Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Run rules as system user

sebp
Champ in-the-making
Champ in-the-making

‎05-11-2010 06:03 AM

Is there an option to run rules as system user? I have the following use case:
There is a Boss' Mail folder and nobody instead of the boss herself should see the contents of that folder. But some secretaries should be able to scan into that folder.
I thought I:
1. create a "For Boss" folder where secretaries can scan documents into and
2. create a rule on that folder that moves all incoming items to the Boss' Mail folder.
Now my problem is that the rule is run with the secretary user that has no access to the Boss' Mail folder and therefore the rule fails. I can't see any option to run the rule as system user. Can this be enabled? What alternatives do I have?
Labels:
0 Kudos
3 REPLIES 3

brian_robinson
Champ in-the-making
Champ in-the-making

‎05-13-2010 01:19 AM

The problem you have is one of ownership.  When the secretary adds the document, they own it, and thus have full rights to do whatever they want with it, even if a content rule moves it somewhere else.  Try executing a script (server side java script) that changes the ownership to a system user (perhaps one that you create that no human knows the password for).
0 Kudos

sebp
Champ in-the-making
Champ in-the-making

‎05-20-2010 05:24 AM

Hi Brian, thanks for the reply. But the problem is that the rule can't move the content, since the rule is executed with the user rights of the secretary.
0 Kudos

neilm
Champ in-the-making
Champ in-the-making

‎10-25-2010 07:15 AM

There's no option in the UI to run an action as another user. That would be a security risk, I think.

But you can do it within the implementation of your action. If your action is Java-based (and it only works for Java-based actions) you need to wrap the copy code up in an AuthenticationUtil.runAs() call. Have a look at AbstractRenderingEngine.java (~line 400) for an example. It should look something like this:


AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Void>()
   {
      public Void doWork() throws Exception
         {
            // Do your work here…
            return null;
         }
   }, AuthenticationUtil.getSystemUserName());
But this is powerful code. The work being done within the doWork will be done as "system" with system privileges. You should do as little work as possible within that block - only the part that is strictly necessary. The rest can be done as the currently authenticated user in the normal way.
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC