-
Type:
Bug
-
Status: Resolved
-
Priority:
Critical
-
Resolution: Fixed
-
Affects Version/s: 9.10, 10.10
-
Fix Version/s: 9.10-HF33, 10.10-HF08, 11.1, 2021.0
-
Component/s: Workflow
When a task is assigned, temporary ACLs are applied to the document to grant access the task actor. A call to session.saveDocument() is done, this is unnecessary, and it generates inappropriate beforeDocumentModification, documentModified, ... events. This inadvertently calls customer-defined event handlers, event listeners, ..., and can lead to unexpected behaviors.
I found 3 instances of this faulty implementation here:
- https://github.com/nuxeo/nuxeo/blob/70db42335c3e30ea05312858e445cc601a26d51d/addons/nuxeo-platform-document-routing/nuxeo-routing-core/src/main/java/org/nuxeo/ecm/platform/routing/core/impl/DocumentRoutingServiceImpl.java#L918
- https://github.com/nuxeo/nuxeo/blob/70db42335c3e30ea05312858e445cc601a26d51d/addons/nuxeo-platform-document-routing/nuxeo-routing-core/src/main/java/org/nuxeo/ecm/platform/routing/core/impl/DocumentRoutingServiceImpl.java#L939
- https://github.com/nuxeo/nuxeo/blob/70db42335c3e30ea05312858e445cc601a26d51d/addons/nuxeo-platform-document-routing/nuxeo-routing-core/src/main/java/org/nuxeo/ecm/platform/routing/core/impl/DocumentRoutingServiceImpl.java#L1306
But other instances can exist.
See the history of a document below, when a task is assigned or completed (standard workflow Serial document review), the Rights assigned entries are immediately followed a Modification entry (the document is actually updated):
