You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I noticed when a code is run with the System security context, the cm:modifier property will be changed to "System" when the thumbnail is generated, or will change to the currently authenticated user when the thumbnail is not generated.
Sample code:
try {
AuthenticationUtil.setRunAsUserSystem();
FileUtils.copySourceContent(sourceRef, destRef, contentService); // sample method which copies PROP_CONTENT from sourceRef to destRef using ContentReader and ContentWriter
} finally {
AuthenticationUtil.clearCurrentSecurityContext();
}
Example No 1. File sample.pdf (pdf is supported by the renditionService) after executing this code as the test user will have cm:modifier set to "System"
Example No 2. File test.dwg (dwg is not supported by the renditionService ) after execution this code as the test user will have cm:modifier set to "test"
When debugging I can see my code is executed as the "test" ( getFullyAuthenticatedUser() ) with the "System" security content ( getRunAsUser() ) BUT the code creating a thumbnail ( processEvent() in the RenditionEventProcessor.java, onContentUpdate(), requestAsyncTransformOrRendition() in the RenditionService2Impl.java, consume(), consumeRendition(),setThumbnailLastModified()) is executed as the "System".
I suppose there is a bug in the 135 line of RenditionEventProcessor.java where we should get the authenticatedUser instead of the executingUser.
The commit introducing this issue: 65a35ba by @cristianturlica
In the RenditionEventProcessor::processEvent() the Context is null so we have to read authenticatedUser and executingUser from the event. Currently only executingUser is read and authenticatedUser is missed
The text was updated successfully, but these errors were encountered:
I noticed when a code is run with the System security context, the cm:modifier property will be changed to "System" when the thumbnail is generated, or will change to the currently authenticated user when the thumbnail is not generated.
Sample code:
Example No 1. File sample.pdf (pdf is supported by the renditionService) after executing this code as the test user will have cm:modifier set to "System"
Example No 2. File test.dwg (dwg is not supported by the renditionService ) after execution this code as the test user will have cm:modifier set to "test"
When debugging I can see my code is executed as the "test" ( getFullyAuthenticatedUser() ) with the "System" security content ( getRunAsUser() ) BUT the code creating a thumbnail ( processEvent() in the RenditionEventProcessor.java, onContentUpdate(), requestAsyncTransformOrRendition() in the RenditionService2Impl.java, consume(), consumeRendition(),setThumbnailLastModified()) is executed as the "System".
I suppose there is a bug in the 135 line of RenditionEventProcessor.java where we should get the authenticatedUser instead of the executingUser.
The commit introducing this issue: 65a35ba by @cristianturlica
In the RenditionEventProcessor::processEvent() the Context is null so we have to read authenticatedUser and executingUser from the event. Currently only executingUser is read and authenticatedUser is missed
The text was updated successfully, but these errors were encountered: