A thread runs with a wrong tenant and wrong user when

• a previous use of the thread sets the tenant and user

• the previous use of the thread doesn't clear tenant and user

• the current use of the thread doesn't set tenant and user.

beginFolioExecutionContext sets tenant and user.
endFolioExecutionContext clears tenant and user.

See the code in FolioExecutionScopeExecutionContextManager:
https://github.com/folio-org/folio-spring-base/blob/v6.0.1/src/main/java/org/folio/spring/scope/FolioExecutionScopeExecutionContextManager.java#L47-L69

Two options are available that enforce that beginFolioExecutionContext is called at the begin of some task and endFolioExecutionContext is always called afterwards:

https://github.com/folio-org/folio-spring-base/blob/v6.0.1/src/main/java/org/folio/spring/scope/FolioExecutionScopeExecutionContextManager.java#L71-L93

https://github.com/folio-org/folio-spring-base/blob/v6.0.1/src/main/java/org/folio/spring/scope/FolioExecutionContextSetter.java

Manually calling beginFolioExecutionContext and endFolioExecutionContext is error-prone because one or both of them can be forgotten. If forgotten the unit tests doesn't catch this. See two only recently fixed examples: , FOLSPRINGB-86.

To end the error-prone usage these two error-prone methods should become package-private.

Task:

• Make FolioExecutionScopeExecutionContextManager.beginFolioExecutionContext package-private.

(FolioExecutionScopeExecutionContextManager.endFolioExecutionContext can remain public to be available for cleaning the context in unit tests.)

This forces a review of all code that use it.
Most usages should switch to one of the secure methods shown above (runnable decorator, try-with-resources). A few remaining usages may use endFolioExecutionContext without try-with-resources. This triggers a sonar warning that the closable is not closed. And this code should undergo regular code review (for example once per flower release).