eclipse-che · davidfestal · Nov 10, 2017 · Nov 8, 2017 · Nov 8, 2017 · Nov 8, 2017
diff --git a/dockerfiles/init/modules/openshift/files/scripts/deploy_che.sh b/dockerfiles/init/modules/openshift/files/scripts/deploy_che.sh
@@ -266,6 +266,8 @@ echo "done!"
 # If command == clean up then delete all openshift objects
 # -------------------------------------------------------------
 if [ "${COMMAND}" == "cleanup" ]; then
+  echo "[CHE] Stopping the Che server..."
+  oc scale --replicas=0 --timeout=3m dc che
   echo "[CHE] Deleting all OpenShift objects..."
   oc delete all --all 
   echo "[CHE] Cleanup successfully started. Use \"oc get all\" to verify that all resources have been deleted."

diff --git a/multiuser/keycloak/che-multiuser-keycloak-server/pom.xml b/multiuser/keycloak/che-multiuser-keycloak-server/pom.xml
@@ -66,6 +66,10 @@
             <groupId>org.eclipse.che.core</groupId>
             <artifactId>che-core-api-user</artifactId>
         </dependency>
+        <dependency>
+            <groupId>org.eclipse.che.core</groupId>
+            <artifactId>che-core-api-workspace</artifactId>
+        </dependency>
         <dependency>
             <groupId>org.eclipse.che.core</groupId>
             <artifactId>che-core-commons-annotations</artifactId>

diff --git a/...ava/org/eclipse/che/multiuser/keycloak/server/KeycloakEnvironmentInitalizationFilter.java b/...ava/org/eclipse/che/multiuser/keycloak/server/KeycloakEnvironmentInitalizationFilter.java
@@ -33,6 +33,7 @@
 import org.eclipse.che.api.core.model.user.User;
 import org.eclipse.che.api.user.server.UserManager;
 import org.eclipse.che.api.user.server.model.impl.UserImpl;
+import org.eclipse.che.api.workspace.server.WorkspaceSubjectRegistry;
 import org.eclipse.che.commons.auth.token.RequestTokenExtractor;
 import org.eclipse.che.commons.env.EnvironmentContext;
 import org.eclipse.che.commons.subject.Subject;
@@ -51,15 +52,18 @@ public class KeycloakEnvironmentInitalizationFilter extends AbstractKeycloakFilt
   private final UserManager userManager;
   private final RequestTokenExtractor tokenExtractor;
   private final PermissionChecker permissionChecker;
+  private final WorkspaceSubjectRegistry workspaceSubjectRegistry;
 
   @Inject
   public KeycloakEnvironmentInitalizationFilter(
       UserManager userManager,
       RequestTokenExtractor tokenExtractor,
-      PermissionChecker permissionChecker) {
+      PermissionChecker permissionChecker,
+      WorkspaceSubjectRegistry workspaceSubjectRegistry) {
     this.userManager = userManager;
     this.tokenExtractor = tokenExtractor;
     this.permissionChecker = permissionChecker;
+    this.workspaceSubjectRegistry = workspaceSubjectRegistry;
   }
 
   @Override
@@ -91,6 +95,7 @@ public void doFilter(ServletRequest request, ServletResponse response, FilterCha
         subject =
             new AuthorizedSubject(
                 new SubjectImpl(user.getName(), user.getId(), token, false), permissionChecker);
+        workspaceSubjectRegistry.updateSubject(subject);
         session.setAttribute("che_subject", subject);
       } catch (ServerException | ConflictException e) {
         throw new ServletException(

diff --git a/...in/java/org/eclipse/che/multiuser/machine/authentication/server/MachineTokenRegistry.java b/...in/java/org/eclipse/che/multiuser/machine/authentication/server/MachineTokenRegistry.java
@@ -95,6 +95,26 @@ public String getUserId(String token) throws NotFoundException {
     }
   }
 
+  /**
+   * Gets workspaceId by machine token
+   *
+   * @return workspace identifier
+   * @throws NotFoundException when no such machine token exists
+   */
+  public String getWorkspaceId(String token) throws NotFoundException {
+    lock.readLock().lock();
+    try {
+      for (Table.Cell<String, String, String> tokenCell : tokens.cellSet()) {
+        if (tokenCell.getValue().equals(token)) {
+          return tokenCell.getRowKey();
+        }
+      }
+      throw new NotFoundException("Workspace not found for token " + token);
+    } finally {
+      lock.readLock().unlock();
+    }
+  }
+
   /**
    * Invalidates machine security tokens for all users of given workspace.
    *

diff --git a/...ava/org/eclipse/che/multiuser/machine/authentication/server/MachineTokenRegistryTest.java b/...ava/org/eclipse/che/multiuser/machine/authentication/server/MachineTokenRegistryTest.java
@@ -53,4 +53,19 @@ private static boolean exists(MachineTokenRegistry registry, String user, String
       return false;
     }
   }
+
+  @Test
+  public void shouldreturnWorkspaceId() throws Exception {
+    final MachineTokenRegistry registry = new MachineTokenRegistry();
+
+    String token11 = registry.generateToken("user1", "workspace1");
+    String token12 = registry.generateToken("user1", "workspace2");
+    String token21 = registry.generateToken("user2", "workspace1");
+    String token22 = registry.generateToken("user2", "workspace2");
+
+    assertEquals(registry.getWorkspaceId(token11), "workspace1");
+    assertEquals(registry.getWorkspaceId(token12), "workspace2");
+    assertEquals(registry.getWorkspaceId(token21), "workspace1");
+    assertEquals(registry.getWorkspaceId(token22), "workspace2");
+  }
 }