Revert "fix: correct the check of read security in new query engine"

This reverts commit 4ce98c7.

core/src/main/java/com/orientechnologies/orient/core/sql/executor/FetchFromClassExecutionStep.java

@@ -6,14 +6,11 @@
 import com.orientechnologies.orient.core.db.ODatabaseDocumentInternal;
 import com.orientechnologies.orient.core.exception.OCommandExecutionException;
 import com.orientechnologies.orient.core.metadata.schema.OClass;
-import com.orientechnologies.orient.core.metadata.security.ORole;
-import com.orientechnologies.orient.core.metadata.security.ORule;
 import com.orientechnologies.orient.core.sql.executor.resultset.OLimitedResultSet;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.HashMap;
 import java.util.List;
-import java.util.Locale;
 import java.util.Map;
 import java.util.Optional;
 import java.util.Set;
@@ -137,11 +134,6 @@ private void sortClusers(int[] clusterIds) {
   @Override
   public OResultSet syncPull(OCommandContext ctx, int nRecords) throws OTimeoutException {
     getPrev().ifPresent(x -> x.syncPull(ctx, nRecords));
-    ctx.getDatabase()
-        .checkSecurity(
-            ORule.ResourceGeneric.CLASS,
-            ORole.PERMISSION_READ,
-            className.toLowerCase(Locale.ENGLISH));
     return new OLimitedResultSet(
         new OResultSet() {
 

core/src/main/java/com/orientechnologies/orient/core/sql/executor/FilterByClassStep.java

@@ -5,38 +5,29 @@
 import com.orientechnologies.orient.core.command.OCommandContext;
 import com.orientechnologies.orient.core.exception.OCommandExecutionException;
 import com.orientechnologies.orient.core.metadata.schema.OClass;
-import com.orientechnologies.orient.core.metadata.security.ORole;
-import com.orientechnologies.orient.core.metadata.security.ORule;
 import com.orientechnologies.orient.core.sql.executor.resultset.OFilterResultSet;
 import com.orientechnologies.orient.core.sql.executor.resultset.OLimitedResultSet;
 import com.orientechnologies.orient.core.sql.parser.OIdentifier;
-import java.util.Locale;
 import java.util.Optional;
 
 /** Created by luigidellaquila on 01/03/17. */
 public class FilterByClassStep extends AbstractExecutionStep {
 
   private OIdentifier identifier;
-  private String className;
   private OResultSet prevResult = null;
   private long cost;
 
   public FilterByClassStep(OIdentifier identifier, OCommandContext ctx, boolean profilingEnabled) {
     super(ctx, profilingEnabled);
     this.identifier = identifier;
-    className = identifier.getStringValue();
   }
 
   @Override
   public OResultSet syncPull(OCommandContext ctx, int nRecords) throws OTimeoutException {
     if (!prev.isPresent()) {
       throw new IllegalStateException("filter step requires a previous step");
     }
-    ctx.getDatabase()
-        .checkSecurity(
-            ORule.ResourceGeneric.CLASS,
-            ORole.PERMISSION_READ,
-            className.toLowerCase(Locale.ENGLISH));
+
     return new OLimitedResultSet(
         new OFilterResultSet(() -> fetchNext(ctx, nRecords), this::filterMap), nRecords);
   }
@@ -46,7 +37,7 @@ private OResult filterMap(OResult result) {
     try {
       if (result.isElement()) {
         Optional<OClass> clazz = result.getElement().get().getSchemaType();
-        if (clazz.isPresent() && clazz.get().isSubClassOf(className)) {
+        if (clazz.isPresent() && clazz.get().isSubClassOf(identifier.getStringValue())) {
           return result;
         }
       }

core/src/test/java/com/orientechnologies/orient/core/metadata/security/OClassSecurityTest.java

@@ -5,7 +5,6 @@
 import com.orientechnologies.orient.core.db.ODatabaseSession;
 import com.orientechnologies.orient.core.db.OrientDB;
 import com.orientechnologies.orient.core.db.OrientDBConfig;
-import com.orientechnologies.orient.core.exception.OSecurityException;
 import com.orientechnologies.orient.core.record.OElement;
 import com.orientechnologies.orient.core.sql.executor.OResultSet;
 import org.junit.After;
@@ -59,7 +58,7 @@ public void after() {
     this.db = null;
   }
 
-  @Test(expected = OSecurityException.class)
+  @Test
   public void testReadWithClassPermissions() {
     db.createClass("Person");
     ORole reader = db.getMetadata().getSecurity().getRole("reader");