Download as Zip for non admin users adds content type download:download to a new System Downloads folder with random guid that never gets cleaned up by Download Cleaner
[Steps to reproduce]
- Log into Share as a non-admin user
- Do a "Download as Zip" action against a folder
- In Node Browser, navigate to workspace://SpacesStore -> /sys:system
- A new temporary content of type download:download gets added to System Downloads folder (sys:downloads) of workspace://SpacesStore/downloads_container
- The temporary content gets cleaned up by the Download Cleaner at a scheduled time later in the day (runs every hour)
- A new temporary content of type download:download gets added to a new System Downloads folder (sys:downloads) created on-the-fly with a random guild such as workspace://SpacesStore/9d98ead7-f99f-4aff-bfb3-0c296be50e52
- The temporary content never gets cleaned up by the Download Cleaner at a scheduled time
Non-admin users don't have read permission to the original System Downloads folder (sys:downloads of workspace://SpacesStore/downloads_container) created by the system at first-time bootstrap, so when the user downloads a folder as zip and calls the method getOrCreateSystemChildContainer(..) of SystemNodeUtils.java, he doesn't have permission to see the original folder and hence the code tries to create a new folder as a fail-safe to ensure the System Downloads folder exists and the file can be written somewhere.
When the Download Cleaner (runs as system user) comes around to clean the temporary file, it sees two System Downloads folders (the original one and the new one) but only cleans the first one it sees, which happens to be the original one and never cleans the one created by the non-admin user.
The reason that Download Cleaner only cleans one of the two folders is because getSystemChildContainer method of SystemNodeUtils.java only returns the first node in the containerRefs list that it finds:
Throughout time, the repository will grow indefinitely and run out of disk space.
The Node Browser shows the original System Downloads folder (workspace://SpacesStore/downloads_container) having the following permissions:
The System Downloads folder with the random UUID has the following permissions:
The original folder is created by ACS using this config: downloadsSpace.xml
Please fix this on two fronts:
- For fresh installations, modifying permissions setting in downloadsSpace.xml
- For upgraded systems, modify the Download Cleaner to delete temporary files in both System Downloads folders (the one with GUID and the original one workspace://SpacesStore/downloads_container).
For testing purpose, use the following setting to run the Download Cleaner every 30 seconds, change it to your needs: