From 4572179aac1a80baebf827ba2bc4b2d8e23bf841 Mon Sep 17 00:00:00 2001
From: Anatolii Bazko <abazko@redhat.com>
Date: Thu, 30 Nov 2023 14:38:28 +0100
Subject: [PATCH] Renames fields

Signed-off-by: Anatolii Bazko <abazko@redhat.com>
---
 .../webapp/WEB-INF/classes/che/che.properties | 12 +++---
 .../KubernetesAuthorizationCheckerImpl.java   | 18 ++++----
 .../OpenShiftAuthorizationCheckerImpl.java    | 41 +++++++++----------
 3 files changed, 33 insertions(+), 38 deletions(-)

diff --git a/assembly/assembly-wsmaster-war/src/main/webapp/WEB-INF/classes/che/che.properties b/assembly/assembly-wsmaster-war/src/main/webapp/WEB-INF/classes/che/che.properties
index a012ebc0cc..8ee1f1f10b 100644
--- a/assembly/assembly-wsmaster-war/src/main/webapp/WEB-INF/classes/che/che.properties
+++ b/assembly/assembly-wsmaster-war/src/main/webapp/WEB-INF/classes/che/che.properties
@@ -666,13 +666,13 @@ che.oauth2.gitlab.clientsecret_filepath=NULL
 
 ### Advanced authorization
 # Comma separated list of users allowed to access Che.
-che.infra.kubernetes.advanced_authorization.allowed_users=NULL
+che.infra.kubernetes.advanced_authorization.allow_users=NULL
 
 # Comma separated list of groups of users allowed to access Che.
-che.infra.kubernetes.advanced_authorization.allowed_groups=NULL
+che.infra.kubernetes.advanced_authorization.allow_groups=NULL
 
-# Comma separated list of users disallowed to access Che.
-che.infra.kubernetes.advanced_authorization.disabled_users=NULL
+# Comma separated list of users denied to access Che.
+che.infra.kubernetes.advanced_authorization.deny_users=NULL
 
-# Comma separated list of groups of users disallowed to access Che.
-che.infra.kubernetes.advanced_authorization.disabled_groups=NULL
+# Comma separated list of groups of users denied to access Che.
+che.infra.kubernetes.advanced_authorization.deny_groups=NULL
diff --git a/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/authorization/KubernetesAuthorizationCheckerImpl.java b/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/authorization/KubernetesAuthorizationCheckerImpl.java
index 0f18fc79a0..b3fe0d7b82 100644
--- a/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/authorization/KubernetesAuthorizationCheckerImpl.java
+++ b/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/authorization/KubernetesAuthorizationCheckerImpl.java
@@ -23,17 +23,15 @@ import org.eclipse.che.commons.annotation.Nullable;
 @Singleton
 public class KubernetesAuthorizationCheckerImpl implements AuthorizationChecker {
 
-  private final Set<String> allowedUsers;
-  private final Set<String> disabledUsers;
+  private final Set<String> allowUsers;
+  private final Set<String> denyUsers;
 
   @Inject
   public KubernetesAuthorizationCheckerImpl(
-      @Nullable @Named("che.infra.kubernetes.advanced_authorization.allowed_users")
-          String allowedUsers,
-      @Nullable @Named("che.infra.kubernetes.advanced_authorization.disabled_users")
-          String disabledUsers) {
-    this.allowedUsers = strToSet(allowedUsers);
-    this.disabledUsers = strToSet(disabledUsers);
+      @Nullable @Named("che.infra.kubernetes.advanced_authorization.allow_users") String allowUsers,
+      @Nullable @Named("che.infra.kubernetes.advanced_authorization.deny_users") String denyUsers) {
+    this.allowUsers = strToSet(allowUsers);
+    this.denyUsers = strToSet(denyUsers);
   }
 
   public boolean isAuthorized(String username) {
@@ -41,10 +39,10 @@ public class KubernetesAuthorizationCheckerImpl implements AuthorizationChecker
   }
 
   private boolean isAllowedUser(String username) {
-    return allowedUsers.isEmpty() || allowedUsers.contains(username);
+    return allowUsers.isEmpty() || allowUsers.contains(username);
   }
 
   private boolean isDisabledUser(String username) {
-    return !disabledUsers.isEmpty() && disabledUsers.contains(username);
+    return !denyUsers.isEmpty() && denyUsers.contains(username);
   }
 }
diff --git a/infrastructures/openshift/src/main/java/org/eclipse/che/workspace/infrastructure/openshift/authorization/OpenShiftAuthorizationCheckerImpl.java b/infrastructures/openshift/src/main/java/org/eclipse/che/workspace/infrastructure/openshift/authorization/OpenShiftAuthorizationCheckerImpl.java
index 67a3fbc1ba..f85b7d7edb 100644
--- a/infrastructures/openshift/src/main/java/org/eclipse/che/workspace/infrastructure/openshift/authorization/OpenShiftAuthorizationCheckerImpl.java
+++ b/infrastructures/openshift/src/main/java/org/eclipse/che/workspace/infrastructure/openshift/authorization/OpenShiftAuthorizationCheckerImpl.java
@@ -30,26 +30,23 @@ public class OpenShiftAuthorizationCheckerImpl implements AuthorizationChecker {
 
   private final CheServerKubernetesClientFactory cheServerKubernetesClientFactory;
 
-  private final Set<String> allowedUsers;
-  private final Set<String> allowedGroups;
-  private final Set<String> disabledUsers;
-  private final Set<String> disabledGroups;
+  private final Set<String> allowUsers;
+  private final Set<String> allowGroups;
+  private final Set<String> denyUsers;
+  private final Set<String> denyGroups;
 
   @Inject
   public OpenShiftAuthorizationCheckerImpl(
-      @Nullable @Named("che.infra.kubernetes.advanced_authorization.allowed_users")
-          String allowedUsers,
-      @Nullable @Named("che.infra.kubernetes.advanced_authorization.allowed_groups")
-          String allowedGroups,
-      @Nullable @Named("che.infra.kubernetes.advanced_authorization.disabled_users")
-          String disabledUsers,
-      @Nullable @Named("che.infra.kubernetes.advanced_authorization.disabled_groups")
-          String disabledGroups,
+      @Nullable @Named("che.infra.kubernetes.advanced_authorization.allow_users") String allowUsers,
+      @Nullable @Named("che.infra.kubernetes.advanced_authorization.allow_groups")
+          String allowGroups,
+      @Nullable @Named("che.infra.kubernetes.advanced_authorization.deny_users") String denyUsers,
+      @Nullable @Named("che.infra.kubernetes.advanced_authorization.deny_groups") String denyGroups,
       CheServerKubernetesClientFactory cheServerKubernetesClientFactory) {
-    this.allowedUsers = strToSet(allowedUsers);
-    this.allowedGroups = strToSet(allowedGroups);
-    this.disabledUsers = strToSet(disabledUsers);
-    this.disabledGroups = strToSet(disabledGroups);
+    this.allowUsers = strToSet(allowUsers);
+    this.allowGroups = strToSet(allowGroups);
+    this.denyUsers = strToSet(denyUsers);
+    this.denyGroups = strToSet(denyGroups);
     this.cheServerKubernetesClientFactory = cheServerKubernetesClientFactory;
   }
 
@@ -60,15 +57,15 @@ public class OpenShiftAuthorizationCheckerImpl implements AuthorizationChecker {
 
   private boolean isAllowedUser(KubernetesClient client, String username) {
     // All users from all groups are allowed by default
-    if (allowedUsers.isEmpty() && allowedGroups.isEmpty()) {
+    if (allowUsers.isEmpty() && allowGroups.isEmpty()) {
       return true;
     }
 
-    if (allowedUsers.contains(username)) {
+    if (allowUsers.contains(username)) {
       return true;
     }
 
-    for (String groupName : allowedGroups) {
+    for (String groupName : allowGroups) {
       Group group = client.resources(Group.class).withName(groupName).get();
       if (group != null && group.getUsers().contains(username)) {
         return true;
@@ -80,15 +77,15 @@ public class OpenShiftAuthorizationCheckerImpl implements AuthorizationChecker {
 
   private boolean isDisabledUser(KubernetesClient client, String username) {
     // All users from all groups are allowed by default
-    if (disabledUsers.isEmpty() && disabledGroups.isEmpty()) {
+    if (denyUsers.isEmpty() && denyGroups.isEmpty()) {
       return false;
     }
 
-    if (disabledUsers.contains(username)) {
+    if (denyUsers.contains(username)) {
       return true;
     }
 
-    for (String groupName : disabledGroups) {
+    for (String groupName : denyGroups) {
       Group group = client.resources(Group.class).withName(groupName).get();
       if (group != null && group.getUsers().contains(username)) {
         return true;