chore: Use configured delimiter to split entries

assembly/assembly-wsmaster-war/src/main/webapp/WEB-INF/classes/che/che.properties

@@ -669,14 +669,17 @@ che.oauth2.gitlab.clientsecret_filepath=NULL
 che.oauth2.gitlab.clientsecret_filepath_2=NULL
 
 ### Advanced authorization
-# Comma separated list of users allowed to access Che.
+# Separated list of users allowed to access Che. Delimiter is defined by the delimiter property.
 che.infra.kubernetes.advanced_authorization.allow_users=NULL
 
-# Comma separated list of groups of users allowed to access Che.
+# Separated list of groups of users allowed to access Che. Delimiter is defined by the delimiter property.
 che.infra.kubernetes.advanced_authorization.allow_groups=NULL
 
-# Comma separated list of users denied to access Che.
+# Separated list of users denied to access Che. Delimiter is defined by the delimiter property.
 che.infra.kubernetes.advanced_authorization.deny_users=NULL
 
-# Comma separated list of groups of users denied to access Che.
+# Separated list of groups of users denied to access Che. Delimiter is defined by the delimiter property.
 che.infra.kubernetes.advanced_authorization.deny_groups=NULL
+
+# Delimiter used to split entries in advanced authorization lists (allow_users, allow_groups, deny_users, deny_groups).
+che.infra.kubernetes.advanced_authorization.delimiter=,

core/commons/che-core-commons-lang/src/main/java/org/eclipse/che/commons/lang/StringUtils.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012-2023 Red Hat, Inc.
+ * Copyright (c) 2012-2026 Red Hat, Inc.
  * This program and the accompanying materials are made
  * available under the terms of the Eclipse Public License 2.0
  * which is available at https://www.eclipse.org/legal/epl-2.0/
@@ -101,8 +101,19 @@ public static int lastIndexOf(CharSequence s, char c, int start, int end) {
 
   /** Parse string to set of strings. String should be comma separated. Whitespaces are trimmed. */
   public static Set<String> strToSet(String str) {
+    return strToSet(str, ",");
+  }
+
+  /**
+   * Parse string to set of strings using the specified separator. Whitespaces are trimmed.
+   *
+   * @param str the string to parse
+   * @param delimiter the delimiter to split on
+   * @return set of strings
+   */
+  public static Set<String> strToSet(String str, String delimiter) {
     if (!isNullOrEmpty(str)) {
-      return Sets.newHashSet(Splitter.on(",").trimResults().omitEmptyStrings().split(str));
+      return Sets.newHashSet(Splitter.on(delimiter).trimResults().omitEmptyStrings().split(str));
     } else {
       return Collections.emptySet();
     }

infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/authorization/KubernetesOIDCAuthorizationCheckerImpl.java

@@ -36,12 +36,12 @@ public KubernetesOIDCAuthorizationCheckerImpl(
       @Nullable @Named("che.infra.kubernetes.advanced_authorization.allow_groups")
           String allowGroups,
       @Nullable @Named("che.infra.kubernetes.advanced_authorization.deny_users") String denyUsers,
-      @Nullable @Named("che.infra.kubernetes.advanced_authorization.deny_groups")
-          String denyGroups) {
-    this.allowUsers = strToSet(allowUsers);
-    this.allowGroups = strToSet(allowGroups);
-    this.denyUsers = strToSet(denyUsers);
-    this.denyGroups = strToSet(denyGroups);
+      @Nullable @Named("che.infra.kubernetes.advanced_authorization.deny_groups") String denyGroups,
+      @Named("che.infra.kubernetes.advanced_authorization.delimiter") String delimiter) {
+    this.allowUsers = strToSet(allowUsers, delimiter);
+    this.allowGroups = strToSet(allowGroups, delimiter);
+    this.denyUsers = strToSet(denyUsers, delimiter);
+    this.denyGroups = strToSet(denyGroups, delimiter);
   }
 
   public boolean isAuthorized(Subject subject) {

infrastructures/kubernetes/src/test/java/org/eclipse/che/workspace/infrastructure/kubernetes/authorization/KubernetesAuthorizationCheckerTest.java

@@ -42,7 +42,7 @@ public void advancedAuthorization(
     // give
     KubernetesOIDCAuthorizationCheckerImpl authorizationChecker =
         new KubernetesOIDCAuthorizationCheckerImpl(
-            allowedUsers, allowedGroups, deniedUsers, deniedGroups);
+            allowedUsers, allowedGroups, deniedUsers, deniedGroups, ",");
 
     // when
     boolean isAuthorized = authorizationChecker.isAuthorized(subject);

infrastructures/openshift/src/main/java/org/eclipse/che/workspace/infrastructure/openshift/authorization/OpenShiftAuthorizationCheckerImpl.java

@@ -44,11 +44,12 @@ public OpenShiftAuthorizationCheckerImpl(
           String allowGroups,
       @Nullable @Named("che.infra.kubernetes.advanced_authorization.deny_users") String denyUsers,
       @Nullable @Named("che.infra.kubernetes.advanced_authorization.deny_groups") String denyGroups,
+      @Named("che.infra.kubernetes.advanced_authorization.delimiter") String delimiter,
       CheServerKubernetesClientFactory cheServerKubernetesClientFactory) {
-    this.allowUsers = strToSet(allowUsers);
-    this.allowGroups = strToSet(allowGroups);
-    this.denyUsers = strToSet(denyUsers);
-    this.denyGroups = strToSet(denyGroups);
+    this.allowUsers = strToSet(allowUsers, delimiter);
+    this.allowGroups = strToSet(allowGroups, delimiter);
+    this.denyUsers = strToSet(denyUsers, delimiter);
+    this.denyGroups = strToSet(denyGroups, delimiter);
     this.cheServerKubernetesClientFactory = cheServerKubernetesClientFactory;
   }
 

infrastructures/openshift/src/test/java/org/eclipse/che/workspace/infrastructure/openshift/authorization/OpenShiftAuthorizationCheckerTest.java

@@ -84,7 +84,7 @@ public void advancedAuthorization(
     // give
     OpenShiftAuthorizationCheckerImpl authorizationChecker =
         new OpenShiftAuthorizationCheckerImpl(
-            allowedUsers, allowedGroups, deniedUsers, deniedGroups, clientFactory);
+            allowedUsers, allowedGroups, deniedUsers, deniedGroups, ",", clientFactory);
     groups.forEach(group -> client.resources(Group.class).create(group));
 
     // when