chore: Decommissioning Organization, Resource, Permission, Keycloak, SSH, Activity services
Signed-off-by: Ilya Buziuk <ibuziuk@redhat.com>pull/386/head
Ilya Buziuk
Ilya Buziuk
parent
cf508f009c
commit
5c8658724f
|
|
@ -251,18 +251,10 @@
|
|||
<groupId>org.eclipse.che.multiuser</groupId>
|
||||
<artifactId>che-multiuser-api-authorization-impl</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.eclipse.che.multiuser</groupId>
|
||||
<artifactId>che-multiuser-api-organization</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.eclipse.che.multiuser</groupId>
|
||||
<artifactId>che-multiuser-api-permission</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.eclipse.che.multiuser</groupId>
|
||||
<artifactId>che-multiuser-api-resource</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.eclipse.che.multiuser</groupId>
|
||||
<artifactId>che-multiuser-api-workspace-activity</artifactId>
|
||||
|
|
@ -275,10 +267,6 @@
|
|||
<groupId>org.eclipse.che.multiuser</groupId>
|
||||
<artifactId>che-multiuser-keycloak-token-provider</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.eclipse.che.multiuser</groupId>
|
||||
<artifactId>che-multiuser-keycloak-user-remover</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.eclipse.che.multiuser</groupId>
|
||||
<artifactId>che-multiuser-machine-authentication</artifactId>
|
||||
|
|
|
|||
|
|
@ -83,25 +83,19 @@ import org.eclipse.che.core.db.DBTermination;
|
|||
import org.eclipse.che.core.db.schema.SchemaInitializer;
|
||||
import org.eclipse.che.core.tracing.metrics.TracingMetricsModule;
|
||||
import org.eclipse.che.inject.DynaModule;
|
||||
import org.eclipse.che.multiuser.api.authentication.commons.token.ChainedTokenExtractor;
|
||||
import org.eclipse.che.multiuser.api.authentication.commons.token.HeaderRequestTokenExtractor;
|
||||
import org.eclipse.che.multiuser.api.authentication.commons.token.RequestTokenExtractor;
|
||||
import org.eclipse.che.multiuser.api.permission.server.AdminPermissionInitializer;
|
||||
import org.eclipse.che.multiuser.api.permission.server.PermissionChecker;
|
||||
import org.eclipse.che.multiuser.api.permission.server.PermissionCheckerImpl;
|
||||
import org.eclipse.che.multiuser.api.workspace.activity.MultiUserWorkspaceActivityModule;
|
||||
import org.eclipse.che.multiuser.keycloak.server.deploy.KeycloakModule;
|
||||
import org.eclipse.che.multiuser.keycloak.server.deploy.KeycloakUserRemoverModule;
|
||||
import org.eclipse.che.multiuser.machine.authentication.server.MachineAuthModule;
|
||||
import org.eclipse.che.multiuser.oidc.OIDCInfo;
|
||||
import org.eclipse.che.multiuser.oidc.OIDCInfoProvider;
|
||||
import org.eclipse.che.multiuser.oidc.OIDCJwkProvider;
|
||||
import org.eclipse.che.multiuser.oidc.OIDCJwtParserProvider;
|
||||
import org.eclipse.che.multiuser.oidc.OIDCSigningKeyResolver;
|
||||
import org.eclipse.che.multiuser.organization.api.OrganizationApiModule;
|
||||
import org.eclipse.che.multiuser.organization.api.OrganizationJpaModule;
|
||||
import org.eclipse.che.multiuser.permission.user.UserServicePermissionsFilter;
|
||||
import org.eclipse.che.multiuser.resource.api.ResourceModule;
|
||||
import org.eclipse.che.security.PBKDF2PasswordEncryptor;
|
||||
import org.eclipse.che.security.PasswordEncryptor;
|
||||
import org.eclipse.che.security.oauth.EmbeddedOAuthAPI;
|
||||
|
|
@ -190,7 +184,6 @@ public class WsMasterModule extends AbstractModule {
|
|||
install(new org.eclipse.che.api.factory.server.bitbucket.BitbucketModule());
|
||||
|
||||
bind(org.eclipse.che.api.core.rest.ApiInfoService.class);
|
||||
bind(org.eclipse.che.api.ssh.server.SshService.class);
|
||||
bind(org.eclipse.che.api.user.server.UserService.class);
|
||||
bind(org.eclipse.che.api.user.server.ProfileService.class);
|
||||
bind(org.eclipse.che.api.user.server.PreferencesService.class);
|
||||
|
|
@ -204,6 +197,7 @@ public class WsMasterModule extends AbstractModule {
|
|||
bind(org.eclipse.che.api.workspace.server.WorkspaceService.class);
|
||||
bind(org.eclipse.che.api.devfile.server.DevfileService.class);
|
||||
bind(org.eclipse.che.api.devfile.server.UserDevfileEntityProvider.class);
|
||||
|
||||
install(new FactoryModuleBuilder().build(ServersCheckerFactory.class));
|
||||
|
||||
Multibinder<InternalEnvironmentProvisioner> internalEnvironmentProvisioners =
|
||||
|
|
@ -356,7 +350,7 @@ public class WsMasterModule extends AbstractModule {
|
|||
bind(DataSource.class).toProvider(org.eclipse.che.core.db.JndiDataSourceProvider.class);
|
||||
|
||||
install(new org.eclipse.che.multiuser.api.permission.server.jpa.SystemPermissionsJpaModule());
|
||||
install(new org.eclipse.che.multiuser.api.permission.server.PermissionsModule());
|
||||
|
||||
install(
|
||||
new org.eclipse.che.multiuser.permission.workspace.server.WorkspaceApiPermissionsModule());
|
||||
install(
|
||||
|
|
@ -391,10 +385,6 @@ public class WsMasterModule extends AbstractModule {
|
|||
org.eclipse.che.multiuser.permission.resource.filters
|
||||
.FreeResourcesLimitServicePermissionsFilter.class);
|
||||
|
||||
install(new ResourceModule());
|
||||
install(new OrganizationApiModule());
|
||||
install(new OrganizationJpaModule());
|
||||
|
||||
if (Boolean.parseBoolean(System.getenv("CHE_AUTH_NATIVEUSER"))) {
|
||||
bind(RequestTokenExtractor.class).to(HeaderRequestTokenExtractor.class);
|
||||
if (KubernetesInfrastructure.NAME.equals(infrastructure)) {
|
||||
|
|
@ -406,10 +396,6 @@ public class WsMasterModule extends AbstractModule {
|
|||
bind(TokenValidator.class).to(NotImplementedTokenValidator.class);
|
||||
bind(ProfileDao.class).to(JpaProfileDao.class);
|
||||
bind(OAuthAPI.class).to(EmbeddedOAuthAPI.class);
|
||||
} else {
|
||||
install(new KeycloakModule());
|
||||
install(new KeycloakUserRemoverModule());
|
||||
bind(RequestTokenExtractor.class).to(ChainedTokenExtractor.class);
|
||||
}
|
||||
|
||||
bind(AdminPermissionInitializer.class).asEagerSingleton();
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
<!--
|
||||
|
||||
Copyright (c) 2012-2021 Red Hat, Inc.
|
||||
Copyright (c) 2012-2022 Red Hat, Inc.
|
||||
This program and the accompanying materials are made
|
||||
available under the terms of the Eclipse Public License 2.0
|
||||
which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
|
|
|
|||
|
|
@ -64,24 +64,6 @@ che.limits.user.workspaces.count=-1
|
|||
# stop a running workspace to activate another.
|
||||
che.limits.user.workspaces.run.count=1
|
||||
|
||||
### Organizations workspace limits
|
||||
|
||||
# The total amount of RAM that a single organization (team) is allowed to allocate
|
||||
# to running workspaces. An organization owner can allocate this RAM however they
|
||||
# see fit across the team's workspaces.
|
||||
che.limits.organization.workspaces.ram=-1
|
||||
|
||||
# The maximum number of workspaces that an organization is allowed to own. The
|
||||
# organization will be presented with an error message if they try to create
|
||||
# additional workspaces. This applies to the total number of both running
|
||||
# and stopped workspaces.
|
||||
che.limits.organization.workspaces.count=-1
|
||||
|
||||
# The maximum number of running workspaces that a single organization is allowed to have.
|
||||
# If the organization has reached this threshold, and they try to start an
|
||||
# additional workspace, they will be presented with an error message. The
|
||||
# organization will need to stop a running workspace to activate another.
|
||||
che.limits.organization.workspaces.run.count=-1
|
||||
|
||||
### Multi-user-specific OpenShift infrastructure configuration
|
||||
|
||||
|
|
@ -157,22 +139,6 @@ che.keycloak.use_fixed_redirect_urls=false
|
|||
# Runtime Exception `wii` will be thrown, if this property isn't set properly.
|
||||
che.oauth.service_mode=delegated
|
||||
|
||||
# Configuration for enabling removing user from Keycloak server on removing user from Che database.
|
||||
# It's disabled by default. You can enable it in special cases when deleting a user in Che database
|
||||
# should execute removing related-user from Keycloak.
|
||||
# For it to work correctly, you need to set an administrator username ${che.keycloak.admin_username} and password
|
||||
# ${che.keycloak.admin_password}.
|
||||
che.keycloak.cascade_user_removal_enabled=false
|
||||
|
||||
# Keycloak administrator username. It will be used for deleting user from Keycloak on removing user
|
||||
# from Che database. Using it makes sense only if ${che.keycloak.cascade_user_removal_enabled} is
|
||||
# set to 'true'.
|
||||
che.keycloak.admin_username=NULL
|
||||
|
||||
# Keycloak administrator password. Will be used for deleting user from Keycloak on removing user
|
||||
# from Che database. Using it makes sense only if ${che.keycloak.cascade_user_removal_enabled} is
|
||||
# set to 'true'
|
||||
che.keycloak.admin_password=NULL
|
||||
|
||||
# User name adjustment configuration. Che needs to use the usernames as part of Kubernetes object names and labels.
|
||||
# Therefore there are stricter requirements on their format than the identity providers usually
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2012-2021 Red Hat, Inc.
|
||||
* Copyright (c) 2012-2022 Red Hat, Inc.
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
|
|
@ -28,7 +28,6 @@ import org.eclipse.che.multiuser.organization.api.permissions.OrganizationResour
|
|||
import org.eclipse.che.multiuser.organization.api.permissions.OrganizationalAccountPermissionsChecker;
|
||||
import org.eclipse.che.multiuser.organization.api.resource.DefaultOrganizationResourcesProvider;
|
||||
import org.eclipse.che.multiuser.organization.api.resource.OrganizationResourceLockKeyProvider;
|
||||
import org.eclipse.che.multiuser.organization.api.resource.OrganizationResourcesDistributionService;
|
||||
import org.eclipse.che.multiuser.organization.api.resource.OrganizationalAccountAvailableResourcesProvider;
|
||||
import org.eclipse.che.multiuser.organization.api.resource.SuborganizationResourcesProvider;
|
||||
import org.eclipse.che.multiuser.organization.spi.impl.OrganizationImpl;
|
||||
|
|
@ -41,7 +40,7 @@ import org.eclipse.che.multiuser.resource.api.free.DefaultResourcesProvider;
|
|||
public class OrganizationApiModule extends AbstractModule {
|
||||
@Override
|
||||
protected void configure() {
|
||||
bind(OrganizationService.class);
|
||||
|
||||
bind(OrganizationPermissionsFilter.class);
|
||||
bind(OrganizationRemoteSubscriptionPermissionsChecks.class);
|
||||
bind(RemoveOrganizationOnLastUserRemovedEventSubscriber.class).asEagerSingleton();
|
||||
|
|
@ -66,7 +65,6 @@ public class OrganizationApiModule extends AbstractModule {
|
|||
.addBinding()
|
||||
.to(OrganizationalAccountPermissionsChecker.class);
|
||||
|
||||
bind(OrganizationResourcesDistributionService.class);
|
||||
bind(OrganizationResourceDistributionServicePermissionsFilter.class);
|
||||
|
||||
bind(OrganizationEventsWebsocketBroadcaster.class).asEagerSingleton();
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2012-2018 Red Hat, Inc.
|
||||
* Copyright (c) 2012-2022 Red Hat, Inc.
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
|
|
@ -27,7 +27,7 @@ import org.eclipse.che.multiuser.api.permission.server.jsonrpc.RemoteSubscriptio
|
|||
public class PermissionsModule extends AbstractModule {
|
||||
@Override
|
||||
protected void configure() {
|
||||
bind(PermissionsService.class);
|
||||
|
||||
bind(SetPermissionsFilter.class);
|
||||
bind(RemovePermissionsFilter.class);
|
||||
bind(GetPermissionsFilter.class);
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2012-2018 Red Hat, Inc.
|
||||
* Copyright (c) 2012-2022 Red Hat, Inc.
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
|
|
@ -17,14 +17,12 @@ import com.google.inject.multibindings.Multibinder;
|
|||
import org.eclipse.che.api.workspace.server.WorkspaceManager;
|
||||
import org.eclipse.che.multiuser.api.permission.server.account.AccountPermissionsChecker;
|
||||
import org.eclipse.che.multiuser.resource.api.free.DefaultResourcesProvider;
|
||||
import org.eclipse.che.multiuser.resource.api.free.FreeResourcesLimitService;
|
||||
import org.eclipse.che.multiuser.resource.api.free.FreeResourcesProvider;
|
||||
import org.eclipse.che.multiuser.resource.api.type.RamResourceType;
|
||||
import org.eclipse.che.multiuser.resource.api.type.ResourceType;
|
||||
import org.eclipse.che.multiuser.resource.api.type.RuntimeResourceType;
|
||||
import org.eclipse.che.multiuser.resource.api.type.TimeoutResourceType;
|
||||
import org.eclipse.che.multiuser.resource.api.type.WorkspaceResourceType;
|
||||
import org.eclipse.che.multiuser.resource.api.usage.ResourceService;
|
||||
import org.eclipse.che.multiuser.resource.api.usage.tracker.RamResourceUsageTracker;
|
||||
import org.eclipse.che.multiuser.resource.api.usage.tracker.RuntimeResourceUsageTracker;
|
||||
import org.eclipse.che.multiuser.resource.api.usage.tracker.WorkspaceResourceUsageTracker;
|
||||
|
|
@ -36,9 +34,6 @@ import org.eclipse.che.multiuser.resource.spi.jpa.JpaFreeResourcesLimitDao;
|
|||
public class ResourceModule extends AbstractModule {
|
||||
@Override
|
||||
protected void configure() {
|
||||
bind(ResourceService.class);
|
||||
|
||||
bind(FreeResourcesLimitService.class);
|
||||
bind(FreeResourcesLimitDao.class).to(JpaFreeResourcesLimitDao.class);
|
||||
bind(JpaFreeResourcesLimitDao.RemoveFreeResourcesLimitSubscriber.class).asEagerSingleton();
|
||||
|
||||
|
|
|
|||
|
|
@ -14,8 +14,6 @@ package org.eclipse.che.multiuser.api.workspace.activity;
|
|||
import com.google.inject.AbstractModule;
|
||||
import org.eclipse.che.api.workspace.activity.JpaWorkspaceActivityDao;
|
||||
import org.eclipse.che.api.workspace.activity.WorkspaceActivityDao;
|
||||
import org.eclipse.che.api.workspace.activity.WorkspaceActivityManager;
|
||||
import org.eclipse.che.api.workspace.activity.WorkspaceActivityService;
|
||||
|
||||
/**
|
||||
* Implementation of
|
||||
|
|
@ -26,8 +24,6 @@ public class MultiUserWorkspaceActivityModule extends AbstractModule {
|
|||
|
||||
@Override
|
||||
protected void configure() {
|
||||
bind(WorkspaceActivityService.class);
|
||||
bind(WorkspaceActivityDao.class).to(JpaWorkspaceActivityDao.class);
|
||||
bind(WorkspaceActivityManager.class).to(MultiUserWorkspaceActivityManager.class);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2012-2021 Red Hat, Inc.
|
||||
* Copyright (c) 2012-2022 Red Hat, Inc.
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
|
|
@ -19,7 +19,6 @@ import org.eclipse.che.api.core.rest.HttpJsonRequestFactory;
|
|||
import org.eclipse.che.api.user.server.TokenValidator;
|
||||
import org.eclipse.che.api.user.server.spi.ProfileDao;
|
||||
import org.eclipse.che.multiuser.api.account.personal.PersonalAccountUserManager;
|
||||
import org.eclipse.che.multiuser.keycloak.server.KeycloakConfigurationService;
|
||||
import org.eclipse.che.multiuser.keycloak.server.KeycloakOIDCInfoProvider;
|
||||
import org.eclipse.che.multiuser.keycloak.server.KeycloakSigningKeyResolver;
|
||||
import org.eclipse.che.multiuser.keycloak.server.KeycloakTokenValidator;
|
||||
|
|
@ -37,7 +36,6 @@ public class KeycloakModule extends AbstractModule {
|
|||
bind(HttpJsonRequestFactory.class)
|
||||
.to(org.eclipse.che.multiuser.keycloak.server.KeycloakHttpJsonRequestFactory.class);
|
||||
bind(TokenValidator.class).to(KeycloakTokenValidator.class);
|
||||
bind(KeycloakConfigurationService.class);
|
||||
|
||||
bind(ProfileDao.class).to(KeycloakProfileDao.class);
|
||||
bind(JwkProvider.class).toProvider(OIDCJwkProvider.class);
|
||||
|
|
|
|||
Loading…
Reference in New Issue