A thread runs with a wrong tenant and wrong user when
- a previous use of the thread sets the tenant and user
- the previous use of the thread doesn't clear tenant and user
- the current use of the thread doesn't set tenant and user.
beginFolioExecutionContext sets tenant and user.
endFolioExecutionContext clears tenant and user.
See the code in FolioExecutionScopeExecutionContextManager:
Two options are available that enforce that beginFolioExecutionContext is called at the begin of some task and endFolioExecutionContext is always called afterwards:
Manually calling beginFolioExecutionContext and endFolioExecutionContext is error-prone because one or both of them can be forgotten. If forgotten the unit tests doesn't catch this. See two only recently fixed examples:
To end the error-prone usage these two error-prone methods should become package-private.
- Make FolioExecutionScopeExecutionContextManager.beginFolioExecutionContext package-private.
(FolioExecutionScopeExecutionContextManager.endFolioExecutionContext can remain public to be available for cleaning the context in unit tests.)
This forces a review of all code that use it.
Most usages should switch to one of the secure methods shown above (runnable decorator, try-with-resources). A few remaining usages may use endFolioExecutionContext without try-with-resources. This triggers a sonar warning that the closable is not closed. And this code should undergo regular code review (for example once per flower release).