<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" version="2.0">
  <channel>
    <title>topic Run rules as system user in Alfresco Archive</title>
    <link>https://connect.hyland.com/t5/alfresco-archive/run-rules-as-system-user/m-p/223393#M176523</link>
    <description>&lt;HTML&gt;&lt;HEAD&gt;&lt;/HEAD&gt;&lt;BODY&gt;&lt;SPAN&gt;Is there an option to run rules as system user? I have the following use case:&lt;/SPAN&gt;&lt;BR /&gt;&lt;SPAN&gt;There is a Boss' Mail folder and nobody instead of the boss herself should see the contents of that folder. But some secretaries should be able to scan into that folder. &lt;/SPAN&gt;&lt;BR /&gt;&lt;SPAN&gt;I thought I:&lt;/SPAN&gt;&lt;BR /&gt;&lt;SPAN&gt;1. create a "For Boss" folder where secretaries can scan documents into and&lt;/SPAN&gt;&lt;BR /&gt;&lt;SPAN&gt;2. create a rule on that folder that moves all incoming items to the Boss' Mail folder.&lt;/SPAN&gt;&lt;BR /&gt;&lt;SPAN&gt;Now my problem is that the rule is run with the secretary user that has no access to the Boss' Mail folder and therefore the rule fails. I can't see any option to run the rule as system user. Can this be enabled? What alternatives do I have?&lt;/SPAN&gt;&lt;/BODY&gt;&lt;/HTML&gt;</description>
    <pubDate>Tue, 11 May 2010 10:03:15 GMT</pubDate>
    <dc:creator>sebp</dc:creator>
    <dc:date>2010-05-11T10:03:15Z</dc:date>
    <item>
      <title>Run rules as system user</title>
      <link>https://connect.hyland.com/t5/alfresco-archive/run-rules-as-system-user/m-p/223393#M176523</link>
      <description>Is there an option to run rules as system user? I have the following use case:There is a Boss' Mail folder and nobody instead of the boss herself should see the contents of that folder. But some secretaries should be able to scan into that folder. I thought I:1. create a "For Boss" folder where secr</description>
      <pubDate>Tue, 11 May 2010 10:03:15 GMT</pubDate>
      <guid>https://connect.hyland.com/t5/alfresco-archive/run-rules-as-system-user/m-p/223393#M176523</guid>
      <dc:creator>sebp</dc:creator>
      <dc:date>2010-05-11T10:03:15Z</dc:date>
    </item>
    <item>
      <title>Re: Run rules as system user</title>
      <link>https://connect.hyland.com/t5/alfresco-archive/run-rules-as-system-user/m-p/223394#M176524</link>
      <description>&lt;HTML&gt;&lt;HEAD&gt;&lt;/HEAD&gt;&lt;BODY&gt;&lt;SPAN&gt;The problem you have is one of ownership.&amp;nbsp; When the secretary adds the document, they own it, and thus have full rights to do whatever they want with it, even if a content rule moves it somewhere else.&amp;nbsp; Try executing a script (server side java script) that changes the ownership to a system user (perhaps one that you create that no human knows the password for).&lt;/SPAN&gt;&lt;/BODY&gt;&lt;/HTML&gt;</description>
      <pubDate>Thu, 13 May 2010 05:19:04 GMT</pubDate>
      <guid>https://connect.hyland.com/t5/alfresco-archive/run-rules-as-system-user/m-p/223394#M176524</guid>
      <dc:creator>brian_robinson</dc:creator>
      <dc:date>2010-05-13T05:19:04Z</dc:date>
    </item>
    <item>
      <title>Re: Run rules as system user</title>
      <link>https://connect.hyland.com/t5/alfresco-archive/run-rules-as-system-user/m-p/223395#M176525</link>
      <description>&lt;HTML&gt;&lt;HEAD&gt;&lt;/HEAD&gt;&lt;BODY&gt;&lt;SPAN&gt;Hi Brian, thanks for the reply. But the problem is that the rule can't move the content, since the rule is executed with the user rights of the secretary.&lt;/SPAN&gt;&lt;/BODY&gt;&lt;/HTML&gt;</description>
      <pubDate>Thu, 20 May 2010 09:24:04 GMT</pubDate>
      <guid>https://connect.hyland.com/t5/alfresco-archive/run-rules-as-system-user/m-p/223395#M176525</guid>
      <dc:creator>sebp</dc:creator>
      <dc:date>2010-05-20T09:24:04Z</dc:date>
    </item>
    <item>
      <title>Re: Run rules as system user</title>
      <link>https://connect.hyland.com/t5/alfresco-archive/run-rules-as-system-user/m-p/223396#M176526</link>
      <description>&lt;HTML&gt;&lt;HEAD&gt;&lt;/HEAD&gt;&lt;BODY&gt;&lt;SPAN&gt;There's no option in the UI to run an action as another user. That would be a security risk, I think.&lt;/SPAN&gt;&lt;BR /&gt;&lt;BR /&gt;&lt;SPAN&gt;But you can do it within the implementation of your action. If your action is Java-based (and it only works for Java-based actions) you need to wrap the copy code up in an AuthenticationUtil.runAs() call. Have a look at AbstractRenderingEngine.java (~line 400) for an example. It should look something like this:&lt;/SPAN&gt;&lt;BR /&gt;&lt;BR /&gt;&lt;PRE class="language-none line-numbers"&gt;&lt;CODE&gt;&lt;BR /&gt;AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork&amp;lt;Void&amp;gt;()&lt;BR /&gt;&amp;nbsp;&amp;nbsp; {&lt;BR /&gt;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp; public Void doWork() throws Exception&lt;BR /&gt;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp; {&lt;BR /&gt;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp; // Do your work here…&lt;BR /&gt;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp; return null;&lt;BR /&gt;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp; }&lt;BR /&gt;&amp;nbsp;&amp;nbsp; }, AuthenticationUtil.getSystemUserName());&lt;BR /&gt;&lt;SPAN class="line-numbers-rows"&gt;&lt;SPAN&gt;‍&lt;/SPAN&gt;&lt;SPAN&gt;‍&lt;/SPAN&gt;&lt;SPAN&gt;‍&lt;/SPAN&gt;&lt;SPAN&gt;‍&lt;/SPAN&gt;&lt;SPAN&gt;‍&lt;/SPAN&gt;&lt;SPAN&gt;‍&lt;/SPAN&gt;&lt;SPAN&gt;‍&lt;/SPAN&gt;&lt;SPAN&gt;‍&lt;/SPAN&gt;&lt;SPAN&gt;‍&lt;/SPAN&gt;&lt;SPAN&gt;‍&lt;/SPAN&gt;&lt;/SPAN&gt;&lt;/CODE&gt;&lt;/PRE&gt;&lt;SPAN&gt;But this is powerful code. The work being done within the doWork will be done as "system" with system privileges. You should do as little work as possible within that block - only the part that is strictly necessary. The rest can be done as the currently authenticated user in the normal way.&lt;/SPAN&gt;&lt;/BODY&gt;&lt;/HTML&gt;</description>
      <pubDate>Mon, 25 Oct 2010 11:15:17 GMT</pubDate>
      <guid>https://connect.hyland.com/t5/alfresco-archive/run-rules-as-system-user/m-p/223396#M176526</guid>
      <dc:creator>neilm</dc:creator>
      <dc:date>2010-10-25T11:15:17Z</dc:date>
    </item>
  </channel>
</rss>

