given transfer.
  * 
@@ -50,9 +51,9 @@ import org.springframework.extensions.webscripts.servlet.WebScriptServletRequest
 public class PostContentCommandProcessor implements CommandProcessor
 {
     private TransferReceiver receiver;
-    
+
     private static final String MSG_CAUGHT_UNEXPECTED_EXCEPTION = "transfer_service.receiver.caught_unexpected_exception";
-    
+
     private static Log logger = LogFactory.getLog(PostContentCommandProcessor.class);
 
     /**
@@ -64,12 +65,9 @@ public class PostContentCommandProcessor implements CommandProcessor
         this.receiver = receiver;
     }
 
-    /*
-     * (non-Javadoc)
+    /* (non-Javadoc)
      * 
-     * @see org.alfresco.repo.web.scripts.transfer.CommandProcessor#process(org.alfresco.web.scripts.WebScriptRequest,
-     * org.alfresco.web.scripts.WebScriptResponse)
-     */
+     * @see org.alfresco.repo.web.scripts.transfer.CommandProcessor#process(org.alfresco.web.scripts.WebScriptRequest, org.alfresco.web.scripts.WebScriptResponse) */
     public int process(WebScriptRequest req, WebScriptResponse resp)
     {
         logger.debug("post content start");
@@ -91,8 +89,7 @@ public class PostContentCommandProcessor implements CommandProcessor
             {
                 current = null;
             }
-        }
-        while (current != null);
+        } while (current != null);
         if (webScriptServletRequest == null)
         {
             resp.setStatus(Status.STATUS_BAD_REQUEST);
@@ -101,7 +98,7 @@ public class PostContentCommandProcessor implements CommandProcessor
 
         HttpServletRequest servletRequest = webScriptServletRequest.getHttpServletRequest();
 
-        //Read the transfer id from the request
+        // Read the transfer id from the request
         String transferId = servletRequest.getParameter("transferId");
 
         if ((transferId == null) || !JakartaServletFileUpload.isMultipartContent(servletRequest))
@@ -124,34 +121,34 @@ public class PostContentCommandProcessor implements CommandProcessor
                     logger.debug("got content Mime Part : " + name);
                     receiver.saveContent(transferId, item.getName(), item.getInputStream());
                 }
-            }            
-            
-//            WebScriptServletRequest alfRequest = (WebScriptServletRequest)req;
-//            String[] names = alfRequest.getParameterNames();
-//            for(String name : names)
-//            {
-//                FormField item = alfRequest.getFileField(name);
-//                
-//                if(item != null)
-//                {
-//                    logger.debug("got content Mime Part : " + name);
-//                    receiver.saveContent(transferId, item.getName(), item.getInputStream());
-//                }
-//                else
-//                {
-//                    //TODO - should this be an exception?
-//                    logger.debug("Unable to get content for Mime Part : " + name);
-//                }
-//            }
-            
+            }
+
+            // WebScriptServletRequest alfRequest = (WebScriptServletRequest)req;
+            // String[] names = alfRequest.getParameterNames();
+            // for(String name : names)
+            // {
+            // FormField item = alfRequest.getFileField(name);
+            //
+            // if(item != null)
+            // {
+            // logger.debug("got content Mime Part : " + name);
+            // receiver.saveContent(transferId, item.getName(), item.getInputStream());
+            // }
+            // else
+            // {
+            // //TODO - should this be an exception?
+            // logger.debug("Unable to get content for Mime Part : " + name);
+            // }
+            // }
+
             logger.debug("success");
-            
+
             resp.setStatus(Status.STATUS_OK);
-        } 
+        }
         catch (Exception ex)
         {
             logger.debug("exception caught", ex);
-            if(transferId != null)
+            if (transferId != null)
             {
                 logger.debug("ending transfer", ex);
                 receiver.end(transferId);

remote-api/src/main/java/org/alfresco/repo/web/scripts/transfer/PostSnapshotCommandProcessor.java

@@ -27,15 +27,11 @@
 package org.alfresco.repo.web.scripts.transfer;
 
 import java.io.OutputStream;
-
 import jakarta.servlet.http.HttpServletRequest;
 
-import org.alfresco.repo.transfer.TransferCommons;
-import org.alfresco.service.cmr.transfer.TransferException;
-import org.alfresco.service.cmr.transfer.TransferReceiver;
 import org.apache.commons.fileupload2.core.FileItemInput;
 import org.apache.commons.fileupload2.core.FileItemInputIterator;
-import org.apache.commons.fileupload2.jakarta.JakartaServletFileUpload;
+import org.apache.commons.fileupload2.jakarta.servlet6.JakartaServletFileUpload;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.springframework.extensions.webscripts.Status;
@@ -44,6 +40,10 @@ import org.springframework.extensions.webscripts.WebScriptResponse;
 import org.springframework.extensions.webscripts.WrappingWebScriptRequest;
 import org.springframework.extensions.webscripts.servlet.WebScriptServletRequest;
 
+import org.alfresco.repo.transfer.TransferCommons;
+import org.alfresco.service.cmr.transfer.TransferException;
+import org.alfresco.service.cmr.transfer.TransferReceiver;
+
 /**
  * This command processor is used to receive the snapshot for a given transfer.
  * 
@@ -53,17 +53,17 @@ import org.springframework.extensions.webscripts.servlet.WebScriptServletRequest
 public class PostSnapshotCommandProcessor implements CommandProcessor
 {
     private TransferReceiver receiver;
-    
+
     private static Log logger = LogFactory.getLog(PostSnapshotCommandProcessor.class);
 
     private static final String MSG_CAUGHT_UNEXPECTED_EXCEPTION = "transfer_service.receiver.caught_unexpected_exception";
 
     /* (non-Javadoc)
-     * @see org.alfresco.repo.web.scripts.transfer.CommandProcessor#process(org.alfresco.web.scripts.WebScriptRequest, org.alfresco.web.scripts.WebScriptResponse)
-     */
+     * 
+     * @see org.alfresco.repo.web.scripts.transfer.CommandProcessor#process(org.alfresco.web.scripts.WebScriptRequest, org.alfresco.web.scripts.WebScriptResponse) */
     public int process(WebScriptRequest req, WebScriptResponse resp)
     {
-        
+
         int result = Status.STATUS_OK;
         // Unwrap to a WebScriptServletRequest if we have one
         WebScriptServletRequest webScriptServletRequest = null;
@@ -83,45 +83,44 @@ public class PostSnapshotCommandProcessor implements CommandProcessor
             {
                 current = null;
             }
-        }
-        while (current != null);
-        if (webScriptServletRequest == null) 
+        } while (current != null);
+        if (webScriptServletRequest == null)
         {
             logger.debug("bad request, not assignable from");
             resp.setStatus(Status.STATUS_BAD_REQUEST);
             return Status.STATUS_BAD_REQUEST;
         }
-                
-        //We can't use the WebScriptRequest version of getParameter, since that may cause the content stream 
-        //to be parsed. Get hold of the raw HttpServletRequest and work with that.
+
+        // We can't use the WebScriptRequest version of getParameter, since that may cause the content stream
+        // to be parsed. Get hold of the raw HttpServletRequest and work with that.
         HttpServletRequest servletRequest = webScriptServletRequest.getHttpServletRequest();
-        
-        //Read the transfer id from the request
+
+        // Read the transfer id from the request
         String transferId = servletRequest.getParameter("transferId");
-        
+
         if ((transferId == null) || !JakartaServletFileUpload.isMultipartContent(servletRequest))
         {
             logger.debug("bad request, not multipart");
             resp.setStatus(Status.STATUS_BAD_REQUEST);
             return Status.STATUS_BAD_REQUEST;
         }
-        
-        try 
+
+        try
         {
             logger.debug("about to upload manifest file");
 
             JakartaServletFileUpload upload = new JakartaServletFileUpload();
             FileItemInputIterator iter = upload.getItemIterator(servletRequest);
-            while (iter.hasNext()) 
+            while (iter.hasNext())
             {
                 FileItemInput item = iter.next();
-                if (!item.isFormField() && TransferCommons.PART_NAME_MANIFEST.equals(item.getFieldName())) 
+                if (!item.isFormField() && TransferCommons.PART_NAME_MANIFEST.equals(item.getFieldName()))
                 {
                     logger.debug("got manifest file");
                     receiver.saveSnapshot(transferId, item.getInputStream());
                 }
             }
-          
+
             logger.debug("success");
             resp.setStatus(Status.STATUS_OK);
 
@@ -133,10 +132,10 @@ public class PostSnapshotCommandProcessor implements CommandProcessor
                 receiver.generateRequsite(transferId, out);
             }
         }
-        catch (Exception ex) 
+        catch (Exception ex)
         {
             logger.debug("exception caught", ex);
-            if(transferId != null)
+            if (transferId != null)
             {
                 logger.debug("ending transfer", ex);
                 receiver.end(transferId);
@@ -151,7 +150,8 @@ public class PostSnapshotCommandProcessor implements CommandProcessor
     }
 
     /**
-     * @param receiver the receiver to set
+     * @param receiver
+     *            the receiver to set
      */
     public void setReceiver(TransferReceiver receiver)
     {

remote-api/src/main/java/org/alfresco/rest/api/impl/AuditImpl.java

@@ -2,7 +2,7 @@
  * #%L
  * Alfresco Remote API
  * %%
- * Copyright (C) 2005 - 2024 Alfresco Software Limited
+ * Copyright (C) 2005 - 2016 Alfresco Software Limited
  * %%
  * This file is part of the Alfresco software. 
  * If the software was purchased under a paid Alfresco license, the terms of 
@@ -21,7 +21,7 @@
  * 
  * You should have received a copy of the GNU Lesser General Public License
  * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
- * #L%
+ * #L% 
  */
 package org.alfresco.rest.api.impl;
 
@@ -85,7 +85,7 @@ public class AuditImpl implements Audit
 
     // list of equals filter's auditEntry (via where clause)
     private final static Set<String> LIST_AUDIT_ENTRY_EQUALS_QUERY_PROPERTIES = new HashSet<>(
-            Arrays.asList(new String[] { CREATED_BY_USER, VALUES_KEY, VALUES_VALUE }));
+            Arrays.asList(new String[]{CREATED_BY_USER, VALUES_KEY, VALUES_VALUE}));
 
     // map of sort parameters for the moment one createdAt
     private final static Map<String, String> SORT_PARAMS_TO_NAMES;
@@ -295,23 +295,29 @@ public class AuditImpl implements Audit
         }
         else
         {
-            if (hasMoreItems) {
-                if (q != null) {
+            if (hasMoreItems)
+            {
+                if (q != null)
+                {
                     // filtering via "where" clause
                     AuditEntryQueryWalker propertyWalker = new AuditEntryQueryWalker();
                     QueryHelper.walk(q, propertyWalker);
                     totalItems = getAuditEntriesCountByAppAndProperties(auditApplication, propertyWalker);
-                } else {
+                }
+                else
+                {
                     totalItems = getAuditEntriesCountByApp(auditApplication);
                 }
-            } else {
+            }
+            else
+            {
                 totalItems = totalRetrievedItems;
             }
         }
 
         entriesAudit = (skipCount >= totalRetrievedItems)
-                        ? Collections.emptyList()
-                        : entriesAudit.subList(skipCount, end);
+                ? Collections.emptyList()
+                : entriesAudit.subList(skipCount, end);
         return CollectionWithPagingInfo.asPaged(paging, entriesAudit, hasMoreItems, totalItems);
     }
 
@@ -475,8 +481,7 @@ public class AuditImpl implements Audit
         final Map<String, UserInfo> mapUserInfo = new HashMap<>(10);
 
         // create the callback for auditQuery method
-        final AuditQueryCallback callback = new AuditQueryCallback()
-        {
+        final AuditQueryCallback callback = new AuditQueryCallback() {
             public boolean valuesRequired()
             {
                 return ((includeParam != null) && (includeParam.contains(PARAM_INCLUDE_VALUES)));
@@ -532,7 +537,7 @@ public class AuditImpl implements Audit
         params.setApplicationName(auditApplication.getName());
         params.setFromId(auditEntryId);
         params.setToId(auditEntryId + 1);
-        
+
         List<String> includeParam = new ArrayList<>();
         if (parameters != null)
         {
@@ -545,8 +550,7 @@ public class AuditImpl implements Audit
         final List<AuditEntry> results = new ArrayList<>();
 
         // create the callback for auditQuery method
-        final AuditQueryCallback callback = new AuditQueryCallback()
-        {
+        final AuditQueryCallback callback = new AuditQueryCallback() {
             public boolean valuesRequired()
             {
                 return ((includeParam != null) && (includeParam.contains(PARAM_INCLUDE_VALUES)));
@@ -710,8 +714,7 @@ public class AuditImpl implements Audit
     @Override
     public CollectionWithPagingInfo<AuditEntry> listAuditEntriesByNodeId(String nodeId, Parameters parameters)
     {
-        AuthenticationUtil.runAs(new RunAsWork<Void>()
-        {
+        AuthenticationUtil.runAs(new RunAsWork<Void>() {
             public Void doWork() throws Exception
             {
                 checkEnabled();
@@ -772,8 +775,7 @@ public class AuditImpl implements Audit
         final List<AuditEntry> results = new ArrayList<>();
 
         String auditAppId = "alfresco-access";
-        String auditApplicationName = AuthenticationUtil.runAs(new RunAsWork<String>()
-        {
+        String auditApplicationName = AuthenticationUtil.runAs(new RunAsWork<String>() {
             public String doWork() throws Exception
             {
                 return findAuditAppByIdOr404(auditAppId).getName();
@@ -781,8 +783,7 @@ public class AuditImpl implements Audit
         }, AuthenticationUtil.getSystemUserName());
 
         // create the callback for auditQuery method
-        final AuditQueryCallback callback = new AuditQueryCallback()
-        {
+        final AuditQueryCallback callback = new AuditQueryCallback() {
             public boolean valuesRequired()
             {
                 return ((includeParam != null) && (includeParam.contains(PARAM_INCLUDE_VALUES)));
@@ -808,8 +809,7 @@ public class AuditImpl implements Audit
         Long toTime = propertyWalker.getToTime();
         validateWhereBetween(nodeRef.getId(), fromTime, toTime);
 
-        AuthenticationUtil.runAs(new RunAsWork<Object>()
-        {
+        AuthenticationUtil.runAs(new RunAsWork<Object>() {
             public Object doWork() throws Exception
             {
                 // QueryParameters
@@ -820,7 +820,7 @@ public class AuditImpl implements Audit
                 pathParams.setFromTime(fromTime);
                 pathParams.setToTime(toTime);
                 pathParams.setApplicationName(auditApplicationName);
-                pathParams.addSearchKey("/"+auditAppId+"/transaction/path", nodePath);
+                pathParams.addSearchKey("/" + auditAppId + "/transaction/path", nodePath);
                 auditService.auditQuery(callback, pathParams, limit);
 
                 AuditQueryParameters copyFromPathParams = new AuditQueryParameters();
@@ -830,7 +830,7 @@ public class AuditImpl implements Audit
                 copyFromPathParams.setFromTime(fromTime);
                 copyFromPathParams.setToTime(toTime);
                 copyFromPathParams.setApplicationName(auditApplicationName);
-                copyFromPathParams.addSearchKey("/"+auditAppId+"/transaction/copy/from/path", nodePath);
+                copyFromPathParams.addSearchKey("/" + auditAppId + "/transaction/copy/from/path", nodePath);
                 auditService.auditQuery(callback, copyFromPathParams, limit);
 
                 AuditQueryParameters moveFromPathParams = new AuditQueryParameters();
@@ -840,7 +840,7 @@ public class AuditImpl implements Audit
                 moveFromPathParams.setFromTime(fromTime);
                 moveFromPathParams.setToTime(toTime);
                 moveFromPathParams.setApplicationName(auditApplicationName);
-                moveFromPathParams.addSearchKey("/"+auditAppId+"/transaction/move/from/path", nodePath);
+                moveFromPathParams.addSearchKey("/" + auditAppId + "/transaction/move/from/path", nodePath);
                 auditService.auditQuery(callback, moveFromPathParams, limit);
 
                 return null;
@@ -857,7 +857,7 @@ public class AuditImpl implements Audit
 
         public AuditEntriesByNodeIdQueryWalker()
         {
-            super(new HashSet<>(Arrays.asList(new String[] { CREATED_BY_USER })), null);
+            super(new HashSet<>(Arrays.asList(new String[]{CREATED_BY_USER})), null);
         }
 
         @Override
@@ -909,14 +909,16 @@ public class AuditImpl implements Audit
 
     public int getAuditEntriesCountByAppAndProperties(AuditService.AuditApplication auditApplication, AuditEntryQueryWalker propertyWalker)
     {
+        final String applicationName = auditApplication.getKey().substring(1);
+
         AuditQueryParameters parameters = new AuditQueryParameters();
-        parameters.setApplicationName(auditApplication.getName());
+        parameters.setApplicationName(applicationName);
         parameters.setFromTime(propertyWalker.getFromTime());
         parameters.setToTime(propertyWalker.getToTime());
         parameters.setFromId(propertyWalker.getFromId());
         parameters.setToId(propertyWalker.getToId());
         parameters.setUser(propertyWalker.getCreatedByUser());
 
-        return auditService.getAuditEntriesCountByAppAndProperties(parameters);
+        return auditService.getAuditEntriesCountByAppAndProperties(applicationName, parameters);
     }
 }

remote-api/src/main/java/org/alfresco/rest/api/impl/QueriesImpl.java

@@ -2,23 +2,23 @@
  * #%L
  * Alfresco Remote API
  * %%
- * Copyright (C) 2005 - 2016 Alfresco Software Limited
+ * Copyright (C) 2005 - 2025 Alfresco Software Limited
  * %%
- * This file is part of the Alfresco software. 
- * If the software was purchased under a paid Alfresco license, the terms of 
- * the paid license agreement will prevail.  Otherwise, the software is 
+ * This file is part of the Alfresco software.
+ * If the software was purchased under a paid Alfresco license, the terms of
+ * the paid license agreement will prevail.  Otherwise, the software is
  * provided under the following open source license terms:
- * 
+ *
  * Alfresco is free software: you can redistribute it and/or modify
  * it under the terms of the GNU Lesser General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.
- * 
+ *
  * Alfresco is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU Lesser General Public License for more details.
- * 
+ *
  * You should have received a copy of the GNU Lesser General Public License
  * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
  * #L%
@@ -38,11 +38,19 @@ import java.util.Collections;
 import java.util.Comparator;
 import java.util.HashMap;
 import java.util.Iterator;
+import java.util.LinkedHashMap;
 import java.util.List;
 import java.util.Map;
+import java.util.Set;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.springframework.beans.factory.InitializingBean;
+import org.springframework.extensions.surf.util.I18NUtil;
 
 import org.alfresco.model.ContentModel;
 import org.alfresco.query.PagingRequest;
+import org.alfresco.repo.security.permissions.AccessDeniedException;
 import org.alfresco.repo.site.SiteModel;
 import org.alfresco.rest.api.Nodes;
 import org.alfresco.rest.api.People;
@@ -77,8 +85,6 @@ import org.alfresco.util.AlfrescoCollator;
 import org.alfresco.util.ISO9075;
 import org.alfresco.util.ParameterCheck;
 import org.alfresco.util.SearchLanguageConversion;
-import org.springframework.beans.factory.InitializingBean;
-import org.springframework.extensions.surf.util.I18NUtil;
 
 /**
  * Queries implementation
@@ -88,43 +94,43 @@ import org.springframework.extensions.surf.util.I18NUtil;
  */
 public class QueriesImpl implements Queries, InitializingBean
 {
-    private final static Map<String,QName> NODE_SORT_PARAMS_TO_QNAMES = sortParamsToQNames(
-        PARAM_NAME,       ContentModel.PROP_NAME,
-        PARAM_CREATEDAT,  ContentModel.PROP_CREATED,
-        PARAM_MODIFIEDAT, ContentModel.PROP_MODIFIED);
+    private static final Log LOGGER = LogFactory.getLog(QueriesImpl.class);
+    private final static Map<String, QName> NODE_SORT_PARAMS_TO_QNAMES = sortParamsToQNames(
+            PARAM_NAME, ContentModel.PROP_NAME,
+            PARAM_CREATEDAT, ContentModel.PROP_CREATED,
+            PARAM_MODIFIEDAT, ContentModel.PROP_MODIFIED);
 
     private final static Map<String, QName> PEOPLE_SORT_PARAMS_TO_QNAMES = sortParamsToQNames(
-        PARAM_PERSON_ID, ContentModel.PROP_USERNAME,
-        ContentModel.PROP_FIRSTNAME,
-        ContentModel.PROP_LASTNAME);
+            PARAM_PERSON_ID, ContentModel.PROP_USERNAME,
+            ContentModel.PROP_FIRSTNAME,
+            ContentModel.PROP_LASTNAME);
 
     private final static Map<String, QName> SITE_SORT_PARAMS_TO_QNAMES = sortParamsToQNames(
-            PARAM_SITE_ID,  ContentModel.PROP_NAME,
-            PARAM_SITE_TITLE,  ContentModel.PROP_TITLE,
+            PARAM_SITE_ID, ContentModel.PROP_NAME,
+            PARAM_SITE_TITLE, ContentModel.PROP_TITLE,
             PARAM_SITE_DESCRIPTION, ContentModel.PROP_DESCRIPTION);
 
     /**
-     * Helper method to build a map of sort parameter names to QNames. This method iterates through
-     * the parameters. If a parameter is a String it is assumed to be a sort parameter name and will
-     * be followed by a QName to which it maps. If however it is a QName the local name of the OName
-     * is used as the sort parameter name.
-     * @param parameters to build up the map.
+     * Helper method to build a map of sort parameter names to QNames. This method iterates through the parameters. If a parameter is a String it is assumed to be a sort parameter name and will be followed by a QName to which it maps. If however it is a QName the local name of the OName is used as the sort parameter name.
+     * 
+     * @param parameters
+     *            to build up the map.
      * @return the map
      */
     private static Map<String, QName> sortParamsToQNames(Object... parameters)
     {
         Map<String, QName> map = new HashMap<>();
-        for (int i=0; i<parameters.length; i++)
+        for (int i = 0; i < parameters.length; i++)
         {
             map.put(
-                parameters[i] instanceof String
-                ? (String)parameters[i++]
-                : ((QName)parameters[i]).getLocalName(),
-                (QName)parameters[i]);
+                    parameters[i] instanceof String
+                            ? (String) parameters[i++]
+                            : ((QName) parameters[i]).getLocalName(),
+                    (QName) parameters[i]);
         }
         return Collections.unmodifiableMap(map);
     }
-    
+
     private ServiceRegistry sr;
     private NodeService nodeService;
     private NamespaceService namespaceService;
@@ -162,7 +168,7 @@ public class QueriesImpl implements Queries, InitializingBean
         ParameterCheck.mandatory("nodes", this.nodes);
         ParameterCheck.mandatory("people", this.people);
         ParameterCheck.mandatory("sites", this.sites);
-        
+
         this.nodeService = sr.getNodeService();
         this.namespaceService = sr.getNamespaceService();
         this.dictionaryService = sr.getDictionaryService();
@@ -173,10 +179,9 @@ public class QueriesImpl implements Queries, InitializingBean
     public CollectionWithPagingInfo<Node> findNodes(Parameters parameters)
     {
         SearchService searchService = sr.getSearchService();
-        return new AbstractQuery<Node>(nodeService, searchService)
-        {
+        return new AbstractQuery<Node>(nodeService, searchService) {
             private final Map<String, UserInfo> mapUserInfo = new HashMap<>(10);
-            
+
             @Override
             protected void buildQuery(StringBuilder query, String term, SearchParameters sp, String queryTemplateName)
             {
@@ -198,14 +203,14 @@ public class QueriesImpl implements Queries, InitializingBean
                 {
                     query.append(")");
                 }
-                
+
                 String nodeTypeStr = parameters.getParameter(PARAM_NODE_TYPE);
                 if (nodeTypeStr != null)
                 {
                     QName filterNodeTypeQName = nodes.createQName(nodeTypeStr);
                     if (dictionaryService.getType(filterNodeTypeQName) == null)
                     {
-                        throw new InvalidArgumentException("Unknown filter nodeType: "+nodeTypeStr);
+                        throw new InvalidArgumentException("Unknown filter nodeType: " + nodeTypeStr);
                     }
 
                     query.append(" AND (+TYPE:\"").append(nodeTypeStr).append(("\")"));
@@ -229,7 +234,7 @@ public class QueriesImpl implements Queries, InitializingBean
                 Path path = null;
                 try
                 {
-                   path = nodeService.getPath(nodeRef);
+                    path = nodeService.getPath(nodeRef);
                 }
                 catch (InvalidNodeRefException inre)
                 {
@@ -248,7 +253,7 @@ public class QueriesImpl implements Queries, InitializingBean
                             {
                                 // first request for this namespace prefix, get and cache result
                                 Collection<String> prefixes = namespaceService.getPrefixes(qname.getNamespaceURI());
-                                prefix = prefixes.size() != 0 ? prefixes.iterator().next() : "";
+                                prefix = !prefixes.isEmpty() ? prefixes.iterator().next() : "";
                                 cache.put(qname.getNamespaceURI(), prefix);
                             }
                             buf.append('/').append(prefix).append(':').append(ISO9075.encode(qname.getLocalName()));
@@ -262,12 +267,6 @@ public class QueriesImpl implements Queries, InitializingBean
                 return buf.toString();
             }
 
-            @Override
-            protected List<Node> newList(int capacity)
-            {
-                return new ArrayList<Node>(capacity);
-            }
-
             @Override
             protected Node convert(NodeRef nodeRef, List<String> includeParam)
             {
@@ -281,18 +280,17 @@ public class QueriesImpl implements Queries, InitializingBean
                 term = SearchLanguageConversion.escapeLuceneQuery(term);
                 return term;
             }
-            
+
         }.find(parameters, PARAM_TERM, MIN_TERM_LENGTH_NODES, "keywords",
-            IN_QUERY_SORT, NODE_SORT_PARAMS_TO_QNAMES,
-            new SortColumn(PARAM_MODIFIEDAT, false));
+                IN_QUERY_SORT, NODE_SORT_PARAMS_TO_QNAMES,
+                new SortColumn(PARAM_MODIFIEDAT, false));
     }
-    
+
     @Override
     public CollectionWithPagingInfo<Person> findPeople(Parameters parameters)
     {
         SearchService searchService = sr.getSearchService();
-        return new AbstractQuery<Person>(nodeService, searchService)
-        {
+        return new AbstractQuery<Person>(nodeService, searchService) {
             @Override
             protected void buildQuery(StringBuilder query, String term, SearchParameters sp, String queryTemplateName)
             {
@@ -305,33 +303,25 @@ public class QueriesImpl implements Queries, InitializingBean
                 query.append("*\")");
             }
 
-            @Override
-            protected List<Person> newList(int capacity)
-            {
-                return new ArrayList<Person>(capacity);
-            }
-
             @Override
             protected Person convert(NodeRef nodeRef, List<String> includeParam)
             {
                 String personId = (String) nodeService.getProperty(nodeRef, ContentModel.PROP_USERNAME);
-                Person person = people.getPerson(personId);
-                return person;
+                return people.getPerson(personId);
             }
-            
+
             // TODO Do the sort in the query on day. A comment in the code for the V0 API used for live people
-            //      search says adding sort values for this query don't work - tried it and they really don't.
+            // search says adding sort values for this query don't work - tried it and they really don't.
         }.find(parameters, PARAM_TERM, MIN_TERM_LENGTH_PEOPLE, "_PERSON",
-            POST_QUERY_SORT, PEOPLE_SORT_PARAMS_TO_QNAMES,
-            new SortColumn(PARAM_FIRSTNAME, true), new SortColumn(PARAM_LASTNAME, true));
+                POST_QUERY_SORT, PEOPLE_SORT_PARAMS_TO_QNAMES,
+                new SortColumn(PARAM_FIRSTNAME, true), new SortColumn(PARAM_LASTNAME, true));
     }
 
     @Override
     public CollectionWithPagingInfo<Site> findSites(Parameters parameters)
     {
         SearchService searchService = sr.getSearchService();
-        return new AbstractQuery<Site>(nodeService, searchService)
-        {
+        return new AbstractQuery<Site>(nodeService, searchService) {
             @Override
             protected void buildQuery(StringBuilder query, String term, SearchParameters sp, String queryTemplateName)
             {
@@ -343,44 +333,34 @@ public class QueriesImpl implements Queries, InitializingBean
                 query.append(term);
                 query.append("*\")");
             }
-            
-            @Override
-            protected List<Site> newList(int capacity)
-            {
-                return new ArrayList<>(capacity);
-            }
 
             @Override
             protected Site convert(NodeRef nodeRef, List<String> includeParam)
             {
-                return getSite(siteService.getSite(nodeRef), true);
+                return getSite(siteService.getSite(nodeRef));
             }
 
             // note: see also Sites.getSite
-            private Site getSite(SiteInfo siteInfo, boolean includeRole)
+            private Site getSite(SiteInfo siteInfo)
             {
                 // set the site id to the short name (to deal with case sensitivity issues with using the siteId from the url)
                 String siteId = siteInfo.getShortName();
-                String role = null;
-                if(includeRole)
-                {
-                    role = sites.getSiteRole(siteId);
-                }
+                String role = sites.getSiteRole(siteId);
                 return new Site(siteInfo, role);
             }
         }.find(parameters, PARAM_TERM, MIN_TERM_LENGTH_SITES, "_SITE", POST_QUERY_SORT, SITE_SORT_PARAMS_TO_QNAMES, new SortColumn(PARAM_SITE_TITLE, true));
     }
-    
+
     public abstract static class AbstractQuery<T>
     {
         public enum Sort
         {
             IN_QUERY_SORT, POST_QUERY_SORT
         }
-        
+
         private final NodeService nodeService;
         private final SearchService searchService;
-        
+
         public AbstractQuery(NodeService nodeService, SearchService searchService)
         {
             this.nodeService = nodeService;
@@ -388,14 +368,14 @@ public class QueriesImpl implements Queries, InitializingBean
         }
 
         public CollectionWithPagingInfo<T> find(Parameters parameters,
-            String termName, int minTermLength, String queryTemplateName,
-            Sort sort, Map<String, QName> sortParamsToQNames, SortColumn... defaultSort)
+                String termName, int minTermLength, String queryTemplateName,
+                Sort sort, Map<String, QName> sortParamsToQNames, SortColumn... defaultSort)
         {
             SearchParameters sp = new SearchParameters();
             sp.setLanguage(SearchService.LANGUAGE_FTS_ALFRESCO);
             sp.addStore(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE);
             sp.setDefaultFieldName(queryTemplateName);
-            
+
             String term = getTerm(parameters, termName, minTermLength);
 
             StringBuilder query = new StringBuilder();
@@ -404,7 +384,7 @@ public class QueriesImpl implements Queries, InitializingBean
 
             Paging paging = parameters.getPaging();
             PagingRequest pagingRequest = Util.getPagingRequest(paging);
-            
+
             List<SortColumn> defaultSortCols = (defaultSort != null ? Arrays.asList(defaultSort) : Collections.emptyList());
             if (sort == IN_QUERY_SORT)
             {
@@ -413,36 +393,43 @@ public class QueriesImpl implements Queries, InitializingBean
                 sp.setSkipCount(pagingRequest.getSkipCount());
                 sp.setMaxItems(pagingRequest.getMaxItems());
             }
-            
+
             ResultSet queryResults = null;
-            List<T> collection = null;
             try
             {
                 queryResults = searchService.query(sp);
-                
+
                 List<NodeRef> nodeRefs = queryResults.getNodeRefs();
-                
-                if (sort == POST_QUERY_SORT)
-                {
-                    nodeRefs = postQuerySort(parameters, sortParamsToQNames, defaultSortCols, nodeRefs);
-                }
-                
-                collection = newList(nodeRefs.size());
+
+                Map<NodeRef, T>
+
+                collection = new LinkedHashMap<>(nodeRefs.size());
                 List<String> includeParam = parameters.getInclude();
 
                 for (NodeRef nodeRef : nodeRefs)
                 {
-                    T t = convert(nodeRef, includeParam);
-                    collection.add(t);
+                    try
+                    {
+                        T t = convert(nodeRef, includeParam);
+                        collection.put(nodeRef, t);
+                    }
+                    catch (AccessDeniedException ade)
+                    {
+                        LOGGER.debug("Ignoring search result for nodeRef " + nodeRef + " due to access denied exception", ade);
+                    }
                 }
 
                 if (sort == POST_QUERY_SORT)
                 {
-                    return listPage(collection, paging);
+                    List<T> postQuerySortedCollection = postQuerySort(parameters, sortParamsToQNames, defaultSortCols, collection.keySet())
+                            .stream()
+                            .map(collection::get)
+                            .toList();
+                    return listPage(postQuerySortedCollection, paging);
                 }
                 else
                 {
-                    return CollectionWithPagingInfo.asPaged(paging, collection, queryResults.hasMore(), Long.valueOf(queryResults.getNumberFound()).intValue());
+                    return CollectionWithPagingInfo.asPaged(paging, collection.values(), queryResults.hasMore(), Long.valueOf(queryResults.getNumberFound()).intValue());
                 }
             }
             finally
@@ -455,40 +442,39 @@ public class QueriesImpl implements Queries, InitializingBean
         }
 
         /**
-         * Builds up the query and is expected to call {@link SearchParameters#setDefaultFieldName(String)}
-         * and {@link SearchParameters#addQueryTemplate(String, String)}
-         * @param query StringBuilder into which the query should be built.
-         * @param term to be searched for
-         * @param sp SearchParameters
+         * Builds up the query and is expected to call {@link SearchParameters#setDefaultFieldName(String)} and {@link SearchParameters#addQueryTemplate(String, String)}
+         * 
+         * @param query
+         *            StringBuilder into which the query should be built.
+         * @param term
+         *            to be searched for
+         * @param sp
+         *            SearchParameters
          * @param queryTemplateName
          */
         protected abstract void buildQuery(StringBuilder query, String term, SearchParameters sp, String queryTemplateName);
-        
-        /**
-         * Returns a list of the correct type.
-         * @param capacity of the list
-         * @return a new list.
-         */
-        protected abstract List<T> newList(int capacity);
 
         /**
          * Converts a nodeRef into the an object of the required type.
-         * @param nodeRef to be converted
-         * @param includeParam additional fields to be included
+         * 
+         * @param nodeRef
+         *            to be converted
+         * @param includeParam
+         *            additional fields to be included
          * @return the object
          */
         protected abstract T convert(NodeRef nodeRef, List<String> includeParam);
-        
+
         protected String getTerm(Parameters parameters, String termName, int minTermLength)
         {
             String term = parameters.getParameter(termName);
             if (term == null)
             {
-                throw new InvalidArgumentException("Query '"+termName+"' not specified");
+                throw new InvalidArgumentException("Query '" + termName + "' not specified");
             }
-            
+
             term = escapeTerm(term);
-            
+
             int cnt = 0;
             for (int i = 0; i < term.length(); i++)
             {
@@ -505,7 +491,7 @@ public class QueriesImpl implements Queries, InitializingBean
 
             if (cnt < minTermLength)
             {
-                throw new InvalidArgumentException("Query '"+termName+"' is too short. Must have at least "+minTermLength+" alphanumeric chars");
+                throw new InvalidArgumentException("Query '" + termName + "' is too short. Must have at least " + minTermLength + " alphanumeric chars");
             }
 
             return term;
@@ -524,12 +510,12 @@ public class QueriesImpl implements Queries, InitializingBean
             term = SearchLanguageConversion.escapeLuceneQuery(term);
             return term;
         }
-        
+
         /**
          * Adds sort order to the SearchParameters.
          */
         protected void addSortOrder(Parameters parameters, Map<String, QName> sortParamsToQNames,
-            List<SortColumn> defaultSortCols, SearchParameters sp)
+                List<SortColumn> defaultSortCols, SearchParameters sp)
         {
             List<SortColumn> sortCols = getSorting(parameters, defaultSortCols);
             for (SortColumn sortCol : sortCols)
@@ -537,16 +523,16 @@ public class QueriesImpl implements Queries, InitializingBean
                 QName sortPropQName = sortParamsToQNames.get(sortCol.column);
                 if (sortPropQName == null)
                 {
-                    throw new InvalidArgumentException("Invalid sort field: "+sortCol.column);
+                    throw new InvalidArgumentException("Invalid sort field: " + sortCol.column);
                 }
-                sp.addSort("@" + sortPropQName,  sortCol.asc);
+                sp.addSort("@" + sortPropQName, sortCol.asc);
             }
         }
 
         private List<SortColumn> getSorting(Parameters parameters, List<SortColumn> defaultSortCols)
         {
             List<SortColumn> sortCols = parameters.getSorting();
-            if (sortCols == null || sortCols.size() == 0)
+            if (sortCols == null || sortCols.isEmpty())
             {
                 sortCols = defaultSortCols == null ? Collections.emptyList() : defaultSortCols;
             }
@@ -554,63 +540,66 @@ public class QueriesImpl implements Queries, InitializingBean
         }
 
         protected List<NodeRef> postQuerySort(Parameters parameters, Map<String, QName> sortParamsToQNames,
-            List<SortColumn> defaultSortCols, List<NodeRef> nodeRefs)
+                List<SortColumn> defaultSortCols, Set<NodeRef> unsortedNodeRefs)
         {
             final List<SortColumn> sortCols = getSorting(parameters, defaultSortCols);
             int sortColCount = sortCols.size();
-            if (sortColCount > 0)
-            {
-                // make copy of nodeRefs because it can be unmodifiable list.
-                nodeRefs = new ArrayList<NodeRef>(nodeRefs);
-                
-                List<QName> sortPropQNames = new ArrayList<>(sortColCount);
-                for (SortColumn sortCol : sortCols)
-                {
-                    QName sortPropQName = sortParamsToQNames.get(sortCol.column);
-                    if (sortPropQName == null)
-                    {
-                        throw new InvalidArgumentException("Invalid sort field: "+sortCol.column);
-                    }
-                    sortPropQNames.add(sortPropQName);
-                }
-                
-                final Collator col = AlfrescoCollator.getInstance(I18NUtil.getLocale());
-                Collections.sort(nodeRefs, new Comparator<NodeRef>()
-                {
-                    @Override
-                    public int compare(NodeRef n1, NodeRef n2)
-                    {
-                        int result = 0;
-                        for (int i=0; i<sortCols.size(); i++)
-                        {
-                            SortColumn sortCol = sortCols.get(i);
-                            QName sortPropQName = sortPropQNames.get(i);
-                            
-                            Serializable  p1 = getProperty(n1, sortPropQName);
-                            Serializable  p2 = getProperty(n2, sortPropQName);
 
-                            result = ((p1 instanceof Long) && (p2 instanceof Long)
-                                ? Long.compare((Long)p1, (Long)p2)
+            if (sortColCount == 0)
+            {
+                return new ArrayList<>(unsortedNodeRefs);
+            }
+
+            // make copy of nodeRefs because it can be unmodifiable list.
+            List<NodeRef> sortedNodeRefs = new ArrayList<>(unsortedNodeRefs);
+
+            List<QName> sortPropQNames = new ArrayList<>(sortColCount);
+            for (SortColumn sortCol : sortCols)
+            {
+                QName sortPropQName = sortParamsToQNames.get(sortCol.column);
+                if (sortPropQName == null)
+                {
+                    throw new InvalidArgumentException("Invalid sort field: " + sortCol.column);
+                }
+                sortPropQNames.add(sortPropQName);
+            }
+
+            final Collator col = AlfrescoCollator.getInstance(I18NUtil.getLocale());
+            Collections.sort(sortedNodeRefs, new Comparator<NodeRef>() {
+                @Override
+                public int compare(NodeRef n1, NodeRef n2)
+                {
+                    int result = 0;
+                    for (int i = 0; i < sortCols.size(); i++)
+                    {
+                        SortColumn sortCol = sortCols.get(i);
+                        QName sortPropQName = sortPropQNames.get(i);
+
+                        Serializable p1 = getProperty(n1, sortPropQName);
+                        Serializable p2 = getProperty(n2, sortPropQName);
+
+                        result = ((p1 instanceof Long) && (p2 instanceof Long)
+                                ? Long.compare((Long) p1, (Long) p2)
                                 : col.compare(p1.toString(), p2.toString()))
                                 * (sortCol.asc ? 1 : -1);
-                            
-                            if (result != 0)
-                            {
-                                break;
-                            }
+
+                        if (result != 0)
+                        {
+                            break;
                         }
-                        return result;
                     }
+                    return result;
+                }
 
-                    private Serializable getProperty(NodeRef nodeRef, QName sortPropQName)
-                    {
-                        Serializable result = nodeService.getProperty(nodeRef, sortPropQName);
-                        return result == null ? "" : result;
-                    }
+                private Serializable getProperty(NodeRef nodeRef, QName sortPropQName)
+                {
+                    Serializable result = nodeService.getProperty(nodeRef, sortPropQName);
+                    return result == null ? "" : result;
+                }
 
-                });
-            }
-            return nodeRefs;
+            });
+
+            return sortedNodeRefs;
         }
 
         // note: see also AbstractNodeRelation

remote-api/src/main/java/org/alfresco/rest/api/impl/validator/actions/ActionNodeParameterValidator.java

@@ -2,7 +2,7 @@
  * #%L
  * Alfresco Remote API
  * %%
- * Copyright (C) 2005 - 2022 Alfresco Software Limited
+ * Copyright (C) 2005 - 2025 Alfresco Software Limited
  * %%
  * This file is part of the Alfresco software.
  * If the software was purchased under a paid Alfresco license, the terms of
@@ -39,6 +39,9 @@ import java.util.Objects;
 import java.util.Set;
 import java.util.stream.Collectors;
 
+import org.apache.commons.collections.MapUtils;
+import org.apache.logging.log4j.util.Strings;
+
 import org.alfresco.repo.action.executer.CheckOutActionExecuter;
 import org.alfresco.repo.action.executer.CopyActionExecuter;
 import org.alfresco.repo.action.executer.ImageTransformActionExecuter;
@@ -58,8 +61,6 @@ import org.alfresco.rest.framework.core.exceptions.PermissionDeniedException;
 import org.alfresco.service.cmr.repository.NodeRef;
 import org.alfresco.service.cmr.security.PermissionService;
 import org.alfresco.service.namespace.NamespaceService;
-import org.apache.commons.collections.MapUtils;
-import org.apache.logging.log4j.util.Strings;
 
 /**
  * This class provides logic for validation of permissions for action parameters which reference node.
@@ -67,15 +68,14 @@ import org.apache.logging.log4j.util.Strings;
 public class ActionNodeParameterValidator implements ActionValidator
 {
     /**
-     * This list holds action parameter names which require only READ permission on a referenced node
-     * That means, all other parameters that reference nodes will require WRITE permission
+     * This list holds action parameter names which require only READ permission on a referenced node That means, all other parameters that reference nodes will require WRITE permission
      */
-    static final Map<String, List<String>> REQUIRE_READ_PERMISSION_PARAMS =
-            Map.of(LinkCategoryActionExecuter.NAME, List.of(LinkCategoryActionExecuter.PARAM_CATEGORY_VALUE));
+    static final Map<String, List<String>> REQUIRE_READ_PERMISSION_PARAMS = Map.of(LinkCategoryActionExecuter.NAME, List.of(LinkCategoryActionExecuter.PARAM_CATEGORY_VALUE));
 
     static final String NO_PROPER_PERMISSIONS_FOR_NODE = "No proper permissions for node: ";
     static final String NOT_A_CATEGORY = "Node is not a category ";
     static final String NOT_A_FOLDER = "Node is not a folder ";
+    static final String NO_LONGER_EXISTS = "%s having Id: %s no longer exists. Please update your rule definition.";
 
     private final Actions actions;
     private final NamespaceService namespaceService;
@@ -83,7 +83,7 @@ public class ActionNodeParameterValidator implements ActionValidator
     private final PermissionService permissionService;
 
     public ActionNodeParameterValidator(Actions actions, NamespaceService namespaceService, Nodes nodes,
-                                        PermissionService permissionService)
+            PermissionService permissionService)
     {
         this.actions = actions;
         this.namespaceService = namespaceService;
@@ -94,7 +94,8 @@ public class ActionNodeParameterValidator implements ActionValidator
     /**
      * Validates action parameters that reference nodes against access permissions for executing user.
      *
-     * @param action Action to be validated
+     * @param action
+     *            Action to be validated
      */
     @Override
     public void validate(Action action)
@@ -124,7 +125,7 @@ public class ActionNodeParameterValidator implements ActionValidator
     }
 
     private void validateNodes(final List<ActionDefinition.ParameterDefinition> nodeRefParamDefinitions,
-                               final Action action)
+            final Action action)
     {
         if (MapUtils.isNotEmpty(action.getParams()))
         {
@@ -132,7 +133,15 @@ public class ActionNodeParameterValidator implements ActionValidator
                     .filter(pd -> action.getParams().containsKey(pd.getName()))
                     .forEach(p -> {
                         final String nodeId = Objects.toString(action.getParams().get(p.getName()), Strings.EMPTY);
-                        final NodeRef nodeRef = nodes.validateNode(nodeId);
+                        NodeRef nodeRef;
+                        try
+                        {
+                            nodeRef = nodes.validateNode(nodeId);
+                        }
+                        catch (EntityNotFoundException e)
+                        {
+                            throw new EntityNotFoundException(String.format(NO_LONGER_EXISTS, p.getDisplayLabel(), nodeId), e);
+                        }
                         validatePermission(action.getActionDefinitionId(), p.getName(), nodeRef);
                         validateType(action.getActionDefinitionId(), nodeRef);
                     });
@@ -163,7 +172,8 @@ public class ActionNodeParameterValidator implements ActionValidator
             {
                 throw new InvalidArgumentException(NOT_A_FOLDER + nodeRef.getId());
             }
-        } else if (!nodes.nodeMatches(nodeRef, Set.of(TYPE_CATEGORY), Collections.emptySet()))
+        }
+        else if (!nodes.nodeMatches(nodeRef, Set.of(TYPE_CATEGORY), Collections.emptySet()))
         {
             throw new InvalidArgumentException(NOT_A_CATEGORY + nodeRef.getId());
         }

remote-api/src/main/resources/alfresco/messages/admin-console.properties

@@ -1,7 +1,7 @@
 # I18N messages for the Repository Admin Console
 admin-console.header=Admin Console
 admin-console.help=Help
-admin-console.help-link=http://docs.alfresco.com/{0}/concepts/ch-administering.html
+admin-console.help-link=https://support.hyland.com/p/alfresco
 admin-console.success=Successfully saved values.
 
 admin-console.host=Host

remote-api/src/main/resources/alfresco/messages/admin-console_cs.properties

@@ -1,7 +1,7 @@
 # I18N messages for the Repository Admin Console
 admin-console.header=Konzole pro spr\u00e1vce
 admin-console.help=N\u00e1pov\u011bda
-admin-console.help-link=http://docs.alfresco.com/{0}/concepts/ch-administering.html
+admin-console.help-link=https://support.hyland.com/p/alfresco
 admin-console.success=Hodnoty byly \u00fasp\u011b\u0161n\u011b ulo\u017eeny.
 
 admin-console.host=Hostitel

remote-api/src/main/resources/alfresco/messages/admin-console_da.properties

@@ -1,7 +1,7 @@
 # I18N messages for the Repository Admin Console
 admin-console.header=Administrationskonsol
 admin-console.help=Hj\u00e6lp
-admin-console.help-link=http://docs.alfresco.com/{0}/concepts/ch-administering.html
+admin-console.help-link=https://support.hyland.com/p/alfresco
 admin-console.success=V\u00e6rdierne blev gemt.
 
 admin-console.host=V\u00e6rt

remote-api/src/main/resources/alfresco/messages/admin-console_de.properties

@@ -1,7 +1,7 @@
 # I18N messages for the Repository Admin Console
 admin-console.header=Administratorkonsole
 admin-console.help=Hilfe
-admin-console.help-link=http://docs.alfresco.com/{0}/concepts/ch-administering.html
+admin-console.help-link=https://support.hyland.com/p/alfresco
 admin-console.success=Erfolgreich gespeicherte Werte.
 
 admin-console.host=Host

remote-api/src/main/resources/alfresco/messages/admin-console_es.properties

@@ -1,7 +1,7 @@
 # I18N messages for the Repository Admin Console
 admin-console.header=Consola de administraci\u00f3n
 admin-console.help=Ayuda
-admin-console.help-link=http://docs.alfresco.com/{0}/concepts/ch-administering.html
+admin-console.help-link=https://support.hyland.com/p/alfresco
 admin-console.success=Valores guardados correctamente.
 
 admin-console.host=Host

remote-api/src/main/resources/alfresco/messages/admin-console_fi.properties

@@ -1,7 +1,7 @@
 # I18N messages for the Repository Admin Console
 admin-console.header=Hallintakonsoli
 admin-console.help=Ohje
-admin-console.help-link=http://docs.alfresco.com/{0}/concepts/ch-administering.html
+admin-console.help-link=https://support.hyland.com/p/alfresco
 admin-console.success=Arvot tallennettiin.
 
 admin-console.host=Is\u00e4nt\u00e4

remote-api/src/main/resources/alfresco/messages/admin-console_fr.properties

@@ -1,7 +1,7 @@
 # I18N messages for the Repository Admin Console
 admin-console.header=Console d'administration
 admin-console.help=Aide
-admin-console.help-link=http://docs.alfresco.com/{0}/concepts/ch-administering.html
+admin-console.help-link=https://support.hyland.com/p/alfresco
 admin-console.success=Les valeurs ont bien \u00e9t\u00e9 enregistr\u00e9es.
 
 admin-console.host=H\u00f4te

remote-api/src/main/resources/alfresco/messages/admin-console_it.properties

@@ -1,7 +1,7 @@
 # I18N messages for the Repository Admin Console
 admin-console.header=Console di amministrazione
 admin-console.help=Aiuto
-admin-console.help-link=http://docs.alfresco.com/{0}/concepts/ch-administering.html
+admin-console.help-link=https://support.hyland.com/p/alfresco
 admin-console.success=I valori sono stati salvati.
 
 admin-console.host=Host

remote-api/src/main/resources/alfresco/messages/admin-console_ja.properties

@@ -1,7 +1,7 @@
 # I18N messages for the Repository Admin Console
 admin-console.header=\u7ba1\u7406\u30b3\u30f3\u30bd\u30fc\u30eb
 admin-console.help=\u30d8\u30eb\u30d7
-admin-console.help-link=http://docs.alfresco.com/{0}/concepts/ch-administering.html
+admin-console.help-link=https://support.hyland.com/p/alfresco
 admin-console.success=\u5024\u3092\u6b63\u5e38\u306b\u4fdd\u5b58\u3057\u307e\u3057\u305f\u3002
 
 admin-console.host=\u30db\u30b9\u30c8

remote-api/src/main/resources/alfresco/messages/admin-console_nb.properties

@@ -1,7 +1,7 @@
 # I18N messages for the Repository Admin Console
 admin-console.header=Admin-konsoll
 admin-console.help=Hjelp
-admin-console.help-link=http://docs.alfresco.com/{0}/concepts/ch-administering.html
+admin-console.help-link=https://support.hyland.com/p/alfresco
 admin-console.success=Verdier som ble lagret.
 
 admin-console.host=Vert

remote-api/src/main/resources/alfresco/messages/admin-console_nl.properties

@@ -1,7 +1,7 @@
 # I18N messages for the Repository Admin Console
 admin-console.header=Beheerconsole
 admin-console.help=Help
-admin-console.help-link=http://docs.alfresco.com/{0}/concepts/ch-administering.html
+admin-console.help-link=https://support.hyland.com/p/alfresco
 admin-console.success=Waarden zijn opgeslagen.
 
 admin-console.host=Host

remote-api/src/main/resources/alfresco/messages/admin-console_pl.properties

@@ -1,7 +1,7 @@
 # I18N messages for the Repository Admin Console
 admin-console.header=Konsola administracyjna
 admin-console.help=Pomoc
-admin-console.help-link=http://docs.alfresco.com/{0}/concepts/ch-administering.html
+admin-console.help-link=https://support.hyland.com/p/alfresco
 admin-console.success=Warto\u015bci zosta\u0142y zapisane pomy\u015blnie.
 
 admin-console.host=Host

remote-api/src/main/resources/alfresco/messages/admin-console_pt_BR.properties

@@ -1,7 +1,7 @@
 # I18N messages for the Repository Admin Console
 admin-console.header=Console de administra\u00e7\u00e3o
 admin-console.help=Ajuda
-admin-console.help-link=http://docs.alfresco.com/{0}/concepts/ch-administering.html
+admin-console.help-link=https://support.hyland.com/p/alfresco
 admin-console.success=Valores salvos com sucesso.
 
 admin-console.host=Host

remote-api/src/main/resources/alfresco/messages/admin-console_ru.properties

@@ -1,7 +1,7 @@
 # I18N messages for the Repository Admin Console
 admin-console.header=\u041a\u043e\u043d\u0441\u043e\u043b\u044c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430
 admin-console.help=\u0421\u043f\u0440\u0430\u0432\u043a\u0430
-admin-console.help-link=http://docs.alfresco.com/{0}/concepts/ch-administering.html
+admin-console.help-link=https://support.hyland.com/p/alfresco
 admin-console.success=\u0423\u0441\u043f\u0435\u0448\u043d\u043e \u0441\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u0435 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f.
 
 admin-console.host=\u0425\u043e\u0441\u0442

remote-api/src/main/resources/alfresco/messages/admin-console_sv.properties

@@ -1,7 +1,7 @@
 # I18N messages for the Repository Admin Console
 admin-console.header=Admin-konsol
 admin-console.help=Hj\u00e4lp
-admin-console.help-link=http://docs.alfresco.com/{0}/concepts/ch-administering.html
+admin-console.help-link=https://support.hyland.com/p/alfresco
 admin-console.success=V\u00e4rden sparades.
 
 admin-console.host=V\u00e4rd

remote-api/src/main/resources/alfresco/messages/admin-console_zh_CN.properties

@@ -1,7 +1,7 @@
 # I18N messages for the Repository Admin Console
 admin-console.header=\u7ba1\u7406\u63a7\u5236\u53f0
 admin-console.help=\u5e2e\u52a9
-admin-console.help-link=http://docs.alfresco.com/{0}/concepts/ch-administering.html
+admin-console.help-link=https://support.hyland.com/p/alfresco
 admin-console.success=\u5df2\u6210\u529f\u4fdd\u5b58\u7684\u503c\u3002
 
 admin-console.host=\u4e3b\u673a

remote-api/src/main/resources/alfresco/templates/webscripts/org/alfresco/calendar/feed.get.desc.xml

@@ -5,4 +5,4 @@
    <authentication>guest</authentication>
    <transaction allow="readonly">required</transaction>
    <lifecycle>internal</lifecycle>
-</webscript>
+</webscript>

remote-api/src/main/resources/alfresco/templates/webscripts/org/alfresco/repository/admin/admin-template.ftl

@@ -12,9 +12,9 @@
 <#macro page title readonly=false controller=DEFAULT_CONTROLLER!"/admin" params="" dialog=false>
 <#assign FORM_ID="admin-jmx-form" />
 <#if server.edition == "Community">
-    <#assign docsEdition = "community" />
+    <#assign docsEdition = "/Alfresco-Content-Services-Community-Edition/" + server.getVersionMajor() + "." + server.getVersionMinor() + "/Alfresco-Content-Services-Community-Edition" />
 <#elseif server.edition == "Enterprise" >
-    <#assign docsEdition = server.getVersionMajor() + "." + server.getVersionMinor() />
+    <#assign docsEdition = "/Alfresco-Content-Services/" + server.getVersionMajor() + "." + server.getVersionMinor() + "/Alfresco-Content-Services" />
 </#if>
 <#if metadata??>
 <#assign HOSTNAME>${msg("admin-console.host")}: ${metadata.hostname}</#assign>
@@ -551,7 +551,7 @@ Admin.addEventListener(window, 'load', function() {
        Template for a full page view
    -->
    <div class="sticky-wrapper">
-      
+
       <div class="header">
          <span><a href="${url.serviceContext}${DEFAULT_CONTROLLER!"/admin"}">${msg("admin-console.header")}</a></span><#if metadata??><span class="meta">${HOSTNAME}</span><span class="meta">${HOSTADDR}</span></#if>
          <div style="float:right"><a href="${msg("admin-console.help-link", docsEdition)}" target="_blank">${msg("admin-console.help")}</a></div>
@@ -908,4 +908,4 @@ Admin.addEventListener(window, 'load', function() {
 <#macro button label description="" onclick="" style="" id="" class="" disabled="false">
    <input class="<#if class?has_content>${class?html}<#else>inline</#if>" <#if id?has_content>id="${id?html}"</#if> <#if style?has_content>style="${style?html}"</#if> type="button" value="${label?html}" onclick="${onclick?html}" <#if disabled="true">disabled="true"</#if> />
    <#if description?has_content><span class="description">${description?html}</span></#if>
-</#macro>
+</#macro>

remote-api/src/main/resources/alfresco/templates/webscripts/org/alfresco/repository/forms/pickerresults.lib.ftl

@@ -40,6 +40,7 @@
 		"items":
 		[
 		<#list results as row>
+			<#if row.item.hasPermission("Read")>
 			{
 				"type": "${row.item.typeShort}",
 				"parentType": "${row.item.parentTypeShort!""}",
@@ -75,6 +76,7 @@
 				"nodeRef": "${row.item.nodeRef}"<#if row.selectable?exists>,
 				"selectable" : ${row.selectable?string}</#if>
 			}<#if row_has_next>,</#if>
+			</#if>
 		</#list>
 		]
 	}

remote-api/src/main/resources/alfresco/web-scripts-application-context.xml

@@ -214,9 +214,13 @@
       <property name="authenticationListener" ref="webScriptAuthenticationListener"/>
       <property name="remoteUserMapper" ref="RemoteUserMapper" />
       <property name="adminConsoleAuthenticator" ref="AdminConsoleAuthenticator" />
+       <property name="webScriptsHomeAuthenticator" ref="WebScriptsHomeAuthenticator" />
       <property name="alwaysAllowBasicAuthForAdminConsole">
          <value>${authentication.alwaysAllowBasicAuthForAdminConsole.enabled}</value>
       </property>
+       <property name="alwaysAllowBasicAuthForWebScriptsHome">
+           <value>${authentication.alwaysAllowBasicAuthForWebScriptsHome.enabled}</value>
+       </property>
       <property name="getRemoteUserTimeoutMilliseconds">
          <value>${authentication.getRemoteUserTimeoutMilliseconds}</value>
       </property>

remote-api/src/test/java/org/alfresco/rest/api/tests/QueriesSitesApiTest.java

@@ -25,6 +25,20 @@
  */
 package org.alfresco.rest.api.tests;
 
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
+import static org.mockito.Mockito.times;
+import static org.mockito.Mockito.verify;
+
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.mockito.ArgumentCaptor;
+
 import org.alfresco.repo.security.authentication.AuthenticationUtil;
 import org.alfresco.rest.AbstractSingleNetworkSiteTest;
 import org.alfresco.rest.api.Queries;
@@ -36,27 +50,12 @@ import org.alfresco.service.cmr.repository.NodeRef;
 import org.alfresco.service.cmr.search.SearchParameters;
 import org.alfresco.service.cmr.site.SiteService;
 import org.alfresco.service.cmr.site.SiteVisibility;
-import org.alfresco.util.testing.category.LuceneTests;
-import org.junit.Before;
-import org.junit.Test;
-import org.junit.experimental.categories.Category;
-import org.mockito.ArgumentCaptor;
-
-import java.util.ArrayList;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-import static org.mockito.Mockito.times;
-import static org.mockito.Mockito.verify;
 
 /**
-* V1 REST API tests for pre-defined 'live' search Queries on Sites
+ * V1 REST API tests for pre-defined 'live' search Queries on Sites
  * 
  * <ul>
- * <li> {@literal <host>:<port>/alfresco/api/<networkId>/public/alfresco/versions/1/queries/sites} </li>
+ * <li>{@literal <host>:<port>/alfresco/api/<networkId>/public/alfresco/versions/1/queries/sites}</li>
  * </ul>
  *
  * @author janv
@@ -64,7 +63,7 @@ import static org.mockito.Mockito.verify;
 public class QueriesSitesApiTest extends AbstractSingleNetworkSiteTest
 {
     private static final String URL_QUERIES_LSS = "queries/sites";
-    
+
     private SiteService siteService;
 
     @Before
@@ -72,7 +71,7 @@ public class QueriesSitesApiTest extends AbstractSingleNetworkSiteTest
     public void setup() throws Exception
     {
         super.setup();
-        siteService = (SiteService)applicationContext.getBean("SiteService");
+        siteService = (SiteService) applicationContext.getBean("SiteService");
     }
 
     // Note expectedIds defaults to ids
@@ -86,7 +85,7 @@ public class QueriesSitesApiTest extends AbstractSingleNetworkSiteTest
         }
 
         dummySearchServiceQueryNodeRefs.clear();
-        for (String id: ids)
+        for (String id : ids)
         {
             NodeRef nodeRef = getNodeRef(id);
             dummySearchServiceQueryNodeRefs.add(nodeRef);
@@ -98,7 +97,7 @@ public class QueriesSitesApiTest extends AbstractSingleNetworkSiteTest
         if (expectedStatus == 200)
         {
             String termWithEscapedAsterisks = term.replaceAll("\\*", "\\\\*");
-            String expectedQuery = "TYPE:\"{http://www.alfresco.org/model/site/1.0}site\" AND (\"*"+ termWithEscapedAsterisks +"*\")";
+            String expectedQuery = "TYPE:\"{http://www.alfresco.org/model/site/1.0}site\" AND (\"*" + termWithEscapedAsterisks + "*\")";
             ArgumentCaptor<SearchParameters> searchParametersCaptor = ArgumentCaptor.forClass(SearchParameters.class);
             verify(mockSearchService, times(++callCountToMockSearchService)).query(searchParametersCaptor.capture());
             SearchParameters parameters = searchParametersCaptor.getValue();
@@ -109,30 +108,32 @@ public class QueriesSitesApiTest extends AbstractSingleNetworkSiteTest
 
             if (orderBy != null)
             {
-                for (int i=0; i<expectedIds.length; i++)
+                for (int i = 0; i < expectedIds.length; i++)
                 {
                     String id = expectedIds[i];
                     String actualId = sites.get(i).getId();
-                    assertEquals("Order "+i+":", id, actualId);
+                    assertEquals("Order " + i + ":", id, actualId);
                 }
             }
         }
     }
 
-   /**
+    /**
      * Tests basic api for nodes live search sites - metadata (id, title, description)
      *
-     * <p>GET:</p>
+     * <p>
+     * GET:
+     * </p>
      * {@literal <host>:<port>/alfresco/api/<networkId>/public/alfresco/versions/1/queries/sites}
      */
     @Test
     public void testLiveSearchSites() throws Exception
     {
         setRequestContext(user1);
-        
+        AuthenticationUtil.setFullyAuthenticatedUser(user1);
         int sCount = 5;
         assertTrue(sCount > 4); // as relied on by test below
-        
+
         List<String> siteIds = new ArrayList<>(sCount);
 
         try
@@ -149,14 +150,14 @@ public class QueriesSitesApiTest extends AbstractSingleNetworkSiteTest
             String siteD = "siteD";
 
             int charValue = siteI.charAt(0);
-            
+
             // create some some sites with site id: ab00001, abc00002, abcd00003, abcde00004, abcdef00005 (and some specific titles and descriptions)
             for (int i = 1; i <= sCount; i++)
             {
                 String num = String.format("%05d", i);
 
-                charValue = charValue+1;
-                siteI = siteI + String.valueOf((char)charValue);
+                charValue = charValue + 1;
+                siteI = siteI + String.valueOf((char) charValue);
 
                 String siteId = siteI + num + RUNID;
                 String siteTitle = siteT + num + siteT;
@@ -220,7 +221,7 @@ public class QueriesSitesApiTest extends AbstractSingleNetworkSiteTest
         {
             // some cleanup
             setRequestContext(user1);
-            
+
             for (String siteId : siteIds)
             {
                 deleteSite(siteId, true, 204);
@@ -230,14 +231,20 @@ public class QueriesSitesApiTest extends AbstractSingleNetworkSiteTest
 
     private NodeRef getNodeRef(String createdSiteId)
     {
-        AuthenticationUtil.setFullyAuthenticatedUser(user1);
+        // Created sites do not return NodeRefs to the caller so we need to get the NodeRef from the siteService.
+        // Temporarily as admin we will get NodeRefs to handle ACL authorization.
+        String userUnderTest = AuthenticationUtil.getFullyAuthenticatedUser();
+        AuthenticationUtil.setFullyAuthenticatedUser(DEFAULT_ADMIN);
+
         // The following call to siteService.getSite(createdSiteId).getNodeRef() returns a NodeRef like:
-        //    workspace://SpacesStore/9db76769-96de-4de4-bdb4-a127130af362
+        // workspace://SpacesStore/9db76769-96de-4de4-bdb4-a127130af362
         // We call tenantService.getName(nodeRef) to get a fully qualified NodeRef as Solr returns this.
         // They look like:
-        //    workspace://@org.alfresco.rest.api.tests.queriespeopleapitest@SpacesStore/9db76769-96de-4de4-bdb4-a127130af362
+        // workspace://@org.alfresco.rest.api.tests.queriespeopleapitest@SpacesStore/9db76769-96de-4de4-bdb4-a127130af362
         NodeRef nodeRef = siteService.getSite(createdSiteId).getNodeRef();
         nodeRef = tenantService.getName(nodeRef);
+
+        AuthenticationUtil.setFullyAuthenticatedUser(userUnderTest);
         return nodeRef;
     }
 
@@ -245,7 +252,7 @@ public class QueriesSitesApiTest extends AbstractSingleNetworkSiteTest
     public void testLiveSearchSites_SortPage() throws Exception
     {
         setRequestContext(user1);
-        
+        AuthenticationUtil.setFullyAuthenticatedUser(user1);
         List<String> siteIds = new ArrayList<>(5);
 
         try
@@ -253,14 +260,14 @@ public class QueriesSitesApiTest extends AbstractSingleNetworkSiteTest
             // As user 1 ...
 
             Paging paging = getPaging(0, 100);
-            
+
             // create site
-            String s1 = createSite("siABCDEF"+RUNID, "ABCDEF DEF", "sdABCDEF", SiteVisibility.PRIVATE, 201).getId();
-            String s2 = createSite("siABCD"+RUNID, "ABCD DEF", "sdABCD", SiteVisibility.PRIVATE, 201).getId();
-            String s3 = createSite("siABCDE"+RUNID, "ABCDE DEF", "sdABCDE", SiteVisibility.PRIVATE, 201).getId();
-            String s4 = createSite("siAB"+RUNID, "AB DEF", "sdAB", SiteVisibility.PRIVATE, 201).getId();
-            String s5 = createSite("siABC"+RUNID, "ABC DEF", "sdABC", SiteVisibility.PRIVATE, 201).getId();
-            
+            String s1 = createSite("siABCDEF" + RUNID, "ABCDEF DEF", "sdABCDEF", SiteVisibility.PRIVATE, 201).getId();
+            String s2 = createSite("siABCD" + RUNID, "ABCD DEF", "sdABCD", SiteVisibility.PRIVATE, 201).getId();
+            String s3 = createSite("siABCDE" + RUNID, "ABCDE DEF", "sdABCDE", SiteVisibility.PRIVATE, 201).getId();
+            String s4 = createSite("siAB" + RUNID, "AB DEF", "sdAB", SiteVisibility.PRIVATE, 201).getId();
+            String s5 = createSite("siABC" + RUNID, "ABC DEF", "sdABC", SiteVisibility.PRIVATE, 201).getId();
+
             // test sort order
             {
                 // default sort order - title asc
@@ -276,11 +283,11 @@ public class QueriesSitesApiTest extends AbstractSingleNetworkSiteTest
             // basic paging tests
             {
                 // sort order - title desc
-                checkApiCall("siAB", "title desc", getPaging(0, 2), 200, new String[] {s1, s3}, s1, s3, s2, s5, s4);
-                checkApiCall("siAB", "title desc", getPaging(2, 2), 200, new String[] {s2, s5}, s1, s3, s2, s5, s4);
-                checkApiCall("siAB", "title desc", getPaging(4, 2), 200, new String[] {s4}, s1, s3, s2, s5, s4);
+                checkApiCall("siAB", "title desc", getPaging(0, 2), 200, new String[]{s1, s3}, s1, s3, s2, s5, s4);
+                checkApiCall("siAB", "title desc", getPaging(2, 2), 200, new String[]{s2, s5}, s1, s3, s2, s5, s4);
+                checkApiCall("siAB", "title desc", getPaging(4, 2), 200, new String[]{s4}, s1, s3, s2, s5, s4);
             }
-            
+
             // -ve tests
             {
                 // -ve test - invalid sort field
@@ -304,7 +311,52 @@ public class QueriesSitesApiTest extends AbstractSingleNetworkSiteTest
             }
         }
     }
-    
+
+    /**
+     * If the search service do not support ACL filtering, then the Queries API should handle the response to exclude private sites and potential unauthorized error when building response.
+     */
+    @Test
+    public void testLiveSearchExcludesPrivateSites() throws Exception
+    {
+        String publicSiteId = null;
+        String privateSiteId = null;
+        try
+        {
+            // given
+            setRequestContext(null, DEFAULT_ADMIN, DEFAULT_ADMIN_PWD);
+            createUser("bartender");
+
+            publicSiteId = createSite("samePrefixPublicSite", "samePrefixPublicSite", "Visible to all users", SiteVisibility.PUBLIC, 201).getId();
+            privateSiteId = createSite("samePrefixPrivateSite", "samePrefixPrivateSite", "Hidden from bartender", SiteVisibility.PRIVATE, 201).getId();
+
+            String[] searchResults = {publicSiteId, privateSiteId};
+            String[] expectedSites = {publicSiteId};
+
+            // when
+            setRequestContext(null, "bartender", "password");
+            AuthenticationUtil.setFullyAuthenticatedUser("bartender");
+
+            // then
+            checkApiCall("samePrefix", null, getPaging(0, 100), 200, expectedSites, searchResults);
+        }
+        finally
+        {
+            // cleanup
+            AuthenticationUtil.setFullyAuthenticatedUser(DEFAULT_ADMIN);
+            setRequestContext(null, DEFAULT_ADMIN, DEFAULT_ADMIN_PWD);
+            if (publicSiteId != null)
+            {
+                deleteSite(publicSiteId, true, 204);
+            }
+            if (privateSiteId != null)
+            {
+                deleteSite(privateSiteId, true, 204);
+            }
+            deleteUser("bartender", null);
+        }
+
+    }
+
     @Override
     public String getScope()
     {

remote-api/src/test/java/org/alfresco/rest/test/workflow/api/impl/ProcessesImplTest.java

@@ -2,7 +2,7 @@
  * #%L
  * Alfresco Remote API
  * %%
- * Copyright (C) 2005 - 2023 Alfresco Software Limited
+ * Copyright (C) 2005 - 2025 Alfresco Software Limited
  * %%
  * This file is part of the Alfresco software. 
  * If the software was purchased under a paid Alfresco license, the terms of 
@@ -212,7 +212,7 @@ public class ProcessesImplTest extends TestCase implements RecognizedParamsExtra
     {
         // the tests are always run on PostgreSQL only
 //        Dialect dialect = (Dialect) applicationContext.getBean("dialect");
-//        if (dialect instanceof AlfrescoSQLServerDialect)
+//        if (dialect instanceof SQLServerDialect)
 //        {
             // REPO-1104: we do not run this test on MS SQL server because it will fail 
             // until the Activiti defect related to REPO-1104 will be fixed

repository/docs/identity-provider/authentication/README.md

@@ -27,7 +27,7 @@ to integrate with a number of external Authentication providers including
   * https://github.com/Alfresco/alfresco-data-model/tree/master/src/main/java/org/alfresco/repo/security/authentication
 * License: LGPL
 * Issue Tracker Link: https://issues.alfresco.com/jira/issues/?jql=project%3DREPO
-* Documentation Link: http://docs.alfresco.com/5.2/concepts/auth-intro.html
+* Documentation Link: https://support.hyland.com/r/Alfresco/Alfresco-Content-Services-Community-Edition/23.4/Alfresco-Content-Services-Community-Edition/Administer/Manage-Security/Authentication-and-sync
 * Contribution Model: Alfresco Open Source
 ***
 

repository/docs/meta-data-services/versions/README.md

@@ -16,7 +16,7 @@
 * Source Code Link:m https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/
 * License: LGPL
 * Issue Tracker Link: https://issues.alfresco.com/jira/secure/RapidBoard.jspa?projectKey=REPO&useStoredSettings=true&rapidView=379
-* Documentation Link: http://docs.alfresco.com/5.1/concepts/versioning.html
+* Documentation Link: https://support.hyland.com/r/Alfresco/Alfresco-Content-Services/23.4/Alfresco-Content-Services/Configure/Repository/About-Versioning
 * Contribution Model: Alfresco publishes the source code and will review proposed patch requests
 ***
 

repository/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo</artifactId>
-        <version>23.5.0.1</version>
+        <version>23.6.0.18</version>
     </parent>
 
     <dependencies>
@@ -85,7 +85,7 @@
         </dependency>
         <dependency>
             <groupId>org.apache.commons</groupId>
-            <artifactId>commons-fileupload2-jakarta</artifactId>
+            <artifactId>commons-fileupload2-jakarta-servlet6</artifactId>
         </dependency>
         <dependency>
             <groupId>org.apache.commons</groupId>
@@ -94,7 +94,6 @@
         <dependency>
             <groupId>org.apache.commons</groupId>
             <artifactId>commons-lang3</artifactId>
-            <version>3.17.0</version>
         </dependency>
         <dependency>
             <groupId>commons-codec</groupId>
@@ -742,10 +741,6 @@
             <artifactId>reflections</artifactId>
             <scope>test</scope>
         </dependency>
-        <dependency>
-            <groupId>commons-lang</groupId>
-            <artifactId>commons-lang</artifactId>
-        </dependency>
     </dependencies>
 
     <build>

repository/src/main/java/org/alfresco/repo/action/executer/AddFeaturesActionExecuter.java

@@ -2,93 +2,96 @@
  * #%L
  * Alfresco Repository
  * %%
- * Copyright (C) 2005 - 2016 Alfresco Software Limited
+ * Copyright (C) 2005 - 2025 Alfresco Software Limited
  * %%
- * This file is part of the Alfresco software. 
- * If the software was purchased under a paid Alfresco license, the terms of 
- * the paid license agreement will prevail.  Otherwise, the software is 
+ * This file is part of the Alfresco software.
+ * If the software was purchased under a paid Alfresco license, the terms of
+ * the paid license agreement will prevail.  Otherwise, the software is
  * provided under the following open source license terms:
- * 
+ *
  * Alfresco is free software: you can redistribute it and/or modify
  * it under the terms of the GNU Lesser General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.
- * 
+ *
  * Alfresco is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU Lesser General Public License for more details.
- * 
+ *
  * You should have received a copy of the GNU Lesser General Public License
  * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
  * #L%
  */
-package org.alfresco.repo.action.executer;
-
-import java.io.Serializable;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
-import org.alfresco.repo.action.ParameterDefinitionImpl;
-import org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback;
-import org.alfresco.service.cmr.action.Action;
-import org.alfresco.service.cmr.action.ParameterDefinition;
-import org.alfresco.service.cmr.dictionary.DataTypeDefinition;
-import org.alfresco.service.cmr.repository.NodeRef;
-import org.alfresco.service.cmr.repository.NodeService;
-import org.alfresco.service.namespace.QName;
-import org.alfresco.service.transaction.TransactionService;
-
-/**
- * Add features action executor implementation.
- * 
- * @author Roy Wetherall
- */
-public class AddFeaturesActionExecuter extends ActionExecuterAbstractBase
-{
-    /**
-     * Action constants
-     */
-    public static final String NAME = "add-features";
-    public static final String PARAM_ASPECT_NAME = "aspect-name";
-    public static final String PARAM_CONSTRAINT = "ac-aspects";
-    
-    /**
-     * The node service
-     */
-    private NodeService nodeService;
-    
-    /** Transaction Service, used for retrying operations */
-    private TransactionService transactionService;
-    
-    /**
-     * Set the node service
-     * 
-     * @param nodeService  the node service 
-     */
-    public void setNodeService(NodeService nodeService) 
-    {
-        this.nodeService = nodeService;
-    }
-    
-    /**
-     * Set the transaction service
-     * 
-     * @param transactionService    the transaction service
-     */
-    public void setTransactionService(TransactionService transactionService)
-    {
-        this.transactionService = transactionService;
-    }
-    
-    /**
-     * Adhoc properties are allowed for this executor
-     */
-    @Override
-    protected boolean getAdhocPropertiesAllowed()
-    {
-        return true;
+package org.alfresco.repo.action.executer;
+
+import java.io.Serializable;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import org.alfresco.repo.action.ParameterDefinitionImpl;
+import org.alfresco.repo.action.access.ActionAccessRestriction;
+import org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback;
+import org.alfresco.service.cmr.action.Action;
+import org.alfresco.service.cmr.action.ParameterDefinition;
+import org.alfresco.service.cmr.dictionary.DataTypeDefinition;
+import org.alfresco.service.cmr.repository.NodeRef;
+import org.alfresco.service.cmr.repository.NodeService;
+import org.alfresco.service.namespace.QName;
+import org.alfresco.service.transaction.TransactionService;
+
+/**
+ * Add features action executor implementation.
+ *
+ * @author Roy Wetherall
+ */
+public class AddFeaturesActionExecuter extends ActionExecuterAbstractBase
+{
+    /**
+     * Action constants
+     */
+    public static final String NAME = "add-features";
+    public static final String PARAM_ASPECT_NAME = "aspect-name";
+    public static final String PARAM_CONSTRAINT = "ac-aspects";
+
+    /**
+     * The node service
+     */
+    private NodeService nodeService;
+
+    /** Transaction Service, used for retrying operations */
+    private TransactionService transactionService;
+
+    /**
+     * Set the node service
+     *
+     * @param nodeService
+     *            the node service
+     */
+    public void setNodeService(NodeService nodeService)
+    {
+        this.nodeService = nodeService;
+    }
+
+    /**
+     * Set the transaction service
+     *
+     * @param transactionService
+     *            the transaction service
+     */
+    public void setTransactionService(TransactionService transactionService)
+    {
+        this.transactionService = transactionService;
+    }
+
+    /**
+     * Adhoc properties are allowed for this executor
+     */
+    @Override
+    protected boolean getAdhocPropertiesAllowed()
+    {
+        return true;
     }
 
     /**
@@ -96,55 +99,61 @@ public class AddFeaturesActionExecuter extends ActionExecuterAbstractBase
      */
     public void executeImpl(final Action ruleAction, final NodeRef actionedUponNodeRef)
     {
-        if (this.nodeService.exists(actionedUponNodeRef))
-        {
-           transactionService.getRetryingTransactionHelper().doInTransaction(
-              new RetryingTransactionCallback<Void>()
-              {
-                 public Void execute() throws Throwable
-                 {
-                     Map<QName, Serializable> properties = new HashMap<QName, Serializable>();
-                     QName aspectQName = null;
-
-                     if(! nodeService.exists(actionedUponNodeRef))
-                     {
-                         // Node has gone away, skip
-                         return null;
-                     }
-
-                     // Build the aspect details
-                     Map<String, Serializable> paramValues = ruleAction.getParameterValues();
-                     for (Map.Entry<String, Serializable> entry : paramValues.entrySet())
-                     {
-                         if (entry.getKey().equals(PARAM_ASPECT_NAME) == true)
-                         {
-                             aspectQName = (QName)entry.getValue();
-                         }
-                         else
-                         {
-                             // Must be an adhoc property
-                             QName propertyQName = QName.createQName(entry.getKey());
-                             Serializable propertyValue = entry.getValue();
-                             properties.put(propertyQName, propertyValue);
-                         }
-                     }
-
-                     // Add the aspect
-                     nodeService.addAspect(actionedUponNodeRef, aspectQName, properties);
-                     return null;
-                 }
-              }
-           );
-        }
-    }
-
-    /**
-     * @see org.alfresco.repo.action.ParameterizedItemAbstractBase#addParameterDefinitions(java.util.List)
-     */
-    @Override
-    protected void addParameterDefinitions(List<ParameterDefinition> paramList) 
-    {
-        paramList.add(new ParameterDefinitionImpl(PARAM_ASPECT_NAME, DataTypeDefinition.QNAME, true, getParamDisplayLabel(PARAM_ASPECT_NAME), false, "ac-aspects"));
-    }
-
-}
+        if (this.nodeService.exists(actionedUponNodeRef))
+        {
+            transactionService.getRetryingTransactionHelper().doInTransaction(
+                    new RetryingTransactionCallback<Void>() {
+                        public Void execute() throws Throwable
+                        {
+                            Map<QName, Serializable> properties = new HashMap<QName, Serializable>();
+                            QName aspectQName = null;
+
+                            if (!nodeService.exists(actionedUponNodeRef))
+                            {
+                                // Node has gone away, skip
+                                return null;
+                            }
+
+                            // Build the aspect details
+                            Map<String, Serializable> paramValues = ruleAction.getParameterValues();
+                            removeActionContextParameter(paramValues);
+                            for (Map.Entry<String, Serializable> entry : paramValues.entrySet())
+                            {
+                                if (entry.getKey().equals(PARAM_ASPECT_NAME) == true)
+                                {
+                                    aspectQName = (QName) entry.getValue();
+                                }
+                                else
+                                {
+                                    // Must be an adhoc property
+                                    QName propertyQName = QName.createQName(entry.getKey());
+                                    Serializable propertyValue = entry.getValue();
+                                    properties.put(propertyQName, propertyValue);
+                                }
+                            }
+
+                            // Add the aspect
+                            nodeService.addAspect(actionedUponNodeRef, aspectQName, properties);
+                            return null;
+                        }
+                    });
+        }
+    }
+
+    /**
+     * @see org.alfresco.repo.action.ParameterizedItemAbstractBase#addParameterDefinitions(java.util.List)
+     */
+    @Override
+    protected void addParameterDefinitions(List<ParameterDefinition> paramList)
+    {
+        paramList.add(new ParameterDefinitionImpl(PARAM_ASPECT_NAME, DataTypeDefinition.QNAME, true, getParamDisplayLabel(PARAM_ASPECT_NAME), false, "ac-aspects"));
+    }
+
+    /**
+     * Remove actionContext from the parameter values to declassify as an adhoc property
+     */
+    private void removeActionContextParameter(Map<String, Serializable> paramValues)
+    {
+        paramValues.remove(ActionAccessRestriction.ACTION_CONTEXT_PARAM_NAME);
+    }
+}

repository/src/main/java/org/alfresco/repo/audit/AuditComponent.java

@@ -1,286 +1,282 @@
-/*
- * #%L
- * Alfresco Repository
- * %%
- * Copyright (C) 2005 - 2024 Alfresco Software Limited
- * %%
- * This file is part of the Alfresco software. 
- * If the software was purchased under a paid Alfresco license, the terms of 
- * the paid license agreement will prevail.  Otherwise, the software is 
- * provided under the following open source license terms:
- * 
- * Alfresco is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Lesser General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- * 
- * Alfresco is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU Lesser General Public License for more details.
- * 
- * You should have received a copy of the GNU Lesser General Public License
- * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
- * #L%
- */
-package org.alfresco.repo.audit;
-
-import java.io.Serializable;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
-import org.alfresco.repo.audit.model.AuditApplication;
-import org.alfresco.repo.audit.model.AuditModelRegistry;
-import org.alfresco.repo.audit.model._3.AuditPath;
-import org.alfresco.service.cmr.audit.AuditQueryParameters;
-import org.alfresco.service.cmr.audit.AuditService.AuditQueryCallback;
-
-/**
- * The audit component. Used by the AuditService and AuditMethodInterceptor to insert audit entries.
- * 
- * @author Derek Hulley
- */
-public interface AuditComponent
-{
-    /**
-     * Determines whether audit is globally enabled or disabled.
-     * 
-     * @return                  Returns <code>true</code> if audit is enabled
-     * 
-     * @since 3.3
-     */
-    public boolean isAuditEnabled();
-    
-    /**
-     * Switch auditing on or off
-     * 
-     * @param enable            <tt>true</tt> to enable auditing or <tt>false</tt> to disable
-     * 
-     * @since 3.4
-     */
-    public void setAuditEnabled(boolean enable);
-
-    /**
-     * @param userAuditFilter UserAuditFilter
-     * 
-     * @since 4.2
-     */
-    public void setUserAuditFilter(UserAuditFilter userAuditFilter);
-    
-    /**
-     * Get all registered audit applications, whether active or not.
-     * 
-     * @return                  Returns a map of registered audit applications keyed by name
-     * 
-     * @since 3.4
-     */
-    public Map<String, AuditApplication> getAuditApplications();
-    
-    /**
-     * Determine whether the audit infrastructure expects audit values to be passed in.
-     * This is a helper method to allow optimizations in the client code.  Reasons why
-     * this method might return <tt>false</tt> are: auditing is disabled; no audit applications
-     * have been registered.  Sometimes, depending on the log level, this method may always
-     * return <tt>true</tt>.
-     * 
-     * 
-     * @return                  Returns <code>true</code> if the calling code (data producers)
-     *                          should go ahead and generate the data for
-     *                          {@link #recordAuditValues(String, Map) recording}.
-     * 
-     * @since 3.3
-     */
-    public boolean areAuditValuesRequired();
-    
-    /**
-     * Determines if audit values are required based on whether there are any audit applications
-     * registered to record data for the given path. This helper method gives data producers a 
-     * shortcut in the event that nothing would be recorded in any event.
-     * 
-     * @param path              the audit path
-     * @return                  Returns <tt>true</tt> if there is at least one audit application
-     *                          registered to handle the given path.
-     * 
-     * @since 3.4                         
-     */
-    public boolean areAuditValuesRequired(String path);
-    
-    /**
-     * Delete audit entries for the given application and time range
-     * 
-     * @param applicationName   the name of the application
-     * @param fromTime          the start time of entries to remove (inclusive and optional)
-     * @param toTime            the end time of entries to remove (exclusive and optional)
-     * @return                  Returns the number of entries deleted
-     * 
-     * @since 3.2
-     */
-    int deleteAuditEntries(String applicationName, Long fromTime, Long toTime);
-
-    /**
-     * Delete audit entries for the given application and id range
-     *
-     * @param applicationName   the name of the application
-     * @param fromId          the start time of entries to remove (inclusive and optional)
-     * @param toId            the end time of entries to remove (exclusive and optional)
-     * @return                  Returns the number of entries deleted
-     *
-     * @since 5.2.2
-     */
-    int deleteAuditEntriesByIdRange(String applicationName, Long fromId, Long toId);
-
-    /**
-     * Delete a discrete list of audit entries based on ID
-     * 
-     * @param auditEntryIds     the audit entry IDs to delete
-     * @return                  Returns the number of entries deleted
-     */
-    int deleteAuditEntries(List<Long> auditEntryIds);
-    
-    /**
-     * Check if an audit path is enabled.  The path will be disabled if it or any higher
-     * path has been explicitly disabled.  Any disabled path will not be processed when
-     * data is audited.
-     * 
-     * @param applicationName   the name of the application being logged to
-     * @param path              the audit path to check or <tt>null</tt> to assume the
-     *                          application's root path
-     * @return                  Returns <tt>true</tt> if the audit path has been disabled
-     * 
-     * @since 3.2
-     */
-    boolean isAuditPathEnabled(String applicationName, String path);
-    
-    /**
-     * Enable auditing (if it is not already enabled) for all paths that contain the given path.
-     * The path is the path as originally logged and
-     * not the path that the generated data may contain - although this would be similarly
-     * enabled.
-     * <p>
-     * If the enabled 
-     * 
-     * @param applicationName   the name of the application being logged to
-     * @param path              the audit path to check or <tt>null</tt> to assume the
-     *                          application's root path
-     * 
-     * @since 3.2
-     */
-    void enableAudit(String applicationName, String path);
-
-    /**
-     * Disable auditing (if it is not already disabled) for all paths that contain the given path.
-     * The path is the path as originally logged and
-     * not the path that the generated data may contain - although this would be similarly
-     * disabled.
-     * <p>
-     * If the path is <b>/x/y</b> then any data paths that start with <b>/x/y</b> will be stripped
-     * out <u>before</u> data generators and data recorders are applied.  If the path represents
-     * the root path of the application, then auditing for that application is effectively disabled. 
-     * 
-     * @param applicationName   the name of the application being logged to
-     * @param path              the audit path to check or <tt>null</tt> to assume the
-     *                          application's root path
-     * 
-     * @since 3.2
-     */
-    void disableAudit(String applicationName, String path);
-    
-    /**
-     * Remove all disabled paths i.e. enable all per-path based auditing.  Auditing may still be
-     * disabled globally.  This is primarily for test purposes; applications should know which
-     * paths need {@link #enableAudit(String, String) enabling} or
-     * {@link #disableAudit(String, String) disabled}.
-     * 
-     * @param applicationName   the name of the application
-     * 
-     * @since 3.2
-     */
-    void resetDisabledPaths(String applicationName);
-
-    /**
-     * Create an audit entry for the given map of values.  The map key is a path - starting with '/'
-     * ({@link AuditApplication#AUDIT_PATH_SEPARATOR}) - relative to the root path provided.
-     * <p/>
-     * The root path and value keys are combined to produce a map of data keyed by full path.  This
-     * fully-pathed map is then passed through the
-     * {@link AuditModelRegistry#getAuditPathMapper() audit path mapper}.  The result may yield data
-     * destined for several different
-     * {@link AuditModelRegistry#getAuditApplicationByKey(String) audit applications}.  depending on
-     * the data extraction and generation defined in the applications, values (or derived values) may
-     * be recorded against several audit entries (one per application represented).
-     * <p/>
-     * The return values reflect what was actually persisted and is controlled by the data extractors
-     * defined in the audit configuration.
-     * <p/>
-     * A new read-write transaction is started if there are values to write that there is not a viable
-     * transaction present.
-     * 
-     * @param rootPath          a base path of {@link AuditPath} key entries concatenated with the path separator
-     *                          '/' ({@link AuditApplication#AUDIT_PATH_SEPARATOR})
-     * @param values            the values to audit mapped by {@link AuditPath} key relative to root path
-     *                          (may be <tt>null</tt>)
-     * @return                  Returns the values that were actually persisted, keyed by their full path.
-     * @throws IllegalStateException if the transaction state could not be determined
-     * 
-     * @since 3.2
-     */
-    Map<String, Serializable> recordAuditValues(String rootPath, Map<String, Serializable> values);
-    
-    /**
-     * The same as {@link AuditComponent#recordAuditValues(String, Map)}, but with controlled usage of userFilter
-     * 
-     * @param rootPath          a base path of {@link AuditPath} key entries concatenated with the path separator
-     *                          '/' ({@link AuditApplication#AUDIT_PATH_SEPARATOR})
-     * @param values            the values to audit mapped by {@link AuditPath} key relative to root path
-     *                          (may be <tt>null</tt>)
-     * @param useUserFilter     if <tt>false</tt> the user filter is disabled.
-     * @return                  Returns the values that were actually persisted, keyed by their full path.
-     * @throws IllegalStateException if the transaction state could not be determined
-     */
-    Map<String, Serializable> recordAuditValuesWithUserFilter(String rootPath, Map<String, Serializable> values, boolean useUserFilter);
-    
-    /**
-     * Find audit entries using the given parameters
-     * 
-     * @param callback          the data callback per entry
-     * @param parameters        the parameters for the query (may not be <tt>null</tt>)
-     * @param maxResults        the maximum number of results to retrieve (must be greater than 0)
-     * 
-     * @throws IllegalArgumentException if maxResults less or equal to zero
-     * 
-     * @since 3.2
-     */
-    void auditQuery(AuditQueryCallback callback, AuditQueryParameters parameters, int maxResults);
-
-    /**
-     * Issue an audit query to retrieve min / max audit record id for a given application.
-     *
-     * @param applicationName               the name of the application
-     * @param extremes                      a list containing min/max or both
-     * @return                              a map containing min/max and the associated value
-     */
-    HashMap<String, Long> getAuditMinMaxByApp(String applicationName, List<String> extremes);
-
-    /**
-     * Issue an audit query to retrieve count of records for a given application.
-     *
-     * @param applicationName             the name of the application
-     * @return                  a map containing min/max and the associated value
-     */
-    default int getAuditEntriesCountByApp(String applicationName)
-    {
-        return -1;
-    }
-
-    /**
-     * Issue an audit query to retrieve count of records for a given application and properties
-     *
-     * @param parameters                  audit parameters provided by the <code>where</code> clause on the ReST API
-     * @return                            a map containing min/max and the associated value
-     */
-    default int getAuditEntriesCountByAppAndProperties(AuditQueryParameters parameters)
-    {
-        return -1;
-    }
-}
+/*
+ * #%L
+ * Alfresco Repository
+ * %%
+ * Copyright (C) 2005 - 2016 Alfresco Software Limited
+ * %%
+ * This file is part of the Alfresco software. 
+ * If the software was purchased under a paid Alfresco license, the terms of 
+ * the paid license agreement will prevail.  Otherwise, the software is 
+ * provided under the following open source license terms:
+ * 
+ * Alfresco is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ * 
+ * Alfresco is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Lesser General Public License for more details.
+ * 
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
+ * #L% 
+ */
+package org.alfresco.repo.audit;
+
+import java.io.Serializable;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import org.alfresco.repo.audit.model.AuditApplication;
+import org.alfresco.repo.audit.model.AuditModelRegistry;
+import org.alfresco.repo.audit.model._3.AuditPath;
+import org.alfresco.service.cmr.audit.AuditQueryParameters;
+import org.alfresco.service.cmr.audit.AuditService.AuditQueryCallback;
+
+/**
+ * The audit component. Used by the AuditService and AuditMethodInterceptor to insert audit entries.
+ * 
+ * @author Derek Hulley
+ */
+public interface AuditComponent
+{
+    /**
+     * Determines whether audit is globally enabled or disabled.
+     * 
+     * @return Returns <code>true</code> if audit is enabled
+     * 
+     * @since 3.3
+     */
+    public boolean isAuditEnabled();
+
+    /**
+     * Switch auditing on or off
+     * 
+     * @param enable
+     *            <tt>true</tt> to enable auditing or <tt>false</tt> to disable
+     * 
+     * @since 3.4
+     */
+    public void setAuditEnabled(boolean enable);
+
+    /**
+     * @param userAuditFilter
+     *            UserAuditFilter
+     * 
+     * @since 4.2
+     */
+    public void setUserAuditFilter(UserAuditFilter userAuditFilter);
+
+    /**
+     * Get all registered audit applications, whether active or not.
+     * 
+     * @return Returns a map of registered audit applications keyed by name
+     * 
+     * @since 3.4
+     */
+    public Map<String, AuditApplication> getAuditApplications();
+
+    /**
+     * Determine whether the audit infrastructure expects audit values to be passed in. This is a helper method to allow optimizations in the client code. Reasons why this method might return <tt>false</tt> are: auditing is disabled; no audit applications have been registered. Sometimes, depending on the log level, this method may always return <tt>true</tt>.
+     * 
+     * 
+     * @return Returns <code>true</code> if the calling code (data producers) should go ahead and generate the data for {@link #recordAuditValues(String, Map) recording}.
+     * 
+     * @since 3.3
+     */
+    public boolean areAuditValuesRequired();
+
+    /**
+     * Determines if audit values are required based on whether there are any audit applications registered to record data for the given path. This helper method gives data producers a shortcut in the event that nothing would be recorded in any event.
+     * 
+     * @param path
+     *            the audit path
+     * @return Returns <tt>true</tt> if there is at least one audit application registered to handle the given path.
+     * 
+     * @since 3.4
+     */
+    public boolean areAuditValuesRequired(String path);
+
+    /**
+     * Delete audit entries for the given application and time range
+     * 
+     * @param applicationName
+     *            the name of the application
+     * @param fromTime
+     *            the start time of entries to remove (inclusive and optional)
+     * @param toTime
+     *            the end time of entries to remove (exclusive and optional)
+     * @return Returns the number of entries deleted
+     * 
+     * @since 3.2
+     */
+    int deleteAuditEntries(String applicationName, Long fromTime, Long toTime);
+
+    /**
+     * Delete audit entries for the given application and id range
+     *
+     * @param applicationName
+     *            the name of the application
+     * @param fromId
+     *            the start time of entries to remove (inclusive and optional)
+     * @param toId
+     *            the end time of entries to remove (exclusive and optional)
+     * @return Returns the number of entries deleted
+     *
+     * @since 5.2.2
+     */
+    int deleteAuditEntriesByIdRange(String applicationName, Long fromId, Long toId);
+
+    /**
+     * Delete a discrete list of audit entries based on ID
+     * 
+     * @param auditEntryIds
+     *            the audit entry IDs to delete
+     * @return Returns the number of entries deleted
+     */
+    int deleteAuditEntries(List<Long> auditEntryIds);
+
+    /**
+     * Check if an audit path is enabled. The path will be disabled if it or any higher path has been explicitly disabled. Any disabled path will not be processed when data is audited.
+     * 
+     * @param applicationName
+     *            the name of the application being logged to
+     * @param path
+     *            the audit path to check or <tt>null</tt> to assume the application's root path
+     * @return Returns <tt>true</tt> if the audit path has been disabled
+     * 
+     * @since 3.2
+     */
+    boolean isAuditPathEnabled(String applicationName, String path);
+
+    /**
+     * Enable auditing (if it is not already enabled) for all paths that contain the given path. The path is the path as originally logged and not the path that the generated data may contain - although this would be similarly enabled.
+     * <p>
+     * If the enabled
+     * 
+     * @param applicationName
+     *            the name of the application being logged to
+     * @param path
+     *            the audit path to check or <tt>null</tt> to assume the application's root path
+     * 
+     * @since 3.2
+     */
+    void enableAudit(String applicationName, String path);
+
+    /**
+     * Disable auditing (if it is not already disabled) for all paths that contain the given path. The path is the path as originally logged and not the path that the generated data may contain - although this would be similarly disabled.
+     * <p>
+     * If the path is <b>/x/y</b> then any data paths that start with <b>/x/y</b> will be stripped out <u>before</u> data generators and data recorders are applied. If the path represents the root path of the application, then auditing for that application is effectively disabled.
+     * 
+     * @param applicationName
+     *            the name of the application being logged to
+     * @param path
+     *            the audit path to check or <tt>null</tt> to assume the application's root path
+     * 
+     * @since 3.2
+     */
+    void disableAudit(String applicationName, String path);
+
+    /**
+     * Remove all disabled paths i.e. enable all per-path based auditing. Auditing may still be disabled globally. This is primarily for test purposes; applications should know which paths need {@link #enableAudit(String, String) enabling} or {@link #disableAudit(String, String) disabled}.
+     * 
+     * @param applicationName
+     *            the name of the application
+     * 
+     * @since 3.2
+     */
+    void resetDisabledPaths(String applicationName);
+
+    /**
+     * Create an audit entry for the given map of values. The map key is a path - starting with '/' ({@link AuditApplication#AUDIT_PATH_SEPARATOR}) - relative to the root path provided.
+     * <p/>
+     * The root path and value keys are combined to produce a map of data keyed by full path. This fully-pathed map is then passed through the {@link AuditModelRegistry#getAuditPathMapper() audit path mapper}. The result may yield data destined for several different {@link AuditModelRegistry#getAuditApplicationByKey(String) audit applications}. depending on the data extraction and generation defined in the applications, values (or derived values) may be recorded against several audit entries (one per application represented).
+     * <p/>
+     * The return values reflect what was actually persisted and is controlled by the data extractors defined in the audit configuration.
+     * <p/>
+     * A new read-write transaction is started if there are values to write that there is not a viable transaction present.
+     * 
+     * @param rootPath
+     *            a base path of {@link AuditPath} key entries concatenated with the path separator '/' ({@link AuditApplication#AUDIT_PATH_SEPARATOR})
+     * @param values
+     *            the values to audit mapped by {@link AuditPath} key relative to root path (may be <tt>null</tt>)
+     * @return Returns the values that were actually persisted, keyed by their full path.
+     * @throws IllegalStateException
+     *             if the transaction state could not be determined
+     * 
+     * @since 3.2
+     */
+    Map<String, Serializable> recordAuditValues(String rootPath, Map<String, Serializable> values);
+
+    /**
+     * The same as {@link AuditComponent#recordAuditValues(String, Map)}, but with controlled usage of userFilter
+     * 
+     * @param rootPath
+     *            a base path of {@link AuditPath} key entries concatenated with the path separator '/' ({@link AuditApplication#AUDIT_PATH_SEPARATOR})
+     * @param values
+     *            the values to audit mapped by {@link AuditPath} key relative to root path (may be <tt>null</tt>)
+     * @param useUserFilter
+     *            if <tt>false</tt> the user filter is disabled.
+     * @return Returns the values that were actually persisted, keyed by their full path.
+     * @throws IllegalStateException
+     *             if the transaction state could not be determined
+     */
+    Map<String, Serializable> recordAuditValuesWithUserFilter(String rootPath, Map<String, Serializable> values, boolean useUserFilter);
+
+    /**
+     * Find audit entries using the given parameters
+     * 
+     * @param callback
+     *            the data callback per entry
+     * @param parameters
+     *            the parameters for the query (may not be <tt>null</tt>)
+     * @param maxResults
+     *            the maximum number of results to retrieve (must be greater than 0)
+     * 
+     * @throws IllegalArgumentException
+     *             if maxResults less or equal to zero
+     * 
+     * @since 3.2
+     */
+    void auditQuery(AuditQueryCallback callback, AuditQueryParameters parameters, int maxResults);
+
+    /**
+     * Issue an audit query to retrieve min / max audit record id for a given application.
+     *
+     * @param applicationName
+     *            the name of the application
+     * @param extremes
+     *            a list containing min/max or both
+     * @return a map containing min/max and the associated value
+     */
+    HashMap<String, Long> getAuditMinMaxByApp(String applicationName, List<String> extremes);
+
+    /**
+     * Issue an audit query to retrieve count of records for a given application.
+     *
+     * @param applicationName
+     *            the name of the application
+     * @return a map containing min/max and the associated value
+     */
+    default int getAuditEntriesCountByApp(String applicationName)
+    {
+        return -1;
+    }
+
+    /**
+     * Issue an audit query to retrieve count of records for a given application and properties
+     *
+     * @param applicationName
+     *            the name of the application
+     * @param parameters
+     *            audit parameters provided by the <code>where</code> clause on the ReST API
+     * @return a map containing min/max and the associated value
+     */
+    default int getAuditEntriesCountByAppAndProperties(String applicationName, AuditQueryParameters parameters)
+    {
+        return -1;
+    }
+}

repository/src/main/java/org/alfresco/repo/audit/AuditServiceImpl.java

@@ -1,197 +1,209 @@
-/*
- * #%L
- * Alfresco Repository
- * %%
- * Copyright (C) 2005 - 2024 Alfresco Software Limited
- * %%
- * This file is part of the Alfresco software. 
- * If the software was purchased under a paid Alfresco license, the terms of 
- * the paid license agreement will prevail.  Otherwise, the software is 
- * provided under the following open source license terms:
- * 
- * Alfresco is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Lesser General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- * 
- * Alfresco is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU Lesser General Public License for more details.
- * 
- * You should have received a copy of the GNU Lesser General Public License
- * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
- * #L%
- */
-package org.alfresco.repo.audit;
-
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-import java.util.TreeMap;
-
-import org.alfresco.service.cmr.audit.AuditQueryParameters;
-import org.alfresco.service.cmr.audit.AuditService;
-
-/**
- * The implementation of the AuditService for application auditing.
- * 
- * @author Derek Hulley
- * @since 3.2
- */
-public class AuditServiceImpl implements AuditService
-{
-    private AuditComponent auditComponent;
-
-    public AuditServiceImpl()
-    {
-        super();
-    }
-
-    public void setAuditComponent(AuditComponent auditComponent)
-    {
-        this.auditComponent = auditComponent;
-    }
-
-    /**
-     * {@inheritDoc}
-     * @since 3.4
-     */
-    public boolean isAuditEnabled()
-    {
-        return auditComponent.isAuditEnabled();
-    }
-
-    /**
-     * {@inheritDoc}
-     * @since 3.4
-     */
-    @Override
-    public void setAuditEnabled(boolean enable)
-    {
-        auditComponent.setAuditEnabled(enable);
-    }
-
-    /**
-     * {@inheritDoc}
-     * @since 3.4
-     */
-    @Override
-    public Map<String, AuditApplication> getAuditApplications()
-    {
-        Map<String, org.alfresco.repo.audit.model.AuditApplication> apps = auditComponent.getAuditApplications();
-
-        Map<String, AuditApplication> ret = new TreeMap<String, AuditApplication>();
-        for (String app : apps.keySet())
-        {
-            String name = app;
-            String key = org.alfresco.repo.audit.model.AuditApplication.AUDIT_PATH_SEPARATOR + apps.get(app).getApplicationKey();
-            boolean enabled = auditComponent.isAuditPathEnabled(app, key);
-            AuditApplication auditApplication = new AuditApplication(name, key, enabled);
-            ret.put(name, auditApplication);
-        }
-        return ret;
-    }
-
-    /**
-     * {@inheritDoc}
-     * @since 3.2
-     */
-    public boolean isAuditEnabled(String applicationName, String path)
-    {
-        return auditComponent.isAuditPathEnabled(applicationName, path);
-    }
-
-    /**
-     * {@inheritDoc}
-     * @since 3.2
-     */
-    public void enableAudit(String applicationName, String path)
-    {
-        auditComponent.enableAudit(applicationName, path);
-    }
-
-    /**
-     * {@inheritDoc}
-     * @since 3.2
-     */
-    public void disableAudit(String applicationName, String path)
-    {
-        auditComponent.disableAudit(applicationName, path);
-    }
-
-    /**
-     * {@inheritDoc}
-     * @since 3.2
-     */
-    public int clearAudit(String applicationName)
-    {
-        Long now = Long.valueOf(System.currentTimeMillis());
-        return auditComponent.deleteAuditEntries(applicationName, null, now);
-    }
-
-    /**
-     * {@inheritDoc}
-     * @since 3.4
-     */
-    @Override
-    public int clearAudit(String applicationName, Long fromTime, Long toTime)
-    {
-        toTime = (toTime == null) ? Long.valueOf(System.currentTimeMillis()) : toTime;
-        return auditComponent.deleteAuditEntries(applicationName, fromTime, toTime);
-    }
-
-    /**
-     * {@inheritDoc}
-     * @since 5.2.2
-     */
-    @Override
-    public int clearAuditByIdRange(String applicationName, Long fromId, Long toId)
-    {
-        return auditComponent.deleteAuditEntriesByIdRange(applicationName, fromId, toId);
-    }
-
-    /**
-     * {@inheritDoc}
-     * @since 3.4
-     */
-    @Override
-    public int clearAudit(List<Long> auditEntryIds)
-    {
-        return auditComponent.deleteAuditEntries(auditEntryIds);
-    }
-
-    /**
-     * {@inheritDoc}
-     * @since 3.3
-     */
-    public void auditQuery(AuditQueryCallback callback, AuditQueryParameters parameters, int maxResults)
-    {
-        auditComponent.auditQuery(callback, parameters, maxResults);
-    }
-
-    /**
-     * {@inheritDoc}
-     */
-    public HashMap<String, Long> getAuditMinMaxByApp(String applicationName, List<String> extremes)
-    {
-        return auditComponent.getAuditMinMaxByApp(applicationName, extremes);
-    }
-
-    /**
-     * {@inheritDoc}
-     */
-    @Override
-    public int getAuditEntriesCountByApp(String applicationName)
-    {
-        return auditComponent.getAuditEntriesCountByApp(applicationName);
-    }
-
-    /**
-     * {@inheritDoc}
-     */
-    @Override public int getAuditEntriesCountByAppAndProperties(AuditQueryParameters parameters)
-    {
-        return auditComponent.getAuditEntriesCountByAppAndProperties(parameters);
-    }
-}
+/*
+ * #%L
+ * Alfresco Repository
+ * %%
+ * Copyright (C) 2005 - 2016 Alfresco Software Limited
+ * %%
+ * This file is part of the Alfresco software. 
+ * If the software was purchased under a paid Alfresco license, the terms of 
+ * the paid license agreement will prevail.  Otherwise, the software is 
+ * provided under the following open source license terms:
+ * 
+ * Alfresco is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ * 
+ * Alfresco is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Lesser General Public License for more details.
+ * 
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
+ * #L%
+ */
+package org.alfresco.repo.audit;
+
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.TreeMap;
+
+import org.alfresco.service.cmr.audit.AuditQueryParameters;
+import org.alfresco.service.cmr.audit.AuditService;
+
+/**
+ * The implementation of the AuditService for application auditing.
+ * 
+ * @author Derek Hulley
+ * @since 3.2
+ */
+public class AuditServiceImpl implements AuditService
+{
+    private AuditComponent auditComponent;
+
+    public AuditServiceImpl()
+    {
+        super();
+    }
+
+    public void setAuditComponent(AuditComponent auditComponent)
+    {
+        this.auditComponent = auditComponent;
+    }
+
+    /**
+     * {@inheritDoc}
+     * 
+     * @since 3.4
+     */
+    public boolean isAuditEnabled()
+    {
+        return auditComponent.isAuditEnabled();
+    }
+
+    /**
+     * {@inheritDoc}
+     * 
+     * @since 3.4
+     */
+    @Override
+    public void setAuditEnabled(boolean enable)
+    {
+        auditComponent.setAuditEnabled(enable);
+    }
+
+    /**
+     * {@inheritDoc}
+     * 
+     * @since 3.4
+     */
+    @Override
+    public Map<String, AuditApplication> getAuditApplications()
+    {
+        Map<String, org.alfresco.repo.audit.model.AuditApplication> apps = auditComponent.getAuditApplications();
+
+        Map<String, AuditApplication> ret = new TreeMap<String, AuditApplication>();
+        for (String app : apps.keySet())
+        {
+            String name = app;
+            String key = org.alfresco.repo.audit.model.AuditApplication.AUDIT_PATH_SEPARATOR + apps.get(app).getApplicationKey();
+            boolean enabled = auditComponent.isAuditPathEnabled(app, key);
+            AuditApplication auditApplication = new AuditApplication(name, key, enabled);
+            ret.put(name, auditApplication);
+        }
+        return ret;
+    }
+
+    /**
+     * {@inheritDoc}
+     * 
+     * @since 3.2
+     */
+    public boolean isAuditEnabled(String applicationName, String path)
+    {
+        return auditComponent.isAuditPathEnabled(applicationName, path);
+    }
+
+    /**
+     * {@inheritDoc}
+     * 
+     * @since 3.2
+     */
+    public void enableAudit(String applicationName, String path)
+    {
+        auditComponent.enableAudit(applicationName, path);
+    }
+
+    /**
+     * {@inheritDoc}
+     * 
+     * @since 3.2
+     */
+    public void disableAudit(String applicationName, String path)
+    {
+        auditComponent.disableAudit(applicationName, path);
+    }
+
+    /**
+     * {@inheritDoc}
+     * 
+     * @since 3.2
+     */
+    public int clearAudit(String applicationName)
+    {
+        Long now = Long.valueOf(System.currentTimeMillis());
+        return auditComponent.deleteAuditEntries(applicationName, null, now);
+    }
+
+    /**
+     * {@inheritDoc}
+     * 
+     * @since 3.4
+     */
+    @Override
+    public int clearAudit(String applicationName, Long fromTime, Long toTime)
+    {
+        toTime = (toTime == null) ? Long.valueOf(System.currentTimeMillis()) : toTime;
+        return auditComponent.deleteAuditEntries(applicationName, fromTime, toTime);
+    }
+
+    /**
+     * {@inheritDoc}
+     * 
+     * @since 5.2.2
+     */
+    @Override
+    public int clearAuditByIdRange(String applicationName, Long fromId, Long toId)
+    {
+        return auditComponent.deleteAuditEntriesByIdRange(applicationName, fromId, toId);
+    }
+
+    /**
+     * {@inheritDoc}
+     * 
+     * @since 3.4
+     */
+    @Override
+    public int clearAudit(List<Long> auditEntryIds)
+    {
+        return auditComponent.deleteAuditEntries(auditEntryIds);
+    }
+
+    /**
+     * {@inheritDoc}
+     * 
+     * @since 3.3
+     */
+    public void auditQuery(AuditQueryCallback callback, AuditQueryParameters parameters, int maxResults)
+    {
+        auditComponent.auditQuery(callback, parameters, maxResults);
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    public HashMap<String, Long> getAuditMinMaxByApp(String applicationName, List<String> extremes)
+    {
+        return auditComponent.getAuditMinMaxByApp(applicationName, extremes);
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    @Override
+    public int getAuditEntriesCountByApp(String applicationName)
+    {
+        return auditComponent.getAuditEntriesCountByApp(applicationName);
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    @Override
+    public int getAuditEntriesCountByAppAndProperties(String applicationName, AuditQueryParameters parameters)
+    {
+        return auditComponent.getAuditEntriesCountByAppAndProperties(applicationName, parameters);
+    }
+}

repository/src/main/java/org/alfresco/repo/domain/CrcHelper.java

@@ -1,123 +1,116 @@
-/*
- * #%L
- * Alfresco Repository
- * %%
- * Copyright (C) 2005 - 2024 Alfresco Software Limited
- * %%
- * This file is part of the Alfresco software. 
- * If the software was purchased under a paid Alfresco license, the terms of 
- * the paid license agreement will prevail.  Otherwise, the software is 
- * provided under the following open source license terms:
- * 
- * Alfresco is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Lesser General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- * 
- * Alfresco is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU Lesser General Public License for more details.
- * 
- * You should have received a copy of the GNU Lesser General Public License
- * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
- * #L%
- */
-
-package org.alfresco.repo.domain;
-
-import java.io.UnsupportedEncodingException;
-import java.util.zip.CRC32;
-
-import org.alfresco.util.Pair;
-
-/**
- * Helper class to calculate CRC values for string persistence.
- * 
- * @author Derek Hulley
- * @since 3.2
- */
-public class CrcHelper
-{
-    public static final String EMPTY_STRING = ".empty";
-    
-    /**
-     * Calculate a persistable, unique pair of values that can be persisted in a database unique
-     * key and guarantee correct case-sensitivity.
-     * <p>
-     * While the short-string version of the value is always lowercase, the CRC is
-     * calculated from the virgin string if case-sensitivity is enforced; in the case-insensitive
-     * case, the CRC is calculated from a lowercase version of the string.
-     * <p>
-     * If the value is an empty string, then {@link #EMPTY_STRING} is used instead.  This ensures
-     * that persisted values don't fall foul of the Oracle empty string comparison "behaviour" i.e
-     * you should never persist an empty string in Oracle as it equates to a SQL <b>NULL</b>.
-     * 
-     * @param value             the raw value that will be persisted
-     * @param dataLength        the maximum number of characters that can be persisted
-     * @param useCharsFromStart <tt>true</tt> if the shortened string value must be made from
-     *                          the first characters of the string or <tt>false</tt> to use
-     *                          characters from the end of the string.
-     * @param caseSensitive     <tt>true</tt> if the resulting pair must be case-sensitive or
-     *                          <tt>false</tt> if the pair must be case-insensitive.
-     * @return                  Return the persistable pair.  The result will never be <tt>null</tt>,
-     *                          but the individual pair values will be <tt>null</tt> if the
-     *                          value given is <tt>null</tt>
-     */
-    public static Pair<String, Long> getStringCrcPair(
-            String value,
-            int dataLength,
-            boolean useCharsFromStart,
-            boolean caseSensitive)
-    {
-        String valueLowerCase;
-        if (value == null)
-        {
-            return new Pair<String, Long>(null, null);
-        }
-        else if (value.length() == 0)
-        {
-            value = CrcHelper.EMPTY_STRING;
-            valueLowerCase = value;
-        }
-        else
-        {
-            valueLowerCase = value.toLowerCase();
-        }
-        Long valueCrc;
-        try
-        {
-            CRC32 crc = new CRC32();
-            if (caseSensitive)
-            {
-                crc.update(value.getBytes("UTF-8"));
-            }
-            else
-            {
-                crc.update(valueLowerCase.getBytes("UTF-8"));
-            }
-            valueCrc = crc.getValue();
-        }
-        catch (UnsupportedEncodingException e)
-        {
-            throw new RuntimeException("UTF-8 encoding is not supported");
-        }
-        // Crc Value will change based on the case-sensitive, So we need to get the short value based on case-sensitive
-        String valueShort = null;
-        String currentValue = caseSensitive ? value : valueLowerCase;
-        int valueLen = currentValue.length();
-        if (valueLen < dataLength)
-        {
-            valueShort = currentValue;
-        }
-        else if (useCharsFromStart)
-        {
-            valueShort = currentValue.substring(0, dataLength - 1);
-        }
-        else
-        {
-            valueShort = currentValue.substring(valueLen - dataLength);
-        }
-        return new Pair<String, Long>(valueShort, valueCrc);
-    }
-}
+/*
+ * #%L
+ * Alfresco Repository
+ * %%
+ * Copyright (C) 2005 - 2016 Alfresco Software Limited
+ * %%
+ * This file is part of the Alfresco software. 
+ * If the software was purchased under a paid Alfresco license, the terms of 
+ * the paid license agreement will prevail.  Otherwise, the software is 
+ * provided under the following open source license terms:
+ * 
+ * Alfresco is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ * 
+ * Alfresco is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Lesser General Public License for more details.
+ * 
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
+ * #L% 
+ */
+
+package org.alfresco.repo.domain;
+
+import java.io.UnsupportedEncodingException;
+import java.util.zip.CRC32;
+
+import org.alfresco.util.Pair;
+
+/**
+ * Helper class to calculate CRC values for string persistence.
+ * 
+ * @author Derek Hulley
+ * @since 3.2
+ */
+public class CrcHelper
+{
+    public static final String EMPTY_STRING = ".empty";
+
+    /**
+     * Calculate a persistable, unique pair of values that can be persisted in a database unique key and guarantee correct case-sensitivity.
+     * <p>
+     * While the short-string version of the value is always lowercase, the CRC is calculated from the virgin string if case-sensitivity is enforced; in the case-insensitive case, the CRC is calculated from a lowercase version of the string.
+     * <p>
+     * If the value is an empty string, then {@link #EMPTY_STRING} is used instead. This ensures that persisted values don't fall foul of the Oracle empty string comparison "behaviour" i.e you should never persist an empty string in Oracle as it equates to a SQL <b>NULL</b>.
+     * 
+     * @param value
+     *            the raw value that will be persisted
+     * @param dataLength
+     *            the maximum number of characters that can be persisted
+     * @param useCharsFromStart
+     *            <tt>true</tt> if the shortened string value must be made from the first characters of the string or <tt>false</tt> to use characters from the end of the string.
+     * @param caseSensitive
+     *            <tt>true</tt> if the resulting pair must be case-sensitive or <tt>false</tt> if the pair must be case-insensitive.
+     * @return Return the persistable pair. The result will never be <tt>null</tt>, but the individual pair values will be <tt>null</tt> if the value given is <tt>null</tt>
+     */
+    public static Pair<String, Long> getStringCrcPair(
+            String value,
+            int dataLength,
+            boolean useCharsFromStart,
+            boolean caseSensitive)
+    {
+        String valueLowerCase;
+        if (value == null)
+        {
+            return new Pair<String, Long>(null, null);
+        }
+        else if (value.length() == 0)
+        {
+            value = CrcHelper.EMPTY_STRING;
+            valueLowerCase = value;
+        }
+        else
+        {
+            valueLowerCase = value.toLowerCase();
+        }
+        Long valueCrc;
+        try
+        {
+            CRC32 crc = new CRC32();
+            if (caseSensitive)
+            {
+                crc.update(value.getBytes("UTF-8"));
+            }
+            else
+            {
+                crc.update(valueLowerCase.getBytes("UTF-8"));
+            }
+            valueCrc = crc.getValue();
+        }
+        catch (UnsupportedEncodingException e)
+        {
+            throw new RuntimeException("UTF-8 encoding is not supported");
+        }
+        // Get the short value (case-sensitive or not)
+        String valueShort = null;
+        int valueLen = valueLowerCase.length();
+        if (valueLen < dataLength)
+        {
+            valueShort = valueLowerCase;
+        }
+        else if (useCharsFromStart)
+        {
+            valueShort = valueLowerCase.substring(0, dataLength - 1);
+        }
+        else
+        {
+            valueShort = valueLowerCase.substring(valueLen - dataLength);
+        }
+        return new Pair<String, Long>(valueShort, valueCrc);
+    }
+}

repository/src/main/java/org/alfresco/repo/domain/audit/AuditDAO.java

@@ -1,258 +1,285 @@
-/*
- * #%L
- * Alfresco Repository
- * %%
- * Copyright (C) 2005 - 2024 Alfresco Software Limited
- * %%
- * This file is part of the Alfresco software. 
- * If the software was purchased under a paid Alfresco license, the terms of 
- * the paid license agreement will prevail.  Otherwise, the software is 
- * provided under the following open source license terms:
- * 
- * Alfresco is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Lesser General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- * 
- * Alfresco is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU Lesser General Public License for more details.
- * 
- * You should have received a copy of the GNU Lesser General Public License
- * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
- * #L%
- */
-package org.alfresco.repo.domain.audit;
-
-import java.io.Serializable;
-import java.net.URL;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
-import org.alfresco.service.cmr.audit.AuditService.AuditQueryCallback;
-import org.alfresco.service.cmr.repository.ContentData;
-import org.alfresco.util.Pair;
-
-/**
- * DAO services for <b>alf_audit_XXX</b> tables.
- * <p>
- * The older methods are supported by a different implementation and will eventually
- * be deprecated and phased out.
- * 
- * @author Derek Hulley
- * @since 3.2
- */
-public interface AuditDAO
-{
-    /*
-     * V3.2 methods after here only, please
-     */
-
-    /**
-     * Information about the audit application to be passed in an out of the interface.
-     * 
-     * @author Derek Hulley
-     * @since 3.2
-     */
-    public static class AuditApplicationInfo
-    {
-        private Long id;
-        private String name;
-        private Long modelId;
-        private Long disabledPathsId;
-        
-        @Override
-        public String toString()
-        {
-            StringBuilder sb = new StringBuilder();
-            sb.append("AuditApplicationInfo ")
-              .append("[ id=").append(id)
-              .append(", name=").append(name)
-              .append(", modelId=").append(modelId)
-              .append(", disabledPathsId=").append(disabledPathsId)
-              .append("]");
-            return sb.toString();
-        }
-        
-        public Long getId()
-        {
-            return id;
-        }
-        public void setId(Long id)
-        {
-            this.id = id;
-        }
-        public String getName()
-        {
-            return name;
-        }
-        public void setname(String name)
-        {
-            this.name = name;
-        }
-        public Long getModelId()
-        {
-            return modelId;
-        }
-        public void setModelId(Long modelId)
-        {
-            this.modelId = modelId;
-        }
-        public Long getDisabledPathsId()
-        {
-            return disabledPathsId;
-        }
-        public void setDisabledPathsId(Long disabledPathsId)
-        {
-            this.disabledPathsId = disabledPathsId;
-        }
-    }
-    
-    /**
-     * Creates a new audit model entry or finds an existing one
-     * 
-     * @param  url          the URL of the configuration
-     * @return              Returns the ID of the config matching the input stream and the
-     *                      content storage details
-     * @since 3.2
-     */
-    Pair<Long, ContentData> getOrCreateAuditModel(URL url);
-    
-    /**
-     * Get the audit application details.
-     * 
-     * @param applicationName   the name of the application
-     * @return                  Returns details of an existing application or <tt>null</tt> if it doesn't exist
-     * 
-     * @since 3.2
-     */
-    AuditApplicationInfo getAuditApplication(String applicationName);
-
-    /**
-     * Creates a new audit application.  The application name must be unique.
-     * 
-     * @param application       the name of the application
-     * @param modelId           the ID of the model configuration
-     * 
-     * @since 3.2
-     */
-    AuditApplicationInfo createAuditApplication(String application, Long modelId);
-    
-    /**
-     * Update the audit application to refer to a new model.
-     * If the model did not change, then nothing will be done.
-     * 
-     * @param id                the ID of the audit application
-     * @param modelId           the ID of the new model
-     * 
-     * @since 3.2
-     */
-    void updateAuditApplicationModel(Long id, Long modelId);
-    
-    /**
-     * Update the audit application to hold a new set of disabled paths.
-     * If the value did not change, then nothing will be done.
-     * 
-     * @param id                the ID of the audit application
-     * @param disabledPaths     the new disabled paths
-     * 
-     * @since 3.2
-     */
-    void updateAuditApplicationDisabledPaths(Long id, Set<String> disabledPaths);
-    
-    /**
-     * Delete audit entries for the application, possibly limiting the time range.
-     * 
-     * @param applicationId     an existing audit application ID
-     * @param fromTime          the minimum entry time (inclusive, optional)
-     * @param toTime            the maximum entry time (exclusive, optional)
-     * @return                  Returns the number of entries deleted
-     * 
-     * @since 3.2
-     */
-    int deleteAuditEntries(Long applicationId, Long fromTime, Long toTime);
-
-    /**
-     * Delete audit entries for the application for given id range.
-     *
-     * @param applicationId     an existing audit application ID
-     * @param fromId            the minimum fromId (inclusive, optional)
-     * @param toId              the maximum toId (exclusive, optional)
-     * @return                  Returns the number of entries deleted
-     *
-     * @since 5.2.2
-     */
-    int deleteAuditEntriesByIdRange(Long applicationId, Long fromId, Long toId);
-
-    /**
-     * Delete a discrete list of audit entries.  Duplicate entries are collapsed
-     * and the number of entries deleted will match the count of unique IDs in
-     * the list; otherwise a concurrency condition has occured and an exception
-     * will be generated.
-     * 
-     * @param auditEntryIds     the IDs of all audit entries to delete
-     * @return                  Returns the number of entries deleted
-     */
-    int deleteAuditEntries(List<Long> auditEntryIds);
-    
-    /**
-     * Create a new audit entry with the given map of values.
-     * 
-     * @param applicationId     an existing audit application ID
-     * @param time              the time (ms since epoch) to log the entry against
-     * @param username          the authenticated user (<tt>null</tt> if not present)
-     * @param values            the values to record
-     * @return                  Returns the unique entry ID
-     * 
-     * @since 3.2
-     */
-    Long createAuditEntry(Long applicationId, long time, String username, Map<String, Serializable> values);
-    
-    /**
-     * Find audit entries using the given parameters, any of which may be null
-     * 
-     * @param callback          the data callback per entry
-     * @param parameters        the parameters for the query (may not be <tt>null</tt>)
-     * @param maxResults        the maximum number of results to retrieve (must be greater than 0)
-     * 
-     * @throws IllegalArgumentException if maxResults less or equal to zero
-     */
-    void findAuditEntries(
-            AuditQueryCallback callback,
-            org.alfresco.service.cmr.audit.AuditQueryParameters parameters,
-            int maxResults);
-
-    /**
-     * Issue an audit query to retrieve min / max audit record id for a given application.
-     *
-     * @param appId             the database id of the application
-     * @param extremes          a list containing min/max or both
-     * @return                  a map containing min/max and the associated value
-     */
-    HashMap<String, Long> getAuditMinMaxByApp(long appId, List<String> extremes);
-
-    /**
-     * Issue an audit query to retrieve count of records for a given application.
-     *
-     * @param applicationId             the database id of the application
-     * @return                  a map containing min/max and the associated value
-     */
-    default int getAuditEntriesCountByApp(long applicationId)
-    {
-        return -1;
-    }
-
-    /**
-     * Issue an audit query to retrieve count of records for a given application and properties
-     *
-     * @param parameters        audit parameters provided by the <code>where</code> clause on the ReST API
-     * @return                  a map containing min/max and the associated value
-     */
-    default int getAuditEntriesCountByAppAndProperties(org.alfresco.service.cmr.audit.AuditQueryParameters parameters)
-    {
-        return -1;
-    }
-}
+/*
+ * #%L
+ * Alfresco Repository
+ * %%
+ * Copyright (C) 2005 - 2016 Alfresco Software Limited
+ * %%
+ * This file is part of the Alfresco software. 
+ * If the software was purchased under a paid Alfresco license, the terms of 
+ * the paid license agreement will prevail.  Otherwise, the software is 
+ * provided under the following open source license terms:
+ * 
+ * Alfresco is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ * 
+ * Alfresco is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Lesser General Public License for more details.
+ * 
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
+ * #L%
+ */
+package org.alfresco.repo.domain.audit;
+
+import java.io.Serializable;
+import java.net.URL;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+import org.alfresco.service.cmr.audit.AuditService.AuditQueryCallback;
+import org.alfresco.service.cmr.repository.ContentData;
+import org.alfresco.util.Pair;
+
+/**
+ * DAO services for <b>alf_audit_XXX</b> tables.
+ * <p>
+ * The older methods are supported by a different implementation and will eventually be deprecated and phased out.
+ * 
+ * @author Derek Hulley
+ * @since 3.2
+ */
+public interface AuditDAO
+{
+    /* V3.2 methods after here only, please */
+
+    /**
+     * Information about the audit application to be passed in an out of the interface.
+     * 
+     * @author Derek Hulley
+     * @since 3.2
+     */
+    public static class AuditApplicationInfo
+    {
+        private Long id;
+        private String name;
+        private Long modelId;
+        private Long disabledPathsId;
+
+        @Override
+        public String toString()
+        {
+            StringBuilder sb = new StringBuilder();
+            sb.append("AuditApplicationInfo ")
+                    .append("[ id=").append(id)
+                    .append(", name=").append(name)
+                    .append(", modelId=").append(modelId)
+                    .append(", disabledPathsId=").append(disabledPathsId)
+                    .append("]");
+            return sb.toString();
+        }
+
+        public Long getId()
+        {
+            return id;
+        }
+
+        public void setId(Long id)
+        {
+            this.id = id;
+        }
+
+        public String getName()
+        {
+            return name;
+        }
+
+        public void setname(String name)
+        {
+            this.name = name;
+        }
+
+        public Long getModelId()
+        {
+            return modelId;
+        }
+
+        public void setModelId(Long modelId)
+        {
+            this.modelId = modelId;
+        }
+
+        public Long getDisabledPathsId()
+        {
+            return disabledPathsId;
+        }
+
+        public void setDisabledPathsId(Long disabledPathsId)
+        {
+            this.disabledPathsId = disabledPathsId;
+        }
+    }
+
+    /**
+     * Creates a new audit model entry or finds an existing one
+     * 
+     * @param url
+     *            the URL of the configuration
+     * @return Returns the ID of the config matching the input stream and the content storage details
+     * @since 3.2
+     */
+    Pair<Long, ContentData> getOrCreateAuditModel(URL url);
+
+    /**
+     * Get the audit application details.
+     * 
+     * @param applicationName
+     *            the name of the application
+     * @return Returns details of an existing application or <tt>null</tt> if it doesn't exist
+     * 
+     * @since 3.2
+     */
+    AuditApplicationInfo getAuditApplication(String applicationName);
+
+    /**
+     * Creates a new audit application. The application name must be unique.
+     * 
+     * @param application
+     *            the name of the application
+     * @param modelId
+     *            the ID of the model configuration
+     * 
+     * @since 3.2
+     */
+    AuditApplicationInfo createAuditApplication(String application, Long modelId);
+
+    /**
+     * Update the audit application to refer to a new model. If the model did not change, then nothing will be done.
+     * 
+     * @param id
+     *            the ID of the audit application
+     * @param modelId
+     *            the ID of the new model
+     * 
+     * @since 3.2
+     */
+    void updateAuditApplicationModel(Long id, Long modelId);
+
+    /**
+     * Update the audit application to hold a new set of disabled paths. If the value did not change, then nothing will be done.
+     * 
+     * @param id
+     *            the ID of the audit application
+     * @param disabledPaths
+     *            the new disabled paths
+     * 
+     * @since 3.2
+     */
+    void updateAuditApplicationDisabledPaths(Long id, Set<String> disabledPaths);
+
+    /**
+     * Delete audit entries for the application, possibly limiting the time range.
+     * 
+     * @param applicationId
+     *            an existing audit application ID
+     * @param fromTime
+     *            the minimum entry time (inclusive, optional)
+     * @param toTime
+     *            the maximum entry time (exclusive, optional)
+     * @return Returns the number of entries deleted
+     * 
+     * @since 3.2
+     */
+    int deleteAuditEntries(Long applicationId, Long fromTime, Long toTime);
+
+    /**
+     * Delete audit entries for the application for given id range.
+     *
+     * @param applicationId
+     *            an existing audit application ID
+     * @param fromId
+     *            the minimum fromId (inclusive, optional)
+     * @param toId
+     *            the maximum toId (exclusive, optional)
+     * @return Returns the number of entries deleted
+     *
+     * @since 5.2.2
+     */
+    int deleteAuditEntriesByIdRange(Long applicationId, Long fromId, Long toId);
+
+    /**
+     * Delete a discrete list of audit entries. Duplicate entries are collapsed and the number of entries deleted will match the count of unique IDs in the list; otherwise a concurrency condition has occured and an exception will be generated.
+     * 
+     * @param auditEntryIds
+     *            the IDs of all audit entries to delete
+     * @return Returns the number of entries deleted
+     */
+    int deleteAuditEntries(List<Long> auditEntryIds);
+
+    /**
+     * Create a new audit entry with the given map of values.
+     * 
+     * @param applicationId
+     *            an existing audit application ID
+     * @param time
+     *            the time (ms since epoch) to log the entry against
+     * @param username
+     *            the authenticated user (<tt>null</tt> if not present)
+     * @param values
+     *            the values to record
+     * @return Returns the unique entry ID
+     * 
+     * @since 3.2
+     */
+    Long createAuditEntry(Long applicationId, long time, String username, Map<String, Serializable> values);
+
+    /**
+     * Find audit entries using the given parameters, any of which may be null
+     * 
+     * @param callback
+     *            the data callback per entry
+     * @param parameters
+     *            the parameters for the query (may not be <tt>null</tt>)
+     * @param maxResults
+     *            the maximum number of results to retrieve (must be greater than 0)
+     * 
+     * @throws IllegalArgumentException
+     *             if maxResults less or equal to zero
+     */
+    void findAuditEntries(
+            AuditQueryCallback callback,
+            org.alfresco.service.cmr.audit.AuditQueryParameters parameters,
+            int maxResults);
+
+    /**
+     * Issue an audit query to retrieve min / max audit record id for a given application.
+     *
+     * @param appId
+     *            the database id of the application
+     * @param extremes
+     *            a list containing min/max or both
+     * @return a map containing min/max and the associated value
+     */
+    HashMap<String, Long> getAuditMinMaxByApp(long appId, List<String> extremes);
+
+    /**
+     * Issue an audit query to retrieve count of records for a given application.
+     *
+     * @param applicationId
+     *            the database id of the application
+     * @return a map containing min/max and the associated value
+     */
+    default int getAuditEntriesCountByApp(long applicationId)
+    {
+        return -1;
+    }
+
+    /**
+     * Issue an audit query to retrieve count of records for a given application and properties
+     *
+     * @param applicationName
+     *            name of the application to be queried
+     * @param parameters
+     *            audit parameters provided by the <code>where</code> clause on the ReST API
+     * @return a map containing min/max and the associated value
+     */
+    default int getAuditEntriesCountByAppAndProperties(String applicationName, org.alfresco.service.cmr.audit.AuditQueryParameters parameters)
+    {
+        return -1;
+    }
+}

repository/src/main/java/org/alfresco/repo/domain/audit/ibatis/AuditDAOImpl.java

@@ -1,316 +1,315 @@
-/*
- * #%L
- * Alfresco Repository
- * %%
- * Copyright (C) 2005 - 2024 Alfresco Software Limited
- * %%
- * This file is part of the Alfresco software. 
- * If the software was purchased under a paid Alfresco license, the terms of 
- * the paid license agreement will prevail.  Otherwise, the software is 
- * provided under the following open source license terms:
- * 
- * Alfresco is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Lesser General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- * 
- * Alfresco is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU Lesser General Public License for more details.
- * 
- * You should have received a copy of the GNU Lesser General Public License
- * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
- * #L%
- */
-package org.alfresco.repo.domain.audit.ibatis;
-
-import java.io.Serializable;
-import java.util.ArrayList;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-import java.util.stream.Collectors;
-
-import org.alfresco.repo.domain.audit.AbstractAuditDAOImpl;
-import org.alfresco.repo.domain.audit.AuditApplicationEntity;
-import org.alfresco.repo.domain.audit.AuditDeleteParameters;
-import org.alfresco.repo.domain.audit.AuditEntryEntity;
-import org.alfresco.repo.domain.audit.AuditModelEntity;
-import org.alfresco.repo.domain.audit.AuditQueryParameters;
-import org.alfresco.repo.domain.audit.AuditQueryResult;
-import org.alfresco.repo.domain.propval.PropertyValueDAO.PropertyFinderCallback;
-import org.alfresco.util.Pair;
-import org.apache.ibatis.session.RowBounds;
-import org.mybatis.spring.SqlSessionTemplate;
-import org.springframework.dao.ConcurrencyFailureException;
-
-/**
- * iBatis-specific implementation of the DAO for <b>alf_audit_XXX</b> tables.
- * 
- * @author Derek Hulley
- * @since 3.2
- */
-public class AuditDAOImpl extends AbstractAuditDAOImpl
-{
-    private static final String SELECT_MODEL_BY_CRC = "alfresco.audit.select_AuditModelByCrc";
-    private static final String INSERT_MODEL = "alfresco.audit.insert.insert_AuditModel";
-    
-    private static final String SELECT_APPLICATION_BY_ID = "alfresco.audit.select_AuditApplicationById";
-    private static final String SELECT_APPLICATION_BY_NAME_ID = "alfresco.audit.select_AuditApplicationByNameId";
-    private static final String INSERT_APPLICATION = "alfresco.audit.insert.insert_AuditApplication";
-    private static final String UPDATE_APPLICATION = "alfresco.audit.update_AuditApplication";
-    
-    private static final String DELETE_ENTRIES = "alfresco.audit.delete_AuditEntries";
-    private static final String DELETE_ENTRIES_BY_ID = "alfresco.audit.delete_AuditEntriesById";
-    private static final String INSERT_ENTRY = "alfresco.audit.insert.insert_AuditEntry";
-    private static final String SELECT_MINMAX_ENTRY_FOR_APP = "alfresco.audit.select_MinMaxAuditEntryId";
-    private static final String SELECT_COUNT_ENTRIES_FOR_APP = "alfresco.audit.select_CountAuditEntryId";
-    private static final String SELECT_COUNT_ENTRIES_FOR_APP_WITH_PROPERTIES = "select_CountAuditEntryIdWithWhereClause";
-    
-    @SuppressWarnings("unused")
-    private static final String SELECT_ENTRIES_SIMPLE = "alfresco.audit.select_AuditEntriesSimple";
-    private static final String SELECT_ENTRIES_WITH_VALUES = "alfresco.audit.select_AuditEntriesWithValues";
-    private static final String SELECT_ENTRIES_WITHOUT_VALUES = "alfresco.audit.select_AuditEntriesWithoutValues";
-    
-    private SqlSessionTemplate template;
-    
-    public final void setSqlSessionTemplate(SqlSessionTemplate sqlSessionTemplate) 
-    {
-        this.template = sqlSessionTemplate;
-    }
-
-    @Override
-    protected AuditModelEntity getAuditModelByCrc(long crc)
-    {
-        AuditModelEntity entity = new AuditModelEntity();
-        entity.setContentCrc(crc);
-        entity = template.selectOne(
-                SELECT_MODEL_BY_CRC,
-                entity);
-        // Done
-        return entity;
-    }
-
-    @Override
-    protected AuditModelEntity createAuditModel(Long contentDataId, long crc)
-    {
-        AuditModelEntity entity = new AuditModelEntity();
-        entity.setContentDataId(contentDataId);
-        entity.setContentCrc(crc);
-        template.insert(INSERT_MODEL, entity);
-        return entity;
-    }
-
-    @Override
-    protected AuditApplicationEntity getAuditApplicationById(Long id)
-    {
-        Map<String, Object> params = new HashMap<String, Object>(11);
-        params.put("id", id);
-        AuditApplicationEntity entity = template.selectOne(
-                SELECT_APPLICATION_BY_ID,
-                params);
-        // Done
-        if (logger.isDebugEnabled())
-        {
-            logger.debug("Searched for audit application ID " + id + " and found: " + entity);
-        }
-        return entity;
-    }
-
-    @Override
-    protected AuditApplicationEntity getAuditApplicationByName(String appName)
-    {
-        // Resolve the name as a property ID
-        Pair<Long, Serializable> appNamePair = propertyValueDAO.getPropertyValue(appName);
-        if (appNamePair == null)
-        {
-            // There will be no results
-            return null;
-        }
-        
-        Map<String, Object> params = new HashMap<String, Object>(11);
-        params.put("id", appNamePair.getFirst());
-        AuditApplicationEntity entity = template.selectOne(
-                SELECT_APPLICATION_BY_NAME_ID,
-                params);
-        // Done
-        if (logger.isDebugEnabled())
-        {
-            logger.debug("Searched for audit application '" + appName + "' and found: " + entity);
-        }
-        return entity;
-    }
-
-    @Override
-    protected AuditApplicationEntity createAuditApplication(Long appNameId, Long modelId, Long disabledPathsId)
-    {
-        AuditApplicationEntity entity = new AuditApplicationEntity();
-        entity.setVersion((short)0);
-        entity.setApplicationNameId(appNameId);
-        entity.setAuditModelId(modelId);
-        entity.setDisabledPathsId(disabledPathsId);
-        template.insert(INSERT_APPLICATION, entity);
-        return entity;
-    }
-
-    @Override
-    protected AuditApplicationEntity updateAuditApplication(AuditApplicationEntity entity)
-    {
-        AuditApplicationEntity updateEntity = new AuditApplicationEntity();
-        updateEntity.setId(entity.getId());
-        updateEntity.setVersion(entity.getVersion());
-        updateEntity.incrementVersion();
-        updateEntity.setApplicationNameId(entity.getApplicationNameId());
-        updateEntity.setAuditModelId(entity.getAuditModelId());
-        updateEntity.setDisabledPathsId(entity.getDisabledPathsId());
-        
-        int updated = template.update(UPDATE_APPLICATION, updateEntity);
-        if (updated != 1)
-        {
-            // unexpected number of rows affected
-            throw new ConcurrencyFailureException("Incorrect number of rows affected for updateAuditApplication: " + updateEntity + ": expected 1, actual " + updated);
-        }
-        
-        // Done
-        return updateEntity;
-    }
-
-    public int deleteAuditEntries(Long applicationId, Long from, Long to)
-    {
-        AuditDeleteParameters params = new AuditDeleteParameters();
-        params.setAuditApplicationId(applicationId);
-        params.setAuditFromTime(from);
-        params.setAuditToTime(to);
-        return template.delete(DELETE_ENTRIES, params);
-    }
-
-    public int deleteAuditEntriesByIdRange(Long applicationId, Long fromId, Long toId)
-    {
-        AuditDeleteParameters params = new AuditDeleteParameters();
-        params.setAuditApplicationId(applicationId);
-        params.setAuditFromId(fromId);
-        params.setAuditToId(toId);
-        return template.delete(DELETE_ENTRIES, params);
-    }
-
-    @Override
-    protected int deleteAuditEntriesImpl(List<Long> auditEntryIds)
-    {
-        AuditDeleteParameters params = new AuditDeleteParameters();
-        params.setAuditEntryIds(auditEntryIds);
-        return template.delete(DELETE_ENTRIES_BY_ID, params);
-    }
-
-    @Override
-    protected AuditEntryEntity createAuditEntry(Long applicationId, long time, Long usernameId, Long valuesId)
-    {
-        AuditEntryEntity entity = new AuditEntryEntity();
-        entity.setAuditApplicationId(applicationId);
-        entity.setAuditTime(time);
-        entity.setAuditUserId(usernameId);
-        entity.setAuditValuesId(valuesId);
-        template.insert(INSERT_ENTRY, entity);
-        return entity;
-    }
-
-    public HashMap<String, Long> getAuditMinMaxByApp(long appId, List<String> extremes)
-    {
-        // Build parameters to be used in the query. Filter the duplicates when inserting into map
-        Map<String, Object> params = extremes.stream().collect(Collectors.toMap(s -> s, s -> Boolean.TRUE, (s1, s2) -> s1));
-        params.put("auditAppId", appId);
-
-        HashMap<String, Long> result = template.selectOne(SELECT_MINMAX_ENTRY_FOR_APP, params);
-
-        return result;
-    }
-
-    @Override
-    public int getAuditEntriesCountByApp(long applicationId)
-    {
-        Map<String, Object> params = new HashMap<>();
-        params.put("auditAppId", applicationId);
-
-        int result = template.selectOne(SELECT_COUNT_ENTRIES_FOR_APP, params);
-
-        return result;
-    }
-
-    @Override
-    public int getAuditEntriesCountByAppAndProperties(org.alfresco.service.cmr.audit.AuditQueryParameters parameters)
-    {
-        AuditQueryParameters dbParameters = convertFromRestAuditQueryParameters(parameters);
-
-        int result = template.selectOne(SELECT_COUNT_ENTRIES_FOR_APP_WITH_PROPERTIES, dbParameters);
-
-        return result;
-    }
-
-    @SuppressWarnings("unchecked")
-    @Override
-    protected void findAuditEntries(
-            final AuditQueryRowHandler rowHandler,
-            int maxResults,
-            org.alfresco.service.cmr.audit.AuditQueryParameters restParameters)
-    {
-        AuditQueryParameters params = convertFromRestAuditQueryParameters(restParameters);
-        if (params==null)
-        {
-            return;
-        }
-
-        if (maxResults > 0)
-        {
-            // Query without getting the values.  We gather all the results and batch-fetch the audited
-            // values afterwards.
-            final Map<Long, AuditQueryResult> resultsByValueId = new HashMap<Long, AuditQueryResult>(173);
-            PropertyFinderCallback propertyFinderCallback = new PropertyFinderCallback()
-            {
-                public void handleProperty(Long id, Serializable value)
-                {
-                    // get the row
-                    AuditQueryResult row = resultsByValueId.get(id);
-                    try
-                    {
-                        row.setAuditValue((Map<String, Serializable>) value);
-                    }
-                    catch (ClassCastException e)
-                    {
-                        // The handler will deal with the entry
-                    }
-                }
-            };
-            
-            List<AuditQueryResult> rows = template.selectList(SELECT_ENTRIES_WITHOUT_VALUES, params, new RowBounds(0, maxResults));
-            for (AuditQueryResult row : rows)
-            {
-                resultsByValueId.put(row.getAuditValuesId(), row);
-                if (resultsByValueId.size() >= 100)
-                {
-                    // Fetch values for the results.  The treemap is ordered.
-                    List<Long> valueIds = new ArrayList<Long>(resultsByValueId.keySet());
-                    propertyValueDAO.getPropertiesByIds(valueIds, propertyFinderCallback);
-                    // Clear and continue
-                    resultsByValueId.clear();
-                }
-            }
-            // Process any remaining results
-            if (resultsByValueId.size() > 0)
-            {
-                // Fetch values for the results.  The treemap is ordered.
-                List<Long> valueIds = new ArrayList<Long>(resultsByValueId.keySet());
-                propertyValueDAO.getPropertiesByIds(valueIds, propertyFinderCallback);
-            }
-            // Now pass the filled-out results to the row handler (order-preserved)
-            for (AuditQueryResult row : rows)
-            {
-                rowHandler.processResult(row);
-            }
-        }
-        else
-        {
-            throw new IllegalArgumentException("maxResults must be greater than 0");
-        }
-    }
-}
-
+/*
+ * #%L
+ * Alfresco Repository
+ * %%
+ * Copyright (C) 2005 - 2016 Alfresco Software Limited
+ * %%
+ * This file is part of the Alfresco software. 
+ * If the software was purchased under a paid Alfresco license, the terms of 
+ * the paid license agreement will prevail.  Otherwise, the software is 
+ * provided under the following open source license terms:
+ * 
+ * Alfresco is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ * 
+ * Alfresco is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Lesser General Public License for more details.
+ * 
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
+ * #L%
+ */
+package org.alfresco.repo.domain.audit.ibatis;
+
+import java.io.Serializable;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.stream.Collectors;
+
+import org.apache.ibatis.session.RowBounds;
+import org.mybatis.spring.SqlSessionTemplate;
+import org.springframework.dao.ConcurrencyFailureException;
+
+import org.alfresco.repo.domain.audit.AbstractAuditDAOImpl;
+import org.alfresco.repo.domain.audit.AuditApplicationEntity;
+import org.alfresco.repo.domain.audit.AuditDeleteParameters;
+import org.alfresco.repo.domain.audit.AuditEntryEntity;
+import org.alfresco.repo.domain.audit.AuditModelEntity;
+import org.alfresco.repo.domain.audit.AuditQueryParameters;
+import org.alfresco.repo.domain.audit.AuditQueryResult;
+import org.alfresco.repo.domain.propval.PropertyValueDAO.PropertyFinderCallback;
+import org.alfresco.util.Pair;
+
+/**
+ * iBatis-specific implementation of the DAO for <b>alf_audit_XXX</b> tables.
+ * 
+ * @author Derek Hulley
+ * @since 3.2
+ */
+public class AuditDAOImpl extends AbstractAuditDAOImpl
+{
+    private static final String SELECT_MODEL_BY_CRC = "alfresco.audit.select_AuditModelByCrc";
+    private static final String INSERT_MODEL = "alfresco.audit.insert.insert_AuditModel";
+
+    private static final String SELECT_APPLICATION_BY_ID = "alfresco.audit.select_AuditApplicationById";
+    private static final String SELECT_APPLICATION_BY_NAME_ID = "alfresco.audit.select_AuditApplicationByNameId";
+    private static final String INSERT_APPLICATION = "alfresco.audit.insert.insert_AuditApplication";
+    private static final String UPDATE_APPLICATION = "alfresco.audit.update_AuditApplication";
+
+    private static final String DELETE_ENTRIES = "alfresco.audit.delete_AuditEntries";
+    private static final String DELETE_ENTRIES_BY_ID = "alfresco.audit.delete_AuditEntriesById";
+    private static final String INSERT_ENTRY = "alfresco.audit.insert.insert_AuditEntry";
+    private static final String SELECT_MINMAX_ENTRY_FOR_APP = "alfresco.audit.select_MinMaxAuditEntryId";
+    private static final String SELECT_COUNT_ENTRIES_FOR_APP = "alfresco.audit.select_CountAuditEntryId";
+    private static final String SELECT_COUNT_ENTRIES_FOR_APP_WITH_PROPERTIES = "select_CountAuditEntryIdWithWhereClause";
+
+    @SuppressWarnings("unused")
+    private static final String SELECT_ENTRIES_SIMPLE = "alfresco.audit.select_AuditEntriesSimple";
+    private static final String SELECT_ENTRIES_WITH_VALUES = "alfresco.audit.select_AuditEntriesWithValues";
+    private static final String SELECT_ENTRIES_WITHOUT_VALUES = "alfresco.audit.select_AuditEntriesWithoutValues";
+
+    private SqlSessionTemplate template;
+
+    public final void setSqlSessionTemplate(SqlSessionTemplate sqlSessionTemplate)
+    {
+        this.template = sqlSessionTemplate;
+    }
+
+    @Override
+    protected AuditModelEntity getAuditModelByCrc(long crc)
+    {
+        AuditModelEntity entity = new AuditModelEntity();
+        entity.setContentCrc(crc);
+        entity = template.selectOne(
+                SELECT_MODEL_BY_CRC,
+                entity);
+        // Done
+        return entity;
+    }
+
+    @Override
+    protected AuditModelEntity createAuditModel(Long contentDataId, long crc)
+    {
+        AuditModelEntity entity = new AuditModelEntity();
+        entity.setContentDataId(contentDataId);
+        entity.setContentCrc(crc);
+        template.insert(INSERT_MODEL, entity);
+        return entity;
+    }
+
+    @Override
+    protected AuditApplicationEntity getAuditApplicationById(Long id)
+    {
+        Map<String, Object> params = new HashMap<String, Object>(11);
+        params.put("id", id);
+        AuditApplicationEntity entity = template.selectOne(
+                SELECT_APPLICATION_BY_ID,
+                params);
+        // Done
+        if (logger.isDebugEnabled())
+        {
+            logger.debug("Searched for audit application ID " + id + " and found: " + entity);
+        }
+        return entity;
+    }
+
+    @Override
+    protected AuditApplicationEntity getAuditApplicationByName(String appName)
+    {
+        // Resolve the name as a property ID
+        Pair<Long, Serializable> appNamePair = propertyValueDAO.getPropertyValue(appName);
+        if (appNamePair == null)
+        {
+            // There will be no results
+            return null;
+        }
+
+        Map<String, Object> params = new HashMap<String, Object>(11);
+        params.put("id", appNamePair.getFirst());
+        AuditApplicationEntity entity = template.selectOne(
+                SELECT_APPLICATION_BY_NAME_ID,
+                params);
+        // Done
+        if (logger.isDebugEnabled())
+        {
+            logger.debug("Searched for audit application '" + appName + "' and found: " + entity);
+        }
+        return entity;
+    }
+
+    @Override
+    protected AuditApplicationEntity createAuditApplication(Long appNameId, Long modelId, Long disabledPathsId)
+    {
+        AuditApplicationEntity entity = new AuditApplicationEntity();
+        entity.setVersion((short) 0);
+        entity.setApplicationNameId(appNameId);
+        entity.setAuditModelId(modelId);
+        entity.setDisabledPathsId(disabledPathsId);
+        template.insert(INSERT_APPLICATION, entity);
+        return entity;
+    }
+
+    @Override
+    protected AuditApplicationEntity updateAuditApplication(AuditApplicationEntity entity)
+    {
+        AuditApplicationEntity updateEntity = new AuditApplicationEntity();
+        updateEntity.setId(entity.getId());
+        updateEntity.setVersion(entity.getVersion());
+        updateEntity.incrementVersion();
+        updateEntity.setApplicationNameId(entity.getApplicationNameId());
+        updateEntity.setAuditModelId(entity.getAuditModelId());
+        updateEntity.setDisabledPathsId(entity.getDisabledPathsId());
+
+        int updated = template.update(UPDATE_APPLICATION, updateEntity);
+        if (updated != 1)
+        {
+            // unexpected number of rows affected
+            throw new ConcurrencyFailureException("Incorrect number of rows affected for updateAuditApplication: " + updateEntity + ": expected 1, actual " + updated);
+        }
+
+        // Done
+        return updateEntity;
+    }
+
+    public int deleteAuditEntries(Long applicationId, Long from, Long to)
+    {
+        AuditDeleteParameters params = new AuditDeleteParameters();
+        params.setAuditApplicationId(applicationId);
+        params.setAuditFromTime(from);
+        params.setAuditToTime(to);
+        return template.delete(DELETE_ENTRIES, params);
+    }
+
+    public int deleteAuditEntriesByIdRange(Long applicationId, Long fromId, Long toId)
+    {
+        AuditDeleteParameters params = new AuditDeleteParameters();
+        params.setAuditApplicationId(applicationId);
+        params.setAuditFromId(fromId);
+        params.setAuditToId(toId);
+        return template.delete(DELETE_ENTRIES, params);
+    }
+
+    @Override
+    protected int deleteAuditEntriesImpl(List<Long> auditEntryIds)
+    {
+        AuditDeleteParameters params = new AuditDeleteParameters();
+        params.setAuditEntryIds(auditEntryIds);
+        return template.delete(DELETE_ENTRIES_BY_ID, params);
+    }
+
+    @Override
+    protected AuditEntryEntity createAuditEntry(Long applicationId, long time, Long usernameId, Long valuesId)
+    {
+        AuditEntryEntity entity = new AuditEntryEntity();
+        entity.setAuditApplicationId(applicationId);
+        entity.setAuditTime(time);
+        entity.setAuditUserId(usernameId);
+        entity.setAuditValuesId(valuesId);
+        template.insert(INSERT_ENTRY, entity);
+        return entity;
+    }
+
+    public HashMap<String, Long> getAuditMinMaxByApp(long appId, List<String> extremes)
+    {
+        // Build parameters to be used in the query. Filter the duplicates when inserting into map
+        Map<String, Object> params = extremes.stream().collect(Collectors.toMap(s -> s, s -> Boolean.TRUE, (s1, s2) -> s1));
+        params.put("auditAppId", appId);
+
+        HashMap<String, Long> result = template.selectOne(SELECT_MINMAX_ENTRY_FOR_APP, params);
+
+        return result;
+    }
+
+    @Override
+    public int getAuditEntriesCountByApp(long applicationId)
+    {
+        Map<String, Object> params = new HashMap<>();
+        params.put("auditAppId", applicationId);
+
+        int result = template.selectOne(SELECT_COUNT_ENTRIES_FOR_APP, params);
+
+        return result;
+    }
+
+    @Override
+    public int getAuditEntriesCountByAppAndProperties(String applicationName, org.alfresco.service.cmr.audit.AuditQueryParameters parameters)
+    {
+        AuditQueryParameters dbParameters = convertFromRestAuditQueryParameters(parameters);
+
+        int result = template.selectOne(SELECT_COUNT_ENTRIES_FOR_APP_WITH_PROPERTIES, dbParameters);
+
+        return result;
+    }
+
+    @SuppressWarnings("unchecked")
+    @Override
+    protected void findAuditEntries(
+            final AuditQueryRowHandler rowHandler,
+            int maxResults,
+            org.alfresco.service.cmr.audit.AuditQueryParameters restParameters)
+    {
+        AuditQueryParameters params = convertFromRestAuditQueryParameters(restParameters);
+        if (params == null)
+        {
+            return;
+        }
+
+        if (maxResults > 0)
+        {
+            // Query without getting the values. We gather all the results and batch-fetch the audited
+            // values afterwards.
+            final Map<Long, AuditQueryResult> resultsByValueId = new HashMap<Long, AuditQueryResult>(173);
+            PropertyFinderCallback propertyFinderCallback = new PropertyFinderCallback() {
+                public void handleProperty(Long id, Serializable value)
+                {
+                    // get the row
+                    AuditQueryResult row = resultsByValueId.get(id);
+                    try
+                    {
+                        row.setAuditValue((Map<String, Serializable>) value);
+                    }
+                    catch (ClassCastException e)
+                    {
+                        // The handler will deal with the entry
+                    }
+                }
+            };
+
+            List<AuditQueryResult> rows = template.selectList(SELECT_ENTRIES_WITHOUT_VALUES, params, new RowBounds(0, maxResults));
+            for (AuditQueryResult row : rows)
+            {
+                resultsByValueId.put(row.getAuditValuesId(), row);
+                if (resultsByValueId.size() >= 100)
+                {
+                    // Fetch values for the results. The treemap is ordered.
+                    List<Long> valueIds = new ArrayList<Long>(resultsByValueId.keySet());
+                    propertyValueDAO.getPropertiesByIds(valueIds, propertyFinderCallback);
+                    // Clear and continue
+                    resultsByValueId.clear();
+                }
+            }
+            // Process any remaining results
+            if (resultsByValueId.size() > 0)
+            {
+                // Fetch values for the results. The treemap is ordered.
+                List<Long> valueIds = new ArrayList<Long>(resultsByValueId.keySet());
+                propertyValueDAO.getPropertiesByIds(valueIds, propertyFinderCallback);
+            }
+            // Now pass the filled-out results to the row handler (order-preserved)
+            for (AuditQueryResult row : rows)
+            {
+                rowHandler.processResult(row);
+            }
+        }
+        else
+        {
+            throw new IllegalArgumentException("maxResults must be greater than 0");
+        }
+    }
+}

repository/src/main/java/org/alfresco/repo/domain/propval/PropertyStringValueEntity.java

@@ -1,173 +1,158 @@
-/*
- * #%L
- * Alfresco Repository
- * %%
- * Copyright (C) 2005 - 2024 Alfresco Software Limited
- * %%
- * This file is part of the Alfresco software. 
- * If the software was purchased under a paid Alfresco license, the terms of 
- * the paid license agreement will prevail.  Otherwise, the software is 
- * provided under the following open source license terms:
- * 
- * Alfresco is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Lesser General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- * 
- * Alfresco is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU Lesser General Public License for more details.
- * 
- * You should have received a copy of the GNU Lesser General Public License
- * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
- * #L%
- */
-package org.alfresco.repo.domain.propval;
-
-import org.alfresco.repo.domain.CrcHelper;
-import org.alfresco.util.EqualsHelper;
-import org.alfresco.util.Pair;
-
-/**
- * Entity bean for <b>alf_prop_string_value</b> table.
- * 
- * @author Derek Hulley
- * @since 3.2
- */
-public class PropertyStringValueEntity
-{
-    public static final String EMPTY_STRING = "";
-    public static final String EMPTY_STRING_REPLACEMENT = ".empty";
-    
-    private Long id;
-    private String stringValue;
-    private String stringEndLower;
-    private Long stringCrc;
-    private String stringLower;
-    
-    public PropertyStringValueEntity()
-    {
-    }
-    
-    @Override
-    public int hashCode()
-    {
-        return (stringValue == null ? 0 : stringValue.hashCode());
-    }
-    
-    @Override
-    public boolean equals(Object obj)
-    {
-        if (this == obj)
-        {
-            return true;
-        }
-        else if (obj != null && obj instanceof PropertyStringValueEntity)
-        {
-            PropertyStringValueEntity that = (PropertyStringValueEntity) obj;
-            return EqualsHelper.nullSafeEquals(this.stringValue, that.stringValue);
-        }
-        else
-        {
-            return false;
-        }
-    }
-    
-    @Override
-    public String toString()
-    {
-        StringBuilder sb = new StringBuilder(512);
-        sb.append("PropertyStringValueEntity")
-          .append("[ ID=").append(id)
-          .append(", stringValue=").append(stringValue)
-          .append("]");
-        return sb.toString();
-    }
-    
-    public Pair<Long, String> getEntityPair()
-    {
-        if (stringValue != null && stringValue.equals(PropertyStringValueEntity.EMPTY_STRING_REPLACEMENT))
-        {
-            return new Pair<Long, String>(id, PropertyStringValueEntity.EMPTY_STRING);
-        }
-        else
-        {
-            return new Pair<Long, String>(id, stringValue);
-        }
-    }
-    
-    /**
-     * Set the string and string-end values
-     */
-    public void setValue(String value)
-    {
-        if (value == null)
-        {
-            throw new IllegalArgumentException("Null strings cannot be persisted");
-        }
-        if (value != null && value.equals(PropertyStringValueEntity.EMPTY_STRING))
-        {
-            // Oracle: We can't insert empty strings into the column.
-            value = PropertyStringValueEntity.EMPTY_STRING_REPLACEMENT;
-        }
-        stringValue = value;
-        // Calculate the crc value from the original value
-        Pair<String, Long> crcPair = CrcHelper.getStringCrcPair(value, 16, false, true);
-        stringEndLower = crcPair.getFirst();
-        stringCrc = crcPair.getSecond();
-        // Calculate the crc value with case-insensitive
-        Pair<String, Long> crcPairWithCaseInSensitive = CrcHelper.getStringCrcPair(value, 16, false, false);
-        stringLower = crcPairWithCaseInSensitive.getFirst();
-    }
-
-    public Long getId()
-    {
-        return id;
-    }
-
-    public void setId(Long id)
-    {
-        this.id = id;
-    }
-
-    public String getStringValue()
-    {
-        return stringValue;
-    }
-
-    public void setStringValue(String stringValue)
-    {
-        this.stringValue = stringValue;
-    }
-    
-    public String getStringEndLower()
-    {
-        return stringEndLower;
-    }
-
-    public void setStringEndLower(String stringEndLower)
-    {
-        this.stringEndLower = stringEndLower;
-    }
-
-    public Long getStringCrc()
-    {
-        return stringCrc;
-    }
-
-    public void setStringCrc(Long stringCrc)
-    {
-        this.stringCrc = stringCrc;
-    }
-
-    public String getStringLower()
-    {
-        return stringLower;
-    }
-
-    public void setStringLower(String stringLower)
-    {
-        this.stringLower = stringLower;
-    }
-}
+/*
+ * #%L
+ * Alfresco Repository
+ * %%
+ * Copyright (C) 2005 - 2016 Alfresco Software Limited
+ * %%
+ * This file is part of the Alfresco software. 
+ * If the software was purchased under a paid Alfresco license, the terms of 
+ * the paid license agreement will prevail.  Otherwise, the software is 
+ * provided under the following open source license terms:
+ * 
+ * Alfresco is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ * 
+ * Alfresco is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Lesser General Public License for more details.
+ * 
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
+ * #L% 
+ */
+package org.alfresco.repo.domain.propval;
+
+import org.alfresco.repo.domain.CrcHelper;
+import org.alfresco.util.EqualsHelper;
+import org.alfresco.util.Pair;
+
+/**
+ * Entity bean for <b>alf_prop_string_value</b> table.
+ * 
+ * @author Derek Hulley
+ * @since 3.2
+ */
+public class PropertyStringValueEntity
+{
+    public static final String EMPTY_STRING = "";
+    public static final String EMPTY_STRING_REPLACEMENT = ".empty";
+
+    private Long id;
+    private String stringValue;
+    private String stringEndLower;
+    private Long stringCrc;
+
+    public PropertyStringValueEntity()
+    {}
+
+    @Override
+    public int hashCode()
+    {
+        return (stringValue == null ? 0 : stringValue.hashCode());
+    }
+
+    @Override
+    public boolean equals(Object obj)
+    {
+        if (this == obj)
+        {
+            return true;
+        }
+        else if (obj != null && obj instanceof PropertyStringValueEntity)
+        {
+            PropertyStringValueEntity that = (PropertyStringValueEntity) obj;
+            return EqualsHelper.nullSafeEquals(this.stringValue, that.stringValue);
+        }
+        else
+        {
+            return false;
+        }
+    }
+
+    @Override
+    public String toString()
+    {
+        StringBuilder sb = new StringBuilder(512);
+        sb.append("PropertyStringValueEntity")
+                .append("[ ID=").append(id)
+                .append(", stringValue=").append(stringValue)
+                .append("]");
+        return sb.toString();
+    }
+
+    public Pair<Long, String> getEntityPair()
+    {
+        if (stringValue != null && stringValue.equals(PropertyStringValueEntity.EMPTY_STRING_REPLACEMENT))
+        {
+            return new Pair<Long, String>(id, PropertyStringValueEntity.EMPTY_STRING);
+        }
+        else
+        {
+            return new Pair<Long, String>(id, stringValue);
+        }
+    }
+
+    /**
+     * Set the string and string-end values
+     */
+    public void setValue(String value)
+    {
+        if (value == null)
+        {
+            throw new IllegalArgumentException("Null strings cannot be persisted");
+        }
+        if (value != null && value.equals(PropertyStringValueEntity.EMPTY_STRING))
+        {
+            // Oracle: We can't insert empty strings into the column.
+            value = PropertyStringValueEntity.EMPTY_STRING_REPLACEMENT;
+        }
+        stringValue = value;
+        // Calculate the crc value from the original value
+        Pair<String, Long> crcPair = CrcHelper.getStringCrcPair(value, 16, false, true);
+        stringEndLower = crcPair.getFirst();
+        stringCrc = crcPair.getSecond();
+    }
+
+    public Long getId()
+    {
+        return id;
+    }
+
+    public void setId(Long id)
+    {
+        this.id = id;
+    }
+
+    public String getStringValue()
+    {
+        return stringValue;
+    }
+
+    public void setStringValue(String stringValue)
+    {
+        this.stringValue = stringValue;
+    }
+
+    public String getStringEndLower()
+    {
+        return stringEndLower;
+    }
+
+    public void setStringEndLower(String stringEndLower)
+    {
+        this.stringEndLower = stringEndLower;
+    }
+
+    public Long getStringCrc()
+    {
+        return stringCrc;
+    }
+
+    public void setStringCrc(Long stringCrc)
+    {
+        this.stringCrc = stringCrc;
+    }
+}

repository/src/main/java/org/alfresco/repo/event2/EventGenerator.java

@@ -542,10 +542,7 @@ public class EventGenerator extends AbstractLifecycleBean implements Initializin
     @Override
     protected void onShutdown(ApplicationEvent applicationEvent)
     {
-        if (eventSender != null)
-        {
-            eventSender.destroy();
-        }
+        // NOOP
     }
 
     protected class EventTransactionListener extends TransactionListenerAdapter

repository/src/main/java/org/alfresco/repo/event2/EventSender.java

@@ -52,7 +52,7 @@ public interface EventSender
     }
 
     /**
-     * It's called when the application context is closing, allowing {@link org.alfresco.repo.event2.EventGenerator} to perform cleanup operations.
+     * It's called when the bean instance is destroyed, allowing to perform cleanup operations.
      */
     default void destroy()
     {

repository/src/main/java/org/alfresco/repo/event2/EventSenderFactoryBean.java

@@ -25,15 +25,16 @@
  */
 package org.alfresco.repo.event2;
 
+import java.util.Optional;
+import java.util.concurrent.Executor;
 import jakarta.annotation.Nonnull;
-import org.alfresco.util.PropertyCheck;
+
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.beans.factory.config.AbstractFactoryBean;
 import org.springframework.core.env.PropertyResolver;
 
-import java.util.Optional;
-import java.util.concurrent.Executor;
+import org.alfresco.util.PropertyCheck;
 
 public class EventSenderFactoryBean extends AbstractFactoryBean<EventSender>
 {
@@ -51,7 +52,7 @@ public class EventSenderFactoryBean extends AbstractFactoryBean<EventSender>
     private boolean legacySkipQueueConfig;
 
     public EventSenderFactoryBean(@Autowired PropertyResolver propertyResolver, Event2MessageProducer event2MessageProducer,
-                                  Executor enqueueThreadPoolExecutor, Executor dequeueThreadPoolExecutor)
+            Executor enqueueThreadPoolExecutor, Executor dequeueThreadPoolExecutor)
     {
         super();
         PropertyCheck.mandatory(this, "propertyResolver", propertyResolver);
@@ -155,4 +156,13 @@ public class EventSenderFactoryBean extends AbstractFactoryBean<EventSender>
     {
         return event2MessageProducer;
     }
+
+    @Override
+    protected void destroyInstance(EventSender eventSender)
+    {
+        if (eventSender != null)
+        {
+            eventSender.destroy();
+        }
+    }
 }

repository/src/main/java/org/alfresco/repo/event2/NodeResourceHelper.java

@@ -2,7 +2,7 @@
  * #%L
  * Alfresco Repository
  * %%
- * Copyright (C) 2005 - 2023 Alfresco Software Limited
+ * Copyright (C) 2005 - 2025 Alfresco Software Limited
  * %%
  * This file is part of the Alfresco software.
  * If the software was purchased under a paid Alfresco license, the terms of
@@ -42,6 +42,9 @@ import java.util.Set;
 import java.util.stream.Collectors;
 
 import com.google.common.collect.Sets;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.springframework.beans.factory.InitializingBean;
 
 import org.alfresco.model.ContentModel;
 import org.alfresco.repo.event.v1.model.ContentInfo;
@@ -50,6 +53,7 @@ import org.alfresco.repo.event.v1.model.UserInfo;
 import org.alfresco.repo.event2.filter.EventFilterRegistry;
 import org.alfresco.repo.event2.filter.NodeAspectFilter;
 import org.alfresco.repo.event2.filter.NodePropertyFilter;
+import org.alfresco.repo.event2.mapper.PropertyMapper;
 import org.alfresco.repo.node.MLPropertyInterceptor;
 import org.alfresco.repo.security.authentication.AuthenticationUtil;
 import org.alfresco.repo.security.permissions.AccessDeniedException;
@@ -68,9 +72,6 @@ import org.alfresco.service.namespace.NamespaceService;
 import org.alfresco.service.namespace.QName;
 import org.alfresco.util.PathUtil;
 import org.alfresco.util.PropertyCheck;
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.springframework.beans.factory.InitializingBean;
 
 /**
  * Helper for {@link NodeResource} objects.
@@ -81,14 +82,15 @@ public class NodeResourceHelper implements InitializingBean
 {
     private static final Log LOGGER = LogFactory.getLog(NodeResourceHelper.class);
 
-    protected NodeService         nodeService;
-    protected DictionaryService   dictionaryService;
-    protected PersonService       personService;
+    protected NodeService nodeService;
+    protected DictionaryService dictionaryService;
+    protected PersonService personService;
     protected EventFilterRegistry eventFilterRegistry;
-    protected NamespaceService    namespaceService;
-    protected PermissionService   permissionService;
+    protected NamespaceService namespaceService;
+    protected PermissionService permissionService;
+    protected PropertyMapper propertyMapper;
 
-    private NodeAspectFilter   nodeAspectFilter;
+    private NodeAspectFilter nodeAspectFilter;
     private NodePropertyFilter nodePropertyFilter;
 
     @Override
@@ -100,6 +102,7 @@ public class NodeResourceHelper implements InitializingBean
         PropertyCheck.mandatory(this, "eventFilterRegistry", eventFilterRegistry);
         PropertyCheck.mandatory(this, "namespaceService", namespaceService);
         PropertyCheck.mandatory(this, "permissionService", permissionService);
+        PropertyCheck.mandatory(this, "propertyMapper", propertyMapper);
 
         this.nodeAspectFilter = eventFilterRegistry.getNodeAspectFilter();
         this.nodePropertyFilter = eventFilterRegistry.getNodePropertyFilter();
@@ -124,7 +127,7 @@ public class NodeResourceHelper implements InitializingBean
     {
         this.permissionService = permissionService;
     }
-    
+
     // To make IntelliJ stop complaining about unused method!
     @SuppressWarnings("unused")
     public void setEventFilterRegistry(EventFilterRegistry eventFilterRegistry)
@@ -137,6 +140,11 @@ public class NodeResourceHelper implements InitializingBean
         this.namespaceService = namespaceService;
     }
 
+    public void setPropertyMapper(PropertyMapper propertyMapper)
+    {
+        this.propertyMapper = propertyMapper;
+    }
+
     public NodeResource.Builder createNodeResourceBuilder(NodeRef nodeRef)
     {
         final QName type = nodeService.getType(nodeRef);
@@ -148,22 +156,22 @@ public class NodeResourceHelper implements InitializingBean
         Map<String, UserInfo> mapUserCache = new HashMap<>(2);
 
         return NodeResource.builder()
-            .setId(nodeRef.getId())
-            .setName((String) properties.get(ContentModel.PROP_NAME))
-            .setNodeType(getQNamePrefixString(type))
-            .setIsFile(isSubClass(type, ContentModel.TYPE_CONTENT))
-            .setIsFolder(isSubClass(type, ContentModel.TYPE_FOLDER))
-            .setCreatedByUser(getUserInfo((String) properties.get(ContentModel.PROP_CREATOR), mapUserCache))
-            .setCreatedAt(getZonedDateTime((Date)properties.get(ContentModel.PROP_CREATED)))
-            .setModifiedByUser(getUserInfo((String) properties.get(ContentModel.PROP_MODIFIER), mapUserCache))
-            .setModifiedAt(getZonedDateTime((Date)properties.get(ContentModel.PROP_MODIFIED)))
-            .setContent(getContentInfo(properties))
-            .setPrimaryAssocQName(getPrimaryAssocQName(nodeRef))
-            .setPrimaryHierarchy(PathUtil.getNodeIdsInReverse(path, false))
-            .setProperties(mapToNodeProperties(properties))
-            .setLocalizedProperties(mapToNodeLocalizedProperties(properties))
-            .setAspectNames(getMappedAspects(nodeRef))
-            .setSecondaryParents(getSecondaryParents(nodeRef));
+                .setId(nodeRef.getId())
+                .setName((String) properties.get(ContentModel.PROP_NAME))
+                .setNodeType(getQNamePrefixString(type))
+                .setIsFile(isSubClass(type, ContentModel.TYPE_CONTENT))
+                .setIsFolder(isSubClass(type, ContentModel.TYPE_FOLDER))
+                .setCreatedByUser(getUserInfo((String) properties.get(ContentModel.PROP_CREATOR), mapUserCache))
+                .setCreatedAt(getZonedDateTime((Date) properties.get(ContentModel.PROP_CREATED)))
+                .setModifiedByUser(getUserInfo((String) properties.get(ContentModel.PROP_MODIFIER), mapUserCache))
+                .setModifiedAt(getZonedDateTime((Date) properties.get(ContentModel.PROP_MODIFIED)))
+                .setContent(getContentInfo(properties))
+                .setPrimaryAssocQName(getPrimaryAssocQName(nodeRef))
+                .setPrimaryHierarchy(PathUtil.getNodeIdsInReverse(path, false))
+                .setProperties(mapToNodeProperties(properties))
+                .setLocalizedProperties(mapToNodeLocalizedProperties(properties))
+                .setAspectNames(getMappedAspects(nodeRef))
+                .setSecondaryParents(getSecondaryParents(nodeRef));
     }
 
     private boolean isSubClass(QName className, QName ofClassQName)
@@ -171,17 +179,18 @@ public class NodeResourceHelper implements InitializingBean
         return dictionaryService.isSubClass(className, ofClassQName);
     }
 
-    private String getPrimaryAssocQName(NodeRef nodeRef) 
+    private String getPrimaryAssocQName(NodeRef nodeRef)
     {
         String result = null;
-        try 
+        try
         {
             ChildAssociationRef primaryParent = nodeService.getPrimaryParent(nodeRef);
-            if(primaryParent != null && primaryParent.getQName() != null) 
+            if (primaryParent != null && primaryParent.getQName() != null)
             {
                 result = primaryParent.getQName().getPrefixedQName(namespaceService).getPrefixString();
             }
-        } catch (NamespaceException namespaceException) 
+        }
+        catch (NamespaceException namespaceException)
         {
             LOGGER.error("Cannot return a valid primary association QName: " + namespaceException.getMessage());
         }
@@ -215,8 +224,8 @@ public class NodeResourceHelper implements InitializingBean
                 {
                     v = ((MLText) v).getDefaultValue();
                 }
-
-                filteredProps.put(getQNamePrefixString(k), v);
+                Serializable mappedValue = propertyMapper.map(k, v);
+                filteredProps.put(getQNamePrefixString(k), mappedValue);
             }
         });
 
@@ -232,7 +241,10 @@ public class NodeResourceHelper implements InitializingBean
             {
                 final MLText mlTextValue = (MLText) v;
                 final HashMap<String, String> localizedValues = new HashMap<>(mlTextValue.size());
-                mlTextValue.forEach((locale, text) -> localizedValues.put(locale.toString(), text));
+                mlTextValue.forEach((locale, text) -> {
+                    Serializable mappedValue = propertyMapper.map(k, text);
+                    localizedValues.put(locale.toString(), (String) mappedValue);
+                });
                 filteredProps.put(getQNamePrefixString(k), localizedValues);
             }
         });
@@ -259,7 +271,7 @@ public class NodeResourceHelper implements InitializingBean
         {
             String sysUserName = AuthenticationUtil.getSystemUserName();
             if (userName.equals(sysUserName) || (AuthenticationUtil.isMtEnabled()
-                        && userName.startsWith(sysUserName + "@")))
+                    && userName.startsWith(sysUserName + "@")))
             {
                 userInfo = new UserInfo(userName, userName, "");
             }
@@ -306,11 +318,11 @@ public class NodeResourceHelper implements InitializingBean
     }
 
     /**
-     * Returns the QName in the format prefix:local, but in the exceptional case where there is no registered prefix
-     * returns it in the form {uri}local.
+     * Returns the QName in the format prefix:local, but in the exceptional case where there is no registered prefix returns it in the form {uri}local.
      *
-     * @param   k QName
-     * @return  a String representing the QName in the format prefix:local or {uri}local.
+     * @param k
+     *            QName
+     * @return a String representing the QName in the format prefix:local or {uri}local.
      */
     public String getQNamePrefixString(QName k)
     {
@@ -342,7 +354,7 @@ public class NodeResourceHelper implements InitializingBean
 
     public QName getNodeType(NodeRef nodeRef)
     {
-       return nodeService.getType(nodeRef);
+        return nodeService.getType(nodeRef);
     }
 
     public Serializable getProperty(NodeRef nodeRef, QName qName)
@@ -352,13 +364,14 @@ public class NodeResourceHelper implements InitializingBean
 
     public Map<QName, Serializable> getProperties(NodeRef nodeRef)
     {
-        //We need to have full MLText properties here. This is why we are marking the current thread as MLAware
+        // We need to have full MLText properties here. This is why we are marking the current thread as MLAware
         final boolean toRestore = MLPropertyInterceptor.isMLAware();
         MLPropertyInterceptor.setMLAware(true);
         try
         {
             return nodeService.getProperties(nodeRef);
-        } finally
+        }
+        finally
         {
             MLPropertyInterceptor.setMLAware(toRestore);
         }
@@ -377,7 +390,7 @@ public class NodeResourceHelper implements InitializingBean
     }
 
     static Map<String, Map<String, String>> getLocalizedPropertiesBefore(Map<String, Map<String, String>> locPropsBefore,
-                                                                         Map<String, Map<String, String>> locPropsAfter)
+            Map<String, Map<String, String>> locPropsAfter)
     {
         final Map<String, Map<String, String>> result = new HashMap<>(locPropsBefore.size());
 
@@ -410,7 +423,7 @@ public class NodeResourceHelper implements InitializingBean
     {
         return mapToNodeAspects(nodeService.getAspects(nodeRef));
     }
-    
+
     public List<String> getPrimaryHierarchy(NodeRef nodeRef, boolean showLeaf)
     {
         final Path path = nodeService.getPath(nodeRef);
@@ -420,16 +433,17 @@ public class NodeResourceHelper implements InitializingBean
     /**
      * Gathers node's secondary parents.
      *
-     * @param nodeRef - node reference
+     * @param nodeRef
+     *            - node reference
      * @return a list of node's secondary parents.
      */
     public List<String> getSecondaryParents(final NodeRef nodeRef)
     {
         return nodeService.getParentAssocs(nodeRef).stream()
-            .filter(not(ChildAssociationRef::isPrimary))
-            .map(ChildAssociationRef::getParentRef)
-            .map(NodeRef::getId)
-            .collect(Collectors.toList());
+                .filter(not(ChildAssociationRef::isPrimary))
+                .map(ChildAssociationRef::getParentRef)
+                .map(NodeRef::getId)
+                .collect(Collectors.toList());
     }
 
     public PermissionService getPermissionService()