You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@zeppelin.apache.org by "Madiha Khalid (JIRA)" <ji...@apache.org> on 2018/05/29 07:35:00 UTC
[jira] [Created] (ZEPPELIN-3509) Notebook Authorization not working
Madiha Khalid created ZEPPELIN-3509:
---------------------------------------
Summary: Notebook Authorization not working
Key: ZEPPELIN-3509
URL: https://issues.apache.org/jira/browse/ZEPPELIN-3509
Project: Zeppelin
Issue Type: Bug
Components: security
Affects Versions: 0.8.0
Reporter: Madiha Khalid
Attachments: Step_1.PNG, Step_2a.PNG, Step_2b.PNG, Step_3.PNG, shiro.ini
Dear Team,
In zeppelin 0.8.0 release Notebook authorization not working properly.
Authorization Setting for User Notebook Note 1
User1 -> Runner
admin -> Owner
User1 able to update notebook permission for all (owner, runner, reader, writer )
Steps to reproduce:
# Login as admin and give access to user 1 as a runner, shown in attached image step
# Login as user1 open Note 1 here user 1 is able to open and update the notebook permissions shown in attached image step 2a.
# User 1 changed Owner rights from admin to user1 and save successfully shown in attached image 2b.
# Login as admin, open Note 1 notebook here we can see the Owner rights are changed from admin to user1 shown in attached image Step 3.
According to my understanding, User1 should not able to open Notebook permission button. I also attached my shiro.ini file.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)