[maven-release-plugin][skip ci] prepare release 23.6.0.17

backport MNT-24776 to 23.N

amps/ags/pom.xml

@@ -7,7 +7,7 @@
    <parent>
       <groupId>org.alfresco</groupId>
       <artifactId>alfresco-community-repo-amps</artifactId>
-      <version>23.6.0.14</version>
+      <version>23.6.0.17</version>
    </parent>
 
    <modules>

amps/ags/rm-automation/pom.xml

@@ -7,7 +7,7 @@
    <parent>
       <groupId>org.alfresco</groupId>
       <artifactId>alfresco-governance-services-community-parent</artifactId>
-      <version>23.6.0.14</version>
+      <version>23.6.0.17</version>
    </parent>
 
    <modules>

amps/ags/rm-automation/rm-automation-community-rest-api/pom.xml

@@ -7,7 +7,7 @@
    <parent>
       <groupId>org.alfresco</groupId>
       <artifactId>alfresco-governance-services-automation-community-repo</artifactId>
-      <version>23.6.0.14</version>
+      <version>23.6.0.17</version>
    </parent>
 
    <build>

amps/ags/rm-community/pom.xml

@@ -7,7 +7,7 @@
    <parent>
       <groupId>org.alfresco</groupId>
       <artifactId>alfresco-governance-services-community-parent</artifactId>
-      <version>23.6.0.14</version>
+      <version>23.6.0.17</version>
    </parent>
 
    <modules>

amps/ags/rm-community/rm-community-repo/pom.xml

@@ -8,7 +8,7 @@
    <parent>
       <groupId>org.alfresco</groupId>
       <artifactId>alfresco-governance-services-community-repo-parent</artifactId>
-      <version>23.6.0.14</version>
+      <version>23.6.0.17</version>
    </parent>
 
    <properties>

amps/ags/rm-community/rm-community-repo/source/java/org/alfresco/module/org_alfresco_module_rm/security/ExtendedSecurityServiceImpl.java

@@ -36,6 +36,7 @@ import java.util.Set;
 
 import org.springframework.context.ApplicationListener;
 import org.springframework.context.event.ContextRefreshedEvent;
+import org.springframework.dao.ConcurrencyFailureException;
 import org.springframework.extensions.webscripts.ui.common.StringUtils;
 
 import org.alfresco.model.ContentModel;
@@ -649,8 +650,8 @@ public class ExtendedSecurityServiceImpl extends ServiceBaseImpl
         }
         catch (DuplicateChildNodeNameException ex)
         {
-            // the group was concurrently created
-            group = authorityService.getName(AuthorityType.GROUP, groupShortName);
+            // Rethrow as ConcurrencyFailureException so that is can be retried and linked to the group created by the concurrent transaction
+            throw new ConcurrencyFailureException("IPR group creation failed due to concurrent duplicate group name creation: " + groupShortName);
         }
 
         return group;

amps/ags/rm-community/rm-community-repo/test/java/org/alfresco/module/org_alfresco_module_rm/test/legacy/service/ExtendedSecurityServiceImplTest.java

@@ -29,14 +29,23 @@ package org.alfresco.module.org_alfresco_module_rm.test.legacy.service;
 
 import java.util.HashSet;
 import java.util.Set;
+import java.util.concurrent.CompletableFuture;
+
+import org.junit.Assert;
+import org.springframework.dao.ConcurrencyFailureException;
 
 import org.alfresco.model.ContentModel;
 import org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase;
+import org.alfresco.query.PagingRequest;
+import org.alfresco.query.PagingResults;
 import org.alfresco.repo.security.authentication.AuthenticationUtil;
 import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
 import org.alfresco.repo.site.SiteModel;
+import org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback;
 import org.alfresco.service.cmr.repository.NodeRef;
+import org.alfresco.service.cmr.security.AccessPermission;
 import org.alfresco.service.cmr.security.AccessStatus;
+import org.alfresco.service.cmr.security.AuthorityType;
 import org.alfresco.service.cmr.site.SiteService;
 import org.alfresco.service.cmr.site.SiteVisibility;
 import org.alfresco.util.GUID;
@@ -73,8 +82,7 @@ public class ExtendedSecurityServiceImplTest extends BaseRMTestCase
 
     private String createTestUser()
     {
-        return doTestInTransaction(new Test<String>()
-        {
+        return doTestInTransaction(new Test<String>() {
             public String run()
             {
                 String userName = GUID.generate();
@@ -90,8 +98,7 @@ public class ExtendedSecurityServiceImplTest extends BaseRMTestCase
         final String elephant = createTestUser();
         final String snake = createTestUser();
 
-        doTestInTransaction(new Test<Void>()
-        {
+        doTestInTransaction(new Test<Void>() {
             public Void run()
             {
                 assertFalse(extendedSecurityService.hasExtendedSecurity(filePlan));
@@ -118,7 +125,7 @@ public class ExtendedSecurityServiceImplTest extends BaseRMTestCase
 
                 // test remove
                 extendedSecurityService.remove(recordToo);
-                
+
                 assertFalse(extendedSecurityService.hasExtendedSecurity(recordToo));
                 assertTrue(extendedSecurityService.getReaders(recordToo).isEmpty());
                 assertTrue(extendedSecurityService.getWriters(recordToo).isEmpty());
@@ -133,8 +140,7 @@ public class ExtendedSecurityServiceImplTest extends BaseRMTestCase
         final String monkey = createTestUser();
         final String elephant = createTestUser();
 
-        doTestInTransaction(new Test<Void>()
-        {
+        doTestInTransaction(new Test<Void>() {
             Set<String> extendedReaders = new HashSet<>(2);
 
             public Void run() throws Exception
@@ -184,112 +190,337 @@ public class ExtendedSecurityServiceImplTest extends BaseRMTestCase
 
     public void testDifferentUsersDifferentPermissions()
     {
-    	final String userNone = createTestUser();
-    	final String userRead = createTestUser();
-    	final String userWrite = createTestUser();
-    	final String siteShortName = GUID.generate();
+        final String userNone = createTestUser();
+        final String userRead = createTestUser();
+        final String userWrite = createTestUser();
+        final String siteShortName = GUID.generate();
 
-    	doTestInTransaction(new Test<Void>()
-        {
+        doTestInTransaction(new Test<Void>() {
             public Void run() throws Exception
             {
-            	siteService.createSite(null, siteShortName, "test", "test", SiteVisibility.PRIVATE);
-            	return null;
+                siteService.createSite(null, siteShortName, "test", "test", SiteVisibility.PRIVATE);
+                return null;
             }
         });
 
-    	final NodeRef documentLibrary = doTestInTransaction(new Test<NodeRef>()
-        {
+        final NodeRef documentLibrary = doTestInTransaction(new Test<NodeRef>() {
             public NodeRef run() throws Exception
             {
-            	siteService.setMembership(siteShortName, userRead, SiteModel.SITE_CONSUMER);
-            	siteService.setMembership(siteShortName, userWrite, SiteModel.SITE_COLLABORATOR);
-            	return siteService.createContainer(siteShortName, SiteService.DOCUMENT_LIBRARY, null, null);
+                siteService.setMembership(siteShortName, userRead, SiteModel.SITE_CONSUMER);
+                siteService.setMembership(siteShortName, userWrite, SiteModel.SITE_COLLABORATOR);
+                return siteService.createContainer(siteShortName, SiteService.DOCUMENT_LIBRARY, null, null);
             }
         });
 
-    	final NodeRef record = doTestInTransaction(new Test<NodeRef>()
-        {
+        final NodeRef record = doTestInTransaction(new Test<NodeRef>() {
             public NodeRef run() throws Exception
             {
-            	NodeRef record = fileFolderService.create(documentLibrary, GUID.generate(), ContentModel.TYPE_CONTENT).getNodeRef();
-            	recordService.createRecord(filePlan, record);
-            	return record;
+                NodeRef record = fileFolderService.create(documentLibrary, GUID.generate(), ContentModel.TYPE_CONTENT)
+                        .getNodeRef();
+                recordService.createRecord(filePlan, record);
+                return record;
             }
         });
 
-    	doTestInTransaction(new Test<Void>()
-        {
+        doTestInTransaction(new Test<Void>() {
             public Void run() throws Exception
             {
-            	AuthenticationUtil.runAs(new RunAsWork<Void>()
-            	{
-					public Void doWork() throws Exception
-					{
-						// check permissions
-		            	assertEquals(AccessStatus.DENIED, permissionService.hasPermission(record, READ_RECORDS));
-		            	assertEquals(AccessStatus.DENIED, permissionService.hasPermission(record, FILING));
-						return null;
-					}
-				}, userNone);
+                AuthenticationUtil.runAs(new RunAsWork<Void>() {
+                    public Void doWork() throws Exception
+                    {
+                        // check permissions
+                        assertEquals(AccessStatus.DENIED, permissionService.hasPermission(record, READ_RECORDS));
+                        assertEquals(AccessStatus.DENIED, permissionService.hasPermission(record, FILING));
+                        return null;
+                    }
+                }, userNone);
 
-            	AuthenticationUtil.runAs(new RunAsWork<Void>()
-            	{
-					public Void doWork() throws Exception
-					{
-						// check permissions
-		            	assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(record, READ_RECORDS));
-		            	assertEquals(AccessStatus.DENIED, permissionService.hasPermission(record, FILING));
-						return null;
-					}
-				}, userRead);
+                AuthenticationUtil.runAs(new RunAsWork<Void>() {
+                    public Void doWork() throws Exception
+                    {
+                        // check permissions
+                        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(record, READ_RECORDS));
+                        assertEquals(AccessStatus.DENIED, permissionService.hasPermission(record, FILING));
+                        return null;
+                    }
+                }, userRead);
 
-            	AuthenticationUtil.runAs(new RunAsWork<Void>()
-            	{
-					public Void doWork() throws Exception
-					{
-						// check permissions
-		            	assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(record, READ_RECORDS));
-		            	assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(record, FILING));
-						return null;
-					}
-				}, userWrite);
+                AuthenticationUtil.runAs(new RunAsWork<Void>() {
+                    public Void doWork() throws Exception
+                    {
+                        // check permissions
+                        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(record, READ_RECORDS));
+                        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(record, FILING));
+                        return null;
+                    }
+                }, userWrite);
 
-            	AuthenticationUtil.runAs(new RunAsWork<Void>()
-            	{
-					public Void doWork() throws Exception
-					{
-						// check permissions
-		            	assertEquals(AccessStatus.DENIED, permissionService.hasPermission(record, READ_RECORDS));
-		            	assertEquals(AccessStatus.DENIED, permissionService.hasPermission(record, FILING));
-						return null;
-					}
-				}, userNone);
+                AuthenticationUtil.runAs(new RunAsWork<Void>() {
+                    public Void doWork() throws Exception
+                    {
+                        // check permissions
+                        assertEquals(AccessStatus.DENIED, permissionService.hasPermission(record, READ_RECORDS));
+                        assertEquals(AccessStatus.DENIED, permissionService.hasPermission(record, FILING));
+                        return null;
+                    }
+                }, userNone);
 
-            	AuthenticationUtil.runAs(new RunAsWork<Void>()
-            	{
-					public Void doWork() throws Exception
-					{
-						// check permissions
-		            	assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(record, READ_RECORDS));
-		            	assertEquals(AccessStatus.DENIED, permissionService.hasPermission(record, FILING));
-						return null;
-					}
-				}, userRead);
+                AuthenticationUtil.runAs(new RunAsWork<Void>() {
+                    public Void doWork() throws Exception
+                    {
+                        // check permissions
+                        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(record, READ_RECORDS));
+                        assertEquals(AccessStatus.DENIED, permissionService.hasPermission(record, FILING));
+                        return null;
+                    }
+                }, userRead);
 
-            	AuthenticationUtil.runAs(new RunAsWork<Void>()
-            	{
-					public Void doWork() throws Exception
-					{
-						// check permissions
-		            	assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(record, READ_RECORDS));
-		            	assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(record, FILING));
-						return null;
-					}
-				}, userWrite);
+                AuthenticationUtil.runAs(new RunAsWork<Void>() {
+                    public Void doWork() throws Exception
+                    {
+                        // check permissions
+                        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(record, READ_RECORDS));
+                        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(record, FILING));
+                        return null;
+                    }
+                }, userWrite);
 
-            	return null;
+                return null;
             }
         });
     }
+
+    public void testConcurrentSetWithRetry()
+    {
+        Set<String> extendedReaders = new HashSet<>(2);
+        Set<String> extendedWriters = new HashSet<>(2);
+
+        Set<NodeRef> documents = setupConcurrentTestCase(10, extendedReaders, extendedWriters);
+
+        // For each record created previously, spawn a thread to set extended security so we cause concurrency
+        // failure trying to create IPR groups with the same name
+        fireParallelExecutionOfSetExtendedSecurity(documents, extendedReaders, extendedWriters, true);
+
+        // Look for duplicated IPR groups and verify all documents have the same groups assigned
+        verifyCreatedGroups(documents, false);
+
+        AuthenticationUtil.clearCurrentSecurityContext();
+    }
+
+    public void testConcurrentSetWithoutRetry()
+    {
+        Set<String> extendedReaders = new HashSet<>(2);
+        Set<String> extendedWriters = new HashSet<>(2);
+
+        Set<NodeRef> documents = setupConcurrentTestCase(10, extendedReaders, extendedWriters);
+
+        // For each record created previously, spawn a thread to set extended security so we cause concurrency
+        // failure trying to create IPR groups with the same name.
+        // Since there is no retry, we expect to get a ConcurrencyFailureException
+        Assert.assertThrows(ConcurrencyFailureException.class, () -> {
+            fireParallelExecutionOfSetExtendedSecurity(documents, extendedReaders, extendedWriters, false);
+        });
+
+        // Look for duplicated IPR groups and verify all documents have the same groups assigned
+        // Since there was a ConcurrencyFailureException some threads failed to set extended security so some
+        // documents may not have IPR groups created.
+        verifyCreatedGroups(documents, true);
+
+        AuthenticationUtil.clearCurrentSecurityContext();
+    }
+
+    private Set<NodeRef> setupConcurrentTestCase(int concurrentThreads, Set<String> extendedReaders, Set<String> extendedWriters)
+    {
+        final String usera = createTestUser();
+        final String userb = createTestUser();
+        final String owner = createTestUser();
+
+        extendedReaders.add(usera);
+        extendedReaders.add(userb);
+        extendedWriters.add(usera);
+        extendedWriters.add(userb);
+
+        AuthenticationUtil.setAdminUserAsFullyAuthenticatedUser();
+
+        // Create a site
+        NodeRef documentLib = createSite(new HashSet<>(), new HashSet<>());
+
+        // Create records in the site document library
+        return createRecords(concurrentThreads, documentLib, owner);
+    }
+
+    private NodeRef createSite(Set<String> readers, Set<String> writers)
+    {
+        return retryingTransactionHelper.doInTransaction(new RetryingTransactionCallback<NodeRef>() {
+            @Override
+            public NodeRef execute() throws Throwable
+            {
+                final String siteShortName = GUID.generate();
+                siteService.createSite(null, siteShortName, "test", "test", SiteVisibility.PRIVATE);
+                readers.forEach(reader -> siteService.setMembership(siteShortName, reader, SiteModel.SITE_CONSUMER));
+                writers.forEach(writer -> siteService.setMembership(siteShortName, writer, SiteModel.SITE_COLLABORATOR));
+                return siteService.createContainer(siteShortName, SiteService.DOCUMENT_LIBRARY, null, null);
+            }
+        }, false, true);
+    }
+
+    private Set<NodeRef> createRecords(int numRecords, NodeRef parent, String owner)
+    {
+        return retryingTransactionHelper.doInTransaction(new RetryingTransactionCallback<Set<NodeRef>>() {
+            @Override
+            public Set<NodeRef> execute() throws Throwable
+            {
+                int createdRecords = 0;
+                Set<NodeRef> documents = new HashSet<>();
+                while (createdRecords < numRecords)
+                {
+                    final NodeRef doc = fileFolderService.create(parent, GUID.generate(), ContentModel.TYPE_CONTENT).getNodeRef();
+                    ownableService.setOwner(doc, owner);
+                    recordService.createRecord(filePlan, doc, rmFolder, true);
+                    recordService.file(doc);
+                    recordService.complete(doc);
+                    documents.add(doc);
+                    createdRecords++;
+                }
+                return documents;
+            }
+        }, false, true);
+    }
+
+    private void setExtendedSecurity(NodeRef doc, Set<String> readers, Set<String> writers, boolean useRetry)
+    {
+        if (!useRetry)
+        {
+            setExtendedSecurity(doc, readers, writers);
+            return;
+        }
+
+        retryingTransactionHelper.doInTransaction(new RetryingTransactionCallback<Void>() {
+            @Override
+            public Void execute() throws Throwable
+            {
+                setExtendedSecurity(doc, readers, writers);
+                return null;
+            }
+        }, false, true);
+    }
+
+    private void setExtendedSecurity(NodeRef doc, Set<String> readers, Set<String> writers)
+    {
+        AuthenticationUtil.setAdminUserAsFullyAuthenticatedUser();
+        extendedSecurityService.set(doc, readers, writers);
+    }
+
+    private void fireParallelExecutionOfSetExtendedSecurity(Set<NodeRef> documents, Set<String> extendedReaders, Set<String> extendedWriters, boolean useRetry)
+    {
+        CompletableFuture<?>[] futures = documents.stream()
+                .map(doc -> CompletableFuture.runAsync(() -> setExtendedSecurity(doc, extendedReaders, extendedWriters, useRetry)))
+                .toArray(CompletableFuture[]::new);
+
+        try
+        {
+            CompletableFuture.allOf(futures).join();
+        }
+        catch (Exception e)
+        {
+            Throwable cause = e.getCause();
+            if (cause instanceof ConcurrencyFailureException)
+            {
+                throw (ConcurrencyFailureException) cause;
+            }
+            throw new RuntimeException("Error during parallel execution", e);
+        }
+    }
+
+    private void verifyCreatedGroups(Set<NodeRef> documents, boolean onlyDuplicatesValidation)
+    {
+        retryingTransactionHelper.doInTransaction(new RetryingTransactionCallback<Void>() {
+            @Override
+            public Void execute() throws Throwable
+            {
+                Set<String> expectedAuthorities = null;
+                Set<Set<String>> errors = new HashSet<>();
+                for (NodeRef doc : documents)
+                {
+                    Set<AccessPermission> permissions = permissionService.getAllSetPermissions(doc);
+                    Set<String> authorities = getDocumentAuthorities(permissions);
+                    Set<String> authoritiesById = getAuthorityIds(authorities);
+
+                    verifyIPRGroups(authorities, onlyDuplicatesValidation);
+
+                    if (onlyDuplicatesValidation)
+                    {
+                        // Some documents may not have IPR groups created if there was a ConcurrencyFailureException
+                        continue;
+                    }
+
+                    // All documents should have the same exact set of groups assigned
+                    if (expectedAuthorities == null)
+                    {
+                        expectedAuthorities = authoritiesById;
+                    }
+
+                    if (!expectedAuthorities.equals(authoritiesById))
+                    {
+                        errors.add(authoritiesById);
+                    }
+                }
+
+                assertTrue("Unexpected authorities linked to document", errors.isEmpty());
+
+                return null;
+            }
+        }, false, true);
+    }
+
+    private Set<String> getDocumentAuthorities(Set<AccessPermission> permissions)
+    {
+        Set<String> authorities = new HashSet<>();
+
+        for (AccessPermission accessPermission : permissions)
+        {
+            String authority = accessPermission.getAuthority();
+            String authName = authorityService.getName(AuthorityType.GROUP, authority);
+            authorities.add(authName);
+
+        }
+        return authorities;
+    }
+
+    private Set<String> getAuthorityIds(Set<String> authorities)
+    {
+        Set<String> authorityIds = new HashSet<>();
+        for (String authority : authorities)
+        {
+            String authId = authorityService.getAuthorityNodeRef(authority) != null
+                    ? authorityService.getAuthorityNodeRef(authority).getId()
+                    : null;
+            authorityIds.add(authId);
+        }
+        return authorityIds;
+    }
+
+    private void verifyIPRGroups(Set<String> authorities, boolean onlyDuplicatesValidation)
+    {
+        boolean hasGroupIPR = false;
+
+        for (String authorityName : authorities)
+        {
+            String shortName = authorityService.getShortName(authorityName);
+
+            if (authorityName.startsWith("GROUP_IPR"))
+            {
+                hasGroupIPR = true;
+                PagingResults<String> results = authorityService.getAuthorities(AuthorityType.GROUP, null, shortName, false,
+                        false, new PagingRequest(0, 10));
+
+                assertEquals("No duplicated IPR group expected", 1, results.getPage().size());
+            }
+        }
+
+        if (!onlyDuplicatesValidation)
+        {
+            assertTrue("No IPR Groups created", hasGroupIPR);
+        }
+    }
 }

amps/ags/rm-community/rm-community-rest-api-explorer/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-governance-services-community-repo-parent</artifactId>
-        <version>23.6.0.14</version>
+        <version>23.6.0.17</version>
     </parent>
 
     <build>

amps/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo</artifactId>
-        <version>23.6.0.14</version>
+        <version>23.6.0.17</version>
     </parent>
 
     <modules>

amps/share-services/pom.xml

@@ -8,7 +8,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo-amps</artifactId>
-        <version>23.6.0.14</version>
+        <version>23.6.0.17</version>
     </parent>
 
     <properties>

amps/share-services/src/main/resources/alfresco/templates/webscripts/org/alfresco/slingshot/documentlibrary-v2/doclist.lib.js

@@ -91,6 +91,15 @@ function doclist_getAllNodes(parsedArgs, filterParams, query, totalItemCount)
    };
 }
 
+function sanitizeJunkFavouriteKeys(favourites){
+   for (var key in favourites) {
+      if (!key || key.trim() === "") {
+         delete favourites[key];
+      }
+   }
+   return favourites;
+}
+
 /**
  * Main entry point: Create collection of documents and folders in the given space
  *
@@ -123,6 +132,28 @@ function doclist_main()
    
    if (logger.isLoggingEnabled())
       logger.log("doclist.lib.js - NodeRef: " + parsedArgs.nodeRef + " Query: " + query);
+
+   favourites = sanitizeJunkFavouriteKeys(favourites);
+
+   if(Object.keys(favourites).length === 0 && query === null)
+   {
+      return {
+         luceneQuery: "",
+         paging: {
+            totalRecords: 0,
+            startIndex: 0
+         },
+         container: parsedArgs.rootNode,
+         parent: null,
+         onlineEditing: utils.moduleInstalled("org.alfresco.module.vti"),
+         itemCount: {
+            folders: 0,
+            documents: 0
+         },
+         items: [],
+         customJSON: slingshotDocLib.getJSON()
+      };
+   }
    
    var totalItemCount = filterParams.limitResults ? parseInt(filterParams.limitResults, 10) : -1;
    // For all sites documentLibrary query we pull in all available results and post filter

amps/share-services/src/main/resources/alfresco/templates/webscripts/org/alfresco/slingshot/documentlibrary-v2/filters.lib.js

@@ -182,11 +182,14 @@ var Filters =
          case "favourites":
             for (var favourite in favourites)
             {
-               if (filterQuery)
+               if (favourite && favourite.trim() !== "")
                {
-                  filterQuery += " OR ";
+                  if (filterQuery)
+                  {
+                     filterQuery += " OR ";
+                  }
+                  filterQuery += "ID:\"" + favourite + "\"";
                }
-               filterQuery += "ID:\"" + favourite + "\"";
             }
             
             if (filterQuery.length !== 0)
@@ -201,7 +204,13 @@ var Filters =
             else
             {
                // empty favourites query
-               filterQuery = "+ID:\"\"";
+               logger.warn("No favourites found for user: " + person.properties.userName);
+               return {
+                  query: null,
+                  limitResults: 0,
+                  sort: [],
+                  language: "lucene"
+               };
             }
             
             filterParams.query = filterQuery;

core/pom.xml

@@ -7,7 +7,7 @@
    <parent>
       <groupId>org.alfresco</groupId>
       <artifactId>alfresco-community-repo</artifactId>
-      <version>23.6.0.14</version>
+      <version>23.6.0.17</version>
    </parent>
 
    <dependencies>

data-model/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo</artifactId>
-        <version>23.6.0.14</version>
+        <version>23.6.0.17</version>
     </parent>
 
     <properties>

mmt/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo</artifactId>
-        <version>23.6.0.14</version>
+        <version>23.6.0.17</version>
     </parent>
 
     <dependencies>

packaging/distribution/pom.xml

@@ -9,6 +9,6 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo-packaging</artifactId>
-        <version>23.6.0.14</version>
+        <version>23.6.0.17</version>
     </parent>
 </project>

packaging/docker-alfresco/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo-packaging</artifactId>
-        <version>23.6.0.14</version>
+        <version>23.6.0.17</version>
     </parent>
 
     <properties>

packaging/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo</artifactId>
-        <version>23.6.0.14</version>
+        <version>23.6.0.17</version>
     </parent>
 
     <modules>

packaging/tests/pom.xml

@@ -6,7 +6,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo-packaging</artifactId>
-        <version>23.6.0.14</version>
+        <version>23.6.0.17</version>
     </parent>
 
     <modules>

packaging/tests/tas-cmis/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo-tests</artifactId>
-        <version>23.6.0.14</version>
+        <version>23.6.0.17</version>
     </parent>
 
     <organization>

packaging/tests/tas-email/pom.xml

@@ -9,7 +9,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo-tests</artifactId>
-        <version>23.6.0.14</version>
+        <version>23.6.0.17</version>
     </parent>
 
     <developers>

packaging/tests/tas-integration/pom.xml

@@ -9,7 +9,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo-tests</artifactId>
-        <version>23.6.0.14</version>
+        <version>23.6.0.17</version>
     </parent>
 
     <developers>

packaging/tests/tas-restapi/pom.xml

@@ -8,7 +8,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo-tests</artifactId>
-        <version>23.6.0.14</version>
+        <version>23.6.0.17</version>
     </parent>
 
     <properties>

packaging/tests/tas-webdav/pom.xml

@@ -9,7 +9,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo-tests</artifactId>
-        <version>23.6.0.14</version>
+        <version>23.6.0.17</version>
     </parent>
 
     <developers>

packaging/war/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo-packaging</artifactId>
-        <version>23.6.0.14</version>
+        <version>23.6.0.17</version>
     </parent>
 
     <properties>

pom.xml

@@ -2,7 +2,7 @@
 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <modelVersion>4.0.0</modelVersion>
     <artifactId>alfresco-community-repo</artifactId>
-    <version>23.6.0.14</version>
+    <version>23.6.0.17</version>
     <packaging>pom</packaging>
     <name>Alfresco Community Repo Parent</name>
 
@@ -154,7 +154,7 @@
         <connection>scm:git:https://github.com/Alfresco/alfresco-community-repo.git</connection>
         <developerConnection>scm:git:https://github.com/Alfresco/alfresco-community-repo.git</developerConnection>
         <url>https://github.com/Alfresco/alfresco-community-repo</url>
-        <tag>23.6.0.14</tag>
+        <tag>23.6.0.17</tag>
     </scm>
 
     <distributionManagement>

remote-api/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo</artifactId>
-        <version>23.6.0.14</version>
+        <version>23.6.0.17</version>
     </parent>
 
     <dependencies>

remote-api/src/main/resources/alfresco/templates/webscripts/org/alfresco/repository/forms/pickerresults.lib.ftl

@@ -40,6 +40,7 @@
 		"items":
 		[
 		<#list results as row>
+			<#if row.item.hasPermission("Read")>
 			{
 				"type": "${row.item.typeShort}",
 				"parentType": "${row.item.parentTypeShort!""}",
@@ -75,6 +76,7 @@
 				"nodeRef": "${row.item.nodeRef}"<#if row.selectable?exists>,
 				"selectable" : ${row.selectable?string}</#if>
 			}<#if row_has_next>,</#if>
+			</#if>
 		</#list>
 		]
 	}

repository/pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.alfresco</groupId>
         <artifactId>alfresco-community-repo</artifactId>
-        <version>23.6.0.14</version>
+        <version>23.6.0.17</version>
     </parent>
 
     <dependencies>