Removed WorkspaceConfig related REST API (eclipse-che#17682)

* Removed WorkspaceConfig related REST API Signed-off-by: Sergii Kabashniuk <skabashniuk@redhat.com>
xiaochen2050 · Sep 1, 2020 · e547520 · e547520
1 parent 7fe6411
commit e547520
Show file tree

Hide file tree

Showing 15 changed files with 17 additions and 2,012 deletions.
diff --git a/assembly/assembly-wsmaster-war/pom.xml b/assembly/assembly-wsmaster-war/pom.xml
@@ -291,10 +291,6 @@
             <groupId>org.eclipse.che.multiuser</groupId>
             <artifactId>che-multiuser-permission-devfile</artifactId>
         </dependency>
-        <dependency>
-            <groupId>org.eclipse.che.multiuser</groupId>
-            <artifactId>che-multiuser-permission-factory</artifactId>
-        </dependency>
         <dependency>
             <groupId>org.eclipse.che.multiuser</groupId>
             <artifactId>che-multiuser-permission-logger</artifactId>

diff --git a/assembly/assembly-wsmaster-war/src/main/java/org/eclipse/che/api/deploy/WsMasterModule.java b/assembly/assembly-wsmaster-war/src/main/java/org/eclipse/che/api/deploy/WsMasterModule.java
@@ -358,7 +358,6 @@ private void configureMultiUserMode(
     bind(org.eclipse.che.multiuser.permission.user.UserServicePermissionsFilter.class);
     bind(org.eclipse.che.multiuser.permission.logger.LoggerServicePermissionsFilter.class);
 
-    bind(org.eclipse.che.multiuser.permission.factory.FactoryPermissionsFilter.class);
     bind(org.eclipse.che.multiuser.permission.devfile.DevfilePermissionsFilter.class);
     bind(org.eclipse.che.multiuser.permission.workspace.activity.ActivityPermissionsFilter.class);
     bind(AdminPermissionInitializer.class).asEagerSingleton();

diff --git a/.../main/java/org/eclipse/che/multiuser/machine/authentication/server/MachineAuthModule.java b/.../main/java/org/eclipse/che/multiuser/machine/authentication/server/MachineAuthModule.java
@@ -52,28 +52,15 @@ protected void configure() {
         .addBinding()
         .toInstance(
             new MachineAuthenticatedResource(
-                "/workspace",
-                "getByKey",
-                "addProject",
-                "updateProject",
-                "deleteProject",
-                "getSettings",
-                "update",
-                "stop"));
+                "/workspace", "getByKey", "getSettings", "update", "stop"));
     machineAuthenticatedResources
         .addBinding()
         .toInstance(
             new MachineAuthenticatedResource(
                 "/ssh", "getPair", "generatePair", "createPair", "getPairs", "removePair"));
     machineAuthenticatedResources
         .addBinding()
-        .toInstance(
-            new MachineAuthenticatedResource(
-                "/factory",
-                "getFactoryJson",
-                "getFactory",
-                "getFactoryByAttribute",
-                "resolveFactory"));
+        .toInstance(new MachineAuthenticatedResource("/factory", "resolveFactory"));
     machineAuthenticatedResources
         .addBinding()
         .toInstance(

diff --git a/...org/eclipse/che/multiuser/machine/authentication/server/MachineTokenAccessFilterTest.java b/...org/eclipse/che/multiuser/machine/authentication/server/MachineTokenAccessFilterTest.java
@@ -19,7 +19,6 @@
 import java.util.Collections;
 import org.eclipse.che.api.core.ForbiddenException;
 import org.eclipse.che.api.workspace.server.WorkspaceService;
-import org.eclipse.che.api.workspace.shared.dto.ProjectConfigDto;
 import org.eclipse.che.commons.env.EnvironmentContext;
 import org.eclipse.che.multiuser.api.permission.server.AuthorizedSubject;
 import org.everrest.core.impl.resource.PathValue;
@@ -48,9 +47,7 @@ public class MachineTokenAccessFilterTest {
   private void setUp() {
     filter =
         new MachineTokenAccessFilter(
-            Collections.singleton(
-                new MachineAuthenticatedResource(
-                    "/workspace", "getByKey", "addProject", "updateProject", "deleteProject")));
+            Collections.singleton(new MachineAuthenticatedResource("/workspace", "getByKey")));
   }
 
   @Test
@@ -61,22 +58,6 @@ public void shouldNotLimitAccessIfSubjectIsNotMachineAuthorized() throws Excepti
     verifyZeroInteractions(genericMethodResource);
   }
 
-  @Test
-  public void shouldNotLimitAccessIfMethodIsAllowed() throws Exception {
-    when(environmentContext.getSubject()).thenReturn(machineTokenAuthorizedSubject);
-    EnvironmentContext.setCurrent(environmentContext);
-    Method method =
-        WorkspaceService.class.getMethod(
-            "updateProject", String.class, String.class, ProjectConfigDto.class);
-    ResourceDescriptor descriptor = mock(ResourceDescriptor.class);
-    PathValue pathValue = mock(PathValue.class);
-    when(genericMethodResource.getMethod()).thenReturn(method);
-    when(descriptor.getPathValue()).thenReturn(pathValue);
-    when(genericMethodResource.getParentResource()).thenReturn(descriptor);
-    when(pathValue.getPath()).thenReturn("/workspace");
-    filter.filter(genericMethodResource, new Object[] {});
-  }
-
   @Test(expectedExceptions = ForbiddenException.class)
   public void shouldLimitAccessIfMethodIsNotAllowed() throws Exception {
     when(environmentContext.getSubject()).thenReturn(machineTokenAuthorizedSubject);

diff --git a/.../test/java/org/eclipse/che/multiuser/permission/factory/FactoryPermissionsFilterTest.java b/.../test/java/org/eclipse/che/multiuser/permission/factory/FactoryPermissionsFilterTest.java
@@ -72,117 +72,6 @@ public class FactoryPermissionsFilterTest {
 
   @InjectMocks private FactoryPermissionsFilter permissionsFilter;
 
-  @Test
-  public void shouldCheckPermissionsOnGettingFactoryJsonByWorkspaceId() throws Exception {
-    final Response response =
-        given()
-            .auth()
-            .basic(ADMIN_USER_NAME, ADMIN_USER_PASSWORD)
-            .when()
-            .get(SECURE_PATH + "/factory/workspace/workspace123");
-
-    assertEquals(response.getStatusCode(), 204);
-    verify(service).getFactoryJson(eq("workspace123"), nullable(String.class));
-    verify(subject).checkPermission(DOMAIN_ID, "workspace123", READ);
-  }
-
-  @Test
-  public void shouldReturnForbiddenWhenUserDoesHavePermissionsToReadWorkspaceOnGettingFactoryJson()
-      throws Exception {
-    doThrow(new ForbiddenException("User in not authorized"))
-        .when(subject)
-        .checkPermission(anyString(), anyString(), anyString());
-
-    final Response response =
-        given()
-            .auth()
-            .basic(ADMIN_USER_NAME, ADMIN_USER_PASSWORD)
-            .when()
-            .get(SECURE_PATH + "/factory/workspace/workspace123");
-
-    assertEquals(response.getStatusCode(), 403);
-  }
-
-  @Test
-  public void shouldMakeSureThatUserIsCreatorOnUpdatingFactory() throws Exception {
-    doReturn("user123").when(subject).getUserId();
-
-    Factory factory = mock(Factory.class);
-    doReturn(new AuthorImpl("user123", 12345L)).when(factory).getCreator();
-    when(factoryManager.getById("factory123")).thenReturn(factory);
-
-    final Response response =
-        given()
-            .auth()
-            .basic(ADMIN_USER_NAME, ADMIN_USER_PASSWORD)
-            .contentType("application/json")
-            .body(DtoFactory.newDto(FactoryDto.class))
-            .when()
-            .put(SECURE_PATH + "/factory/factory123");
-
-    assertEquals(response.getStatusCode(), 204);
-    verify(service).updateFactory(eq("factory123"), any(FactoryDto.class));
-  }
-
-  @Test
-  public void shouldReturnForbiddenWhenUserIsNotCreatorOnUpdatingFactory() throws Exception {
-    doReturn("user321").when(subject).getUserId();
-
-    Factory factory = mock(Factory.class);
-    doReturn(new AuthorImpl("user123", 12345L)).when(factory).getCreator();
-    when(factoryManager.getById("factory123")).thenReturn(factory);
-
-    final Response response =
-        given()
-            .auth()
-            .basic(ADMIN_USER_NAME, ADMIN_USER_PASSWORD)
-            .contentType("application/json")
-            .body(DtoFactory.newDto(FactoryDto.class))
-            .when()
-            .put(SECURE_PATH + "/factory/factory123");
-
-    assertEquals(response.getStatusCode(), 403);
-    verify(service, never()).updateFactory(any(), any());
-  }
-
-  @Test
-  public void shouldMakeSureThatUserIsCreatorOnRemovingFactory() throws Exception {
-    doReturn("user123").when(subject).getUserId();
-
-    Factory factory = mock(Factory.class);
-    doReturn(new AuthorImpl("user123", 12345L)).when(factory).getCreator();
-    when(factoryManager.getById("factory123")).thenReturn(factory);
-
-    final Response response =
-        given()
-            .auth()
-            .basic(ADMIN_USER_NAME, ADMIN_USER_PASSWORD)
-            .when()
-            .delete(SECURE_PATH + "/factory/factory123");
-
-    assertEquals(response.getStatusCode(), 204);
-    verify(service).removeFactory(eq("factory123"));
-  }
-
-  @Test
-  public void shouldReturnForbiddenWhenUserIsNotCreatorOnRemovingForeignFactory() throws Exception {
-    doReturn("user321").when(subject).getUserId();
-
-    Factory factory = mock(Factory.class);
-    doReturn(new AuthorImpl("user123", 12345L)).when(factory).getCreator();
-    when(factoryManager.getById("factory123")).thenReturn(factory);
-
-    final Response response =
-        given()
-            .auth()
-            .basic(ADMIN_USER_NAME, ADMIN_USER_PASSWORD)
-            .when()
-            .delete(SECURE_PATH + "/factory/factory123");
-
-    assertEquals(response.getStatusCode(), 403);
-    verify(service, never()).removeFactory(any());
-  }
-
   @Test(dataProvider = "publicMethods")
   public void shouldDoNothingWhenPublicMethodMethodIsCalled(String name, Class[] parameterTypes)
       throws Exception {
@@ -196,10 +85,8 @@ public void shouldDoNothingWhenPublicMethodMethodIsCalled(String name, Class[] p
   @DataProvider(name = "publicMethods")
   public Object[][] publicMethods() {
     return new Object[][] {
-      {"saveFactory", new Class[] {FactoryDto.class}},
-      {"getFactory", new Class[] {String.class, Boolean.class}},
+
       {"resolveFactory", new Class[] {Map.class, Boolean.class}},
-      {"getFactoryByAttribute", new Class[] {Integer.class, Integer.class, UriInfo.class}},
     };
   }
 

diff --git a/...eclipse/che/multiuser/permission/workspace/server/filters/WorkspacePermissionsFilter.java b/...eclipse/che/multiuser/permission/workspace/server/filters/WorkspacePermissionsFilter.java
@@ -101,12 +101,6 @@ public void filter(GenericResourceMethod genericResourceMethod, Object[] argumen
           return;
         }
 
-      case "startFromConfig":
-        {
-          checkAccountPermissions((String) arguments[2], AccountOperation.CREATE_WORKSPACE);
-          return;
-        }
-
       case "delete":
         key = ((String) arguments[0]);
         action = DELETE;
@@ -126,22 +120,11 @@ public void filter(GenericResourceMethod genericResourceMethod, Object[] argumen
         if (superPrivilegesChecker.hasSuperPrivileges()) {
           return;
         }
-        // fall through
-      case "checkAgentHealth":
         key = ((String) arguments[0]);
         action = READ;
         break;
 
       case "update":
-      case "addProject":
-      case "deleteProject":
-      case "updateProject":
-      case "addEnvironment":
-      case "deleteEnvironment":
-      case "updateEnvironment":
-      case "addCommand":
-      case "deleteCommand":
-      case "updateCommand":
         key = ((String) arguments[0]);
         action = CONFIGURE;
         break;