CODENVY-480 Remove user's roles

core/che-core-api-core/src/main/java/org/eclipse/che/everrest/ServerContainerInitializeListener.java

@@ -202,7 +202,7 @@ public Principal getUserPrincipal() {
 
             @Override
             public boolean isUserInRole(String role) {
-                return subject.isMemberOf(role);
+                return false;
             }
 
             @Override

core/che-core-api-core/src/test/java/org/eclipse/che/api/core/rest/DefaultHttpJsonRequestTest.java

@@ -74,7 +74,7 @@ public class DefaultHttpJsonRequestTest {
     private static final ApiExceptionMapper EXCEPTION_MAPPER = new ApiExceptionMapper();
     @SuppressWarnings("unused") // used by EverrestJetty
     private static final TestService        TEST_SERVICE     = new TestService();
-    private static final Subject            TEST_SUBJECT     = new SubjectImpl("name", "id", "token", null, false);
+    private static final Subject            TEST_SUBJECT     = new SubjectImpl("name", "id", "token", false);
     private static final String             DEFAULT_URL      = "http://localhost:8080";
 
     @Captor

core/commons/che-core-commons-env/src/main/java/org/eclipse/che/commons/subject/Subject.java

@@ -31,19 +31,14 @@ public String getUserName() {
             return "Anonymous";
         }
 
-        @Override
-        public boolean isMemberOf(String role) {
-            return false;
-        }
-
         @Override
         public boolean hasPermission(String domain, String instance, String action) {
             return false;
         }
 
         @Override
         public void checkPermission(String domain, String instance, String action) throws ForbiddenException {
-
+            throw new ForbiddenException("User is not authorized to perform " + action + " of " + domain + " with id '" + instance + "'");
         }
 
         @Override
@@ -71,15 +66,6 @@ public boolean isTemporary() {
      */
     String getUserName();
 
-    /**
-     * Checks is subject in specified {@code role}.
-     *
-     * @param role
-     *         role name to check
-     * @return {@code true} if subject in role and {@code false} otherwise
-     */
-    boolean isMemberOf(String role);
-
     /**
      * Checks does subject have specified permission.
      *

core/commons/che-core-commons-env/src/main/java/org/eclipse/che/commons/subject/SubjectImpl.java

@@ -11,56 +11,31 @@
 package org.eclipse.che.commons.subject;
 
 import javax.ws.rs.ForbiddenException;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.LinkedHashSet;
-import java.util.Set;
+import java.util.Objects;
 
 /**
  * Base implementation of {@link Subject}.
  *
  * @author andrew00x
  */
 public class SubjectImpl implements Subject {
-    private final String      name;
-    private final Set<String> roles;
-    private final String      token;
-    private final String      id;
-    private final boolean     isTemporary;
+    private final String  id;
+    private final String  name;
+    private final String  token;
+    private final boolean isTemporary;
 
-    public SubjectImpl(String name, String id, String token, Collection<String> roles, boolean isTemporary) {
+    public SubjectImpl(String name, String id, String token, boolean isTemporary) {
         this.name = name;
         this.id = id;
         this.token = token;
         this.isTemporary = isTemporary;
-        this.roles = roles == null ? Collections.<String>emptySet() : Collections.unmodifiableSet(new LinkedHashSet<>(roles));
-    }
-
-    @Deprecated
-    public SubjectImpl(String name, String id, String token, Collection<String> roles) {
-        this(name, id, token, roles, false);
-    }
-
-    @Deprecated
-    public SubjectImpl(String name, String token, Collection<String> roles) {
-        this(name, null, token, roles);
-    }
-
-    @Deprecated
-    public SubjectImpl(String name) {
-        this(name, null, null);
     }
 
     @Override
     public String getUserName() {
         return name;
     }
 
-    @Override
-    public boolean isMemberOf(String role) {
-        return roles.contains(role);
-    }
-
     @Override
     public boolean hasPermission(String domain, String instance, String action) {
         return false;
@@ -87,40 +62,35 @@ public boolean isTemporary() {
     }
 
     @Override
-    public boolean equals(Object o) {
-        if (this == o) return true;
-        if (o == null || getClass() != o.getClass()) return false;
-
-        SubjectImpl user = (SubjectImpl)o;
+    public boolean equals(Object obj) {
+        if (this == obj) return true;
+        if (!(obj instanceof SubjectImpl)) return false;
 
-        if (isTemporary != user.isTemporary) return false;
-        if (id != null ? !id.equals(user.id) : user.id != null) return false;
-        if (name != null ? !name.equals(user.name) : user.name != null) return false;
-        if (roles != null ? !roles.equals(user.roles) : user.roles != null) return false;
-        if (token != null ? !token.equals(user.token) : user.token != null) return false;
+        SubjectImpl other = (SubjectImpl)obj;
 
-        return true;
+        return Objects.equals(id, other.id)
+               && Objects.equals(name, other.name)
+               && Objects.equals(token, other.token)
+               && isTemporary == other.isTemporary;
     }
 
     @Override
     public int hashCode() {
-        int result = name != null ? name.hashCode() : 0;
-        result = 31 * result + (roles != null ? roles.hashCode() : 0);
-        result = 31 * result + (token != null ? token.hashCode() : 0);
-        result = 31 * result + (id != null ? id.hashCode() : 0);
-        result = 31 * result + (isTemporary ? 1 : 0);
-        return result;
+        int hash = 7;
+        hash = 31 * hash + Objects.hashCode(id);
+        hash = 31 * hash + Objects.hashCode(name);
+        hash = 31 * hash + Objects.hashCode(token);
+        hash = 31 * hash + Boolean.hashCode(isTemporary);
+        return hash;
     }
 
     @Override
     public String toString() {
-        final StringBuilder sb = new StringBuilder("UserImpl{");
-        sb.append("name='").append(name).append('\'');
-        sb.append(", roles=").append(roles);
-        sb.append(", token='").append(token).append('\'');
-        sb.append(", id='").append(id).append('\'');
-        sb.append(", isTemporary=").append(isTemporary);
-        sb.append('}');
-        return sb.toString();
+        return "UserImpl{" +
+               "id='" + id + '\'' +
+               ", name='" + name + '\'' +
+               ", token='" + token + '\'' +
+               ", isTemporary=" + isTemporary +
+               '}';
     }
 }

core/commons/che-core-commons-env/src/test/java/org/eclipse/che/commons/env/EnvironmentContextTest.java

@@ -14,8 +14,6 @@
 import org.eclipse.che.commons.subject.SubjectImpl;
 import org.testng.annotations.Test;
 
-import java.util.Collections;
-
 import static org.testng.Assert.assertEquals;
 import static org.testng.Assert.assertFalse;
 import static org.testng.Assert.assertTrue;
@@ -28,7 +26,7 @@ public void shouldBeAbleToSetEnvContextInSameThread() {
         EnvironmentContext expected = EnvironmentContext.getCurrent();
         expected.setWorkspaceId("ws1");
         expected.setWorkspaceTemporary(true);
-        expected.setSubject(new SubjectImpl("user", "id", "token", Collections.singleton("role"), false));
+        expected.setSubject(new SubjectImpl("user", "id", "token", false));
 
         EnvironmentContext actual = EnvironmentContext.getCurrent();
         assertEquals(actual.getWorkspaceId(), "ws1");
@@ -37,7 +35,6 @@ public void shouldBeAbleToSetEnvContextInSameThread() {
         assertEquals(actualSubject.getUserName(), "user");
         assertEquals(actualSubject.getUserId(), "id");
         assertEquals(actualSubject.getToken(), "token");
-        assertTrue(actualSubject.isMemberOf("role"));
         assertFalse(actualSubject.isTemporary());
     }
 
@@ -47,11 +44,10 @@ public void shouldNotBeAbleToSeeContextInOtherThread() {
         final EnvironmentContext expected = EnvironmentContext.getCurrent();
         expected.setWorkspaceId("ws1");
         expected.setWorkspaceTemporary(true);
-        expected.setSubject(new SubjectImpl("user", "id", "token", Collections.singleton("role"), false));
-
+        expected.setSubject(new SubjectImpl("user", "id", "token", false));
 
 
-        Thread otherThread = new Thread(){
+        Thread otherThread = new Thread() {
             @Override
             public void run() {
                 EnvironmentContext.getCurrent();

dashboard/src/components/api/che-user.factory.js

@@ -161,6 +161,7 @@ export class CheUser {
     return promise;
   }
 
+  //TODO Remove
   fetchIsUserInRole(role, scope, scopeId) {
     let promise = this.remoteUserAPI.inRole({role: role, scope: scope, scopeId: scopeId}).$promise;
     let parsedResultPromise = promise.then((userInRole) => {
@@ -175,6 +176,7 @@ export class CheUser {
    * Check if useris admin or not by checking the system admin role
    * @returns {*}
    */
+  //TODO Remove
   isAdmin() {
     let userInRole = this.isUserInRoleMap.get('system/admin:');
     return userInRole && userInRole.isInRole;
@@ -184,6 +186,7 @@ export class CheUser {
    * Check if user is user or not by checking the user role
    * @returns {*}
    */
+    //TODO Remove
   isUser() {
     let userInRole = this.isUserInRoleMap.get('system/user:');
     return userInRole && userInRole.isInRole;

plugins/plugin-docker/che-plugin-docker-machine/src/test/java/org/eclipse/che/plugin/docker/machine/DockerInstanceProviderTest.java

@@ -135,7 +135,7 @@ public void setUp() throws Exception {
                                                                 SNAPSHOT_USE_REGISTRY));
 
         EnvironmentContext envCont = new EnvironmentContext();
-        envCont.setSubject(new SubjectImpl(USER_NAME, "userId", USER_TOKEN, null, false));
+        envCont.setSubject(new SubjectImpl(USER_NAME, "userId", USER_TOKEN, false));
         envCont.setWorkspaceId(WORKSPACE_ID);
         EnvironmentContext.setCurrent(envCont);
 

plugins/plugin-java/che-plugin-java-ext-lang-server/src/test/java/org/eclipse/che/plugin/java/server/che/DummyProjectManager.java

@@ -29,13 +29,12 @@ public class DummyProjectManager /*implements ProjectManager*/ {
 
 
     final String      vfsUser       = "dev";
-    final Set<String> vfsUserGroups = new LinkedHashSet<>(Arrays.asList("workspace/developer"));
 //    private final LocalFileSystemProvider localFileSystemProvider;
 
     public DummyProjectManager(String workspacePath, EventService eventService) {
 
         EnvironmentContext context = new EnvironmentContext();
-        context.setSubject(new SubjectImpl(vfsUser, "", "", vfsUserGroups, false));
+        context.setSubject(new SubjectImpl(vfsUser, "", "", false));
         EnvironmentContext.setCurrent(context);
 //        localFileSystemProvider = new LocalFileSystemProvider("", new LocalFSMountStrategy() {
 //            @Override

plugins/plugin-java/che-plugin-java-ext-lang-server/src/test/java/org/eclipse/che/plugin/java/server/jdt/CompletionJavadocTest.java

@@ -38,11 +38,8 @@
 import org.junit.Test;
 
 import java.util.ArrayList;
-import java.util.Arrays;
 import java.util.Collections;
-import java.util.LinkedHashSet;
 import java.util.List;
-import java.util.Set;
 
 import static org.mockito.Mockito.doReturn;
 import static org.mockito.Mockito.mock;
@@ -52,8 +49,7 @@
  */
 public class CompletionJavadocTest extends QuickFixTest {
 
-    final String      vfsUser       = "dev";
-    final Set<String> vfsUserGroups = new LinkedHashSet<>(Arrays.asList("workspace/developer"));
+    final String vfsUser = "dev";
     private IJavaProject         fJProject1;
     private IPackageFragmentRoot fSourceFolder;
 
@@ -87,7 +83,7 @@ public void setUp() throws Exception {
         super.setUp();
         EnvironmentContext customEnvironment = mock(EnvironmentContext.class);
         doReturn("1q2w3e").when(customEnvironment).getWorkspaceId();
-        doReturn(new SubjectImpl(vfsUser, "", "", vfsUserGroups, false)).when(customEnvironment).getSubject();
+        doReturn(new SubjectImpl(vfsUser, "", "", false)).when(customEnvironment).getSubject();
         EnvironmentContext.setCurrent(customEnvironment);
         fJProject1 = Java18ProjectTestSetup.getProject();
         fSourceFolder = JavaProjectHelper.addSourceContainer(fJProject1, "src");

plugins/plugin-maven/che-plugin-maven-server/src/test/java/org/eclipse/che/plugin/maven/server/projecttype/handler/SimpleGeneratorStrategyTest.java

@@ -105,7 +105,6 @@ public void testGeneratingProject() throws Exception {
 
     private void prepareProject() throws Exception {
         final String vfsUser = "dev";
-        final Set<String> vfsUserGroups = new LinkedHashSet<>(Collections.singletonList("workspace/developer"));
 
         Set<ProjectTypeDef> pts = new HashSet<>();
         final ProjectTypeDef pt = new ProjectTypeDef("mytype", "mytype type", true, false) {

plugins/plugin-svn/che-plugin-svn-ext-server/src/test/java/org/eclipse/che/plugin/svn/server/utils/TestUtils.java

@@ -47,7 +47,6 @@
 import java.io.File;
 import java.io.IOException;
 import java.util.ArrayList;
-import java.util.Arrays;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
@@ -166,8 +165,7 @@ public static void handleCLIResult(final CommandLineResult result) throws Except
      */
     public static void createTestUser(final UserProfileDao userProfileDao) throws Exception {
         // set current user
-        EnvironmentContext.getCurrent().setSubject(new SubjectImpl("codenvy", "codenvy", null,
-                                                                   Arrays.asList("workspace/developer"), false));
+        EnvironmentContext.getCurrent().setSubject(new SubjectImpl("codenvy", "codenvy", null, false));
 
         // rules for mock
         final Map<String, String> profileAttributes = new HashMap<>();
@@ -196,7 +194,7 @@ public static File createGreekTreeRepository() throws Exception {
         wcRoot.deleteOnExit();
 
         // Create the repository
-        final CommandLineResult result = UpstreamUtils.executeCommandLine(null, "svnadmin", new String[]{
+        final CommandLineResult result = UpstreamUtils.executeCommandLine(null, "svnadmin", new String[] {
                 "create",
                 repoRoot.getAbsolutePath()
         }, -1, repoRoot);

wsagent/che-core-api-git/src/test/java/org/eclipse/che/git/impl/GitTestUtil.java

@@ -64,7 +64,7 @@ public static void cleanupTestRepo(File testRepo) {
     }
 
     public static GitConnection getTestUserConnection(GitConnectionFactory connectionFactory, File repository) throws GitException {
-        EnvironmentContext.getCurrent().setSubject(new SubjectImpl("codenvy", "codenvy", null, Arrays.asList("workspace/developer"), false));
+        EnvironmentContext.getCurrent().setSubject(new SubjectImpl("codenvy", "codenvy", null, false));
         return connectionFactory.getConnection(repository, NULL);
     }
 

wsagent/che-core-api-project/src/test/java/org/eclipse/che/api/project/server/ProjectServiceTest.java

@@ -377,7 +377,7 @@ public void testGetNotValidProject() throws Exception {
     @Test
     public void testGetProjectCheckUserPermissions() throws Exception {
         // Without roles Collections.<String>emptySet() should get default set of permissions
-        env.setSubject(new SubjectImpl(vfsUser, vfsUser, "dummy_token", Collections.<String>emptySet(), false));
+        env.setSubject(new SubjectImpl(vfsUser, vfsUser, "dummy_token", false));
         ContainerResponse response =
                 launcher.service(GET, "http://localhost:8080/api/project/my_project",
                                  "http://localhost:8080/api", null, null, null);

wsagent/wsagent-local/src/main/java/org/eclipse/che/filters/AbstractEnvironmentInitializationFilter.java

@@ -25,9 +25,6 @@
 import javax.servlet.http.HttpSession;
 import java.io.IOException;
 import java.security.Principal;
-import java.util.Collections;
-import java.util.LinkedList;
-import java.util.List;
 
 /**
  * The  class contains commons business logic for all environment workspace id initialization filters. The filters are necessary to set
@@ -45,10 +42,7 @@ public void init(FilterConfig filterConfig) throws ServletException {
     public final void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException,
                                                                                                                  ServletException {
         final HttpServletRequest httpRequest = (HttpServletRequest)request;
-
-        final List<String> roles = new LinkedList<>();
-        Collections.addAll(roles, "workspace/admin", "workspace/developer", "system/admin", "system/manager", "user");
-        Subject subject = new SubjectImpl("che", "che", "dummy_token", roles, false);
+        Subject subject = new SubjectImpl("che", "che", "dummy_token", false);
         HttpSession session = httpRequest.getSession();
         session.setAttribute("codenvy_user", subject);
 
@@ -80,11 +74,6 @@ public String getRemoteUser() {
                 return subject.getUserName();
             }
 
-            @Override
-            public boolean isUserInRole(String role) {
-                return subject.isMemberOf(role);
-            }
-
             @Override
             public Principal getUserPrincipal() {
                 return new Principal() {