You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@zeppelin.apache.org by zj...@apache.org on 2017/11/08 23:03:44 UTC

zeppelin git commit: [ZEPPELIN-3012] Interpreter Permissions not working properly for groups

Repository: zeppelin
Updated Branches:
  refs/heads/master d38b2661e -> 0f81b6d61


[ZEPPELIN-3012] Interpreter Permissions not working properly for groups

### What is this PR for?
This fixes issues when using Zeppelin with permissions for users belonging to more than one roles / groups. Constructor of org.apache.zeppelin.user.AuthenticationInfo didn't consider that the roles String will contain spaces, in case there is more than one role, e.g. 'role1, role2'.

This change fixes the issue, by invoking trim() on each role.

### What type of PR is it?
[Bug Fix]

### Todos

### What is the Jira issue?
https://issues.apache.org/jira/browse/ZEPPELIN-3012

### How should this be tested?
* Enable shiro.ini, including 'admin' user
* Login with 'admin' and enable Interpreter Permissions for any Interpreter, granting access to 'role2'
* Try to use this Interpreter with 'user1', who belongs to role2.

### Screenshots (if appropriate)

### Questions:
* Does the licenses files need update? no
* Is there breaking changes for older versions? no
* Does this needs documentation? no

Author: Andreas Weise <a....@avm.de>

Closes #2647 from weand/ZEPPELIN-3012 and squashes the following commits:

53a515a [Andreas Weise] [ZEPPELIN-3012] Interpreter Permissions not working properly for groups
f46c11f [Andreas Weise] [ZEPPELIN-3012] Interpreter Permissions not working properly for groups
b6103e3 [Andreas Weise] [ZEPPELIN-3012] Interpreter Permissions not working properly for groups [fix codestyle]
1e5d2b7 [Andreas Weise] [ZEPPELIN-3012] Interpreter Permissions not working properly for groups


Project: http://git-wip-us.apache.org/repos/asf/zeppelin/repo
Commit: http://git-wip-us.apache.org/repos/asf/zeppelin/commit/0f81b6d6
Tree: http://git-wip-us.apache.org/repos/asf/zeppelin/tree/0f81b6d6
Diff: http://git-wip-us.apache.org/repos/asf/zeppelin/diff/0f81b6d6

Branch: refs/heads/master
Commit: 0f81b6d6132471ddf0e91cc3738da1ff365604f8
Parents: d38b266
Author: Andreas Weise <a....@avm.de>
Authored: Wed Nov 8 20:42:15 2017 +0100
Committer: Jeff Zhang <zj...@apache.org>
Committed: Thu Nov 9 07:03:39 2017 +0800

----------------------------------------------------------------------
 .../zeppelin/user/AuthenticationInfo.java       | 13 ++++--
 .../zeppelin/user/AuthenticationInfoTest.java   | 42 ++++++++++++++++++++
 2 files changed, 51 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/zeppelin/blob/0f81b6d6/zeppelin-interpreter/src/main/java/org/apache/zeppelin/user/AuthenticationInfo.java
----------------------------------------------------------------------
diff --git a/zeppelin-interpreter/src/main/java/org/apache/zeppelin/user/AuthenticationInfo.java b/zeppelin-interpreter/src/main/java/org/apache/zeppelin/user/AuthenticationInfo.java
index d00d160..fe9cba6 100644
--- a/zeppelin-interpreter/src/main/java/org/apache/zeppelin/user/AuthenticationInfo.java
+++ b/zeppelin-interpreter/src/main/java/org/apache/zeppelin/user/AuthenticationInfo.java
@@ -20,14 +20,15 @@ package org.apache.zeppelin.user;
 
 
 import java.util.ArrayList;
-import java.util.Arrays;
 import java.util.List;
-import com.google.gson.Gson;
+
 import org.apache.commons.lang.StringUtils;
 import org.apache.zeppelin.common.JsonSerializable;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import com.google.gson.Gson;
+
 /***
  *
  */
@@ -57,8 +58,11 @@ public class AuthenticationInfo implements JsonSerializable {
     this.user = user;
     this.ticket = ticket;
     if (StringUtils.isNotBlank(roles) && roles.length() > 2) {
-      String[] r = roles.substring(1, roles.length() - 1).split(",");
-      this.roles = Arrays.asList(r);
+      this.roles = new ArrayList<>();
+      for (final String role : roles.substring(1, roles.length() - 1)
+          .split(",")) {
+        this.roles.add(role.trim());
+      }
     }
   }
 
@@ -120,6 +124,7 @@ public class AuthenticationInfo implements JsonSerializable {
         || StringUtils.isEmpty(this.getUser());
   }
 
+  @Override
   public String toJson() {
     return gson.toJson(this);
   }

http://git-wip-us.apache.org/repos/asf/zeppelin/blob/0f81b6d6/zeppelin-interpreter/src/test/java/org/apache/zeppelin/user/AuthenticationInfoTest.java
----------------------------------------------------------------------
diff --git a/zeppelin-interpreter/src/test/java/org/apache/zeppelin/user/AuthenticationInfoTest.java b/zeppelin-interpreter/src/test/java/org/apache/zeppelin/user/AuthenticationInfoTest.java
new file mode 100644
index 0000000..a13d91a
--- /dev/null
+++ b/zeppelin-interpreter/src/test/java/org/apache/zeppelin/user/AuthenticationInfoTest.java
@@ -0,0 +1,42 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.zeppelin.user;
+
+import static org.junit.Assert.assertEquals;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+
+import org.junit.Test;
+
+public class AuthenticationInfoTest {
+
+  @Test
+  public void testRoles() {
+    final String roles = "[role1, role2, role with space]";
+
+    final AuthenticationInfo authenticationInfo = new AuthenticationInfo("foo",
+        roles, "bar");
+
+    assertEquals(
+        new ArrayList<>(Arrays.asList("role1", "role2", "role with space")),
+        authenticationInfo.getRoles());
+
+  }
+
+}