You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@zeppelin.apache.org by AhyoungRyu <gi...@git.apache.org> on 2016/06/10 19:59:16 UTC
[GitHub] zeppelin pull request #993: [ZEPPELIN-987] Enable user to secure interpreter...
GitHub user AhyoungRyu opened a pull request:
https://github.com/apache/zeppelin/pull/993
[ZEPPELIN-987] Enable user to secure interpreter setting, credentials and configurations info
### What is this PR for?
For some user case, people might want to hide **Interpreter Setting**, **Credentials** and **Configurations** information to other users (who are defined in `conf/shiro.ini`). So I added
```
#/api/interpreter/** = authc, roles[admin]
#/api/configurations/** = authc, roles[admin]
#/api/credential/** = authc, roles[admin]
```
below the [ [urls] ](https://github.com/apache/zeppelin/blob/master/conf/shiro.ini#L38) section.
This issue was originally suggested in [Zeppelin user mailing list](https://mail-archives.apache.org/mod_mbox/zeppelin-users/201606.mbox/%3CCAPgU7Y%3DBJrXQ_P0ond4PTukoya0FEjwoPuUb31iN3qwo8iyM1Q%40mail.gmail.com%3E) by @TomNorden
### What type of PR is it?
Improvement | Documentation
### Todos
* [x] - Add `interpreter`, `credential` and `configuration` url to `conf/shiro.ini`
* [x] - Update `shiroauthentication.md` for this change
### What is the Jira issue?
[ZEPPELIN-987](https://issues.apache.org/jira/browse/ZEPPELIN-987)
### How should this be tested?
1. Apply this patch and restart Zeppelin
2. Login with `admin` and `password1`
3. Go to interpreter, credential and configuration tab -> You can see all of the information in each tabs
4. Logout -> Login again with `user1` and `password2`
5. Go to interpreter, credential and configuration tab -> In this time, you can't see all of the information in each tabs
### Screenshots (if appropriate)
- When you login with `user1` (doesn't have permission to see the interpreter, credential and cofiguration info)
- `shiroauthentication.md`
<img width="807" alt="screen shot 2016-06-10 at 12 25 02 pm" src="https://cloud.githubusercontent.com/assets/10060731/15976949/a49bc542-2f0a-11e6-8869-8575ba8f1875.png">
### Questions:
* Does the licenses files need update? No
* Is there breaking changes for older versions? No
* Does this needs documentation? Yes, so I updated.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/AhyoungRyu/incubator-zeppelin ZEPPELIN-987
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/zeppelin/pull/993.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #993
----
commit c42c927e4f1c2aeb4630e28b6e47a7b54879da01
Author: AhyoungRyu <fb...@hanmail.net>
Date: 2016-06-10T19:36:42Z
Change authcBasic -> authc
commit 57cfe3616244a985cdb25babd72640cc51c9dea0
Author: AhyoungRyu <fb...@hanmail.net>
Date: 2016-06-10T19:37:12Z
Update shiro authentication docs
commit 3238c7540a7d7ea28eae00e33f1300481130a396
Author: AhyoungRyu <fb...@hanmail.net>
Date: 2016-06-10T19:41:15Z
Add interpreter, credential and configuration urls to shiro.ini
----
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] zeppelin issue #993: [ZEPPELIN-987] Enable user to secure interpreter settin...
Posted by prabhjyotsingh <gi...@git.apache.org>.
Github user prabhjyotsingh commented on the issue:
https://github.com/apache/zeppelin/pull/993
Tested on both firefox and chrome. Works well. \U0001f44d
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] zeppelin issue #993: [ZEPPELIN-987] Enable user to secure interpreter settin...
Posted by echarles <gi...@git.apache.org>.
Github user echarles commented on the issue:
https://github.com/apache/zeppelin/pull/993
@AhyoungRyu If you can come to an implementation that fits @prabhjyotsingh good idea, it would be great if you could make it `generic`, with a configurable list of functions that reflect in to the menu.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] zeppelin issue #993: [ZEPPELIN-987] Enable user to secure interpreter settin...
Posted by AhyoungRyu <gi...@git.apache.org>.
Github user AhyoungRyu commented on the issue:
https://github.com/apache/zeppelin/pull/993
@prabhjyotsingh Yeah it makes sense. It would be better. Let me figure out it then :)
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] zeppelin issue #993: [ZEPPELIN-987] Enable user to secure interpreter settin...
Posted by prabhjyotsingh <gi...@git.apache.org>.
Github user prabhjyotsingh commented on the issue:
https://github.com/apache/zeppelin/pull/993
Merging this if no more discussion.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] zeppelin issue #993: [ZEPPELIN-987] Enable user to secure interpreter settin...
Posted by AhyoungRyu <gi...@git.apache.org>.
Github user AhyoungRyu commented on the issue:
https://github.com/apache/zeppelin/pull/993
@echarles Yes. Thanks for your suggestion ! :)
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] zeppelin pull request #993: [ZEPPELIN-987] Enable user to secure interpreter...
Posted by asfgit <gi...@git.apache.org>.
Github user asfgit closed the pull request at:
https://github.com/apache/zeppelin/pull/993
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] zeppelin issue #993: [ZEPPELIN-987][WIP] Enable user to secure interpreter s...
Posted by cquptEthan <gi...@git.apache.org>.
Github user cquptEthan commented on the issue:
https://github.com/apache/zeppelin/pull/993
nice\uff01
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] zeppelin issue #993: [ZEPPELIN-987] Enable user to secure interpreter settin...
Posted by AhyoungRyu <gi...@git.apache.org>.
Github user AhyoungRyu commented on the issue:
https://github.com/apache/zeppelin/pull/993
@prabhjyotsingh Since #1100 was merged into master, I updated `credential.controler.js`.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] zeppelin issue #993: [ZEPPELIN-987] Enable user to secure interpreter settin...
Posted by AhyoungRyu <gi...@git.apache.org>.
Github user AhyoungRyu commented on the issue:
https://github.com/apache/zeppelin/pull/993
@prabhjyotsingh i'll rebase after #1100 merged and add the alert message to credential page as well :)
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] zeppelin issue #993: [ZEPPELIN-987] Enable user to secure interpreter settin...
Posted by prabhjyotsingh <gi...@git.apache.org>.
Github user prabhjyotsingh commented on the issue:
https://github.com/apache/zeppelin/pull/993
@AhyoungRyu is this still a work in progress ?
Is there a way in which we can go away with seeing all of these three munu i.e. Interpreter setting, Credentials and Configurations if user is not authorize to ?
Otherwise LGTM.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] zeppelin issue #993: [ZEPPELIN-987][WIP] Enable user to secure interpreter s...
Posted by corneadoug <gi...@git.apache.org>.
Github user corneadoug commented on the issue:
https://github.com/apache/zeppelin/pull/993
@AhyoungRyu Still working on this?
Could you rebase the branch with master?
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] zeppelin issue #993: [ZEPPELIN-987][WIP] Enable user to secure interpreter s...
Posted by AhyoungRyu <gi...@git.apache.org>.
Github user AhyoungRyu commented on the issue:
https://github.com/apache/zeppelin/pull/993
@prabhjyotsingh Sorry for my late response. Since i think they need to know the existence of those menus(`Interpretes`, `Configurations` and `Credentials`), I added `ngToast` error message instead of totally hiding the menus. See the updated gif images in the PR description. What do you think?
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] zeppelin issue #993: [ZEPPELIN-987][WIP] Enable user to secure interpreter s...
Posted by prabhjyotsingh <gi...@git.apache.org>.
Github user prabhjyotsingh commented on the issue:
https://github.com/apache/zeppelin/pull/993
Sure this will work. Thanks for the fix.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] zeppelin issue #993: [ZEPPELIN-987][WIP] Enable user to secure interpreter s...
Posted by AhyoungRyu <gi...@git.apache.org>.
Github user AhyoungRyu commented on the issue:
https://github.com/apache/zeppelin/pull/993
@prabhjyotsingh Thanks for your feedback. I addressed it in the last commit :)
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] zeppelin issue #993: [ZEPPELIN-987] Enable user to secure interpreter settin...
Posted by prabhjyotsingh <gi...@git.apache.org>.
Github user prabhjyotsingh commented on the issue:
https://github.com/apache/zeppelin/pull/993
I was thinking if all of these 3 Interpreter, Credentials, and Configuration menu can be hidden, like the way they are hidden in case of user not loggedin.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] zeppelin issue #993: [ZEPPELIN-987] Enable user to secure interpreter settin...
Posted by prabhjyotsingh <gi...@git.apache.org>.
Github user prabhjyotsingh commented on the issue:
https://github.com/apache/zeppelin/pull/993
LGTM!
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] zeppelin issue #993: [ZEPPELIN-987] Enable user to secure interpreter settin...
Posted by AhyoungRyu <gi...@git.apache.org>.
Github user AhyoungRyu commented on the issue:
https://github.com/apache/zeppelin/pull/993
@prabhjyotsingh No, I'm just waiting some reviews. I'm not sure that i understood your comment correctly,
>Is there a way in which we can go away with seeing all of these three menu i.e. Interpreter setting, Credentials and Configurations if user is not authorize to ?
I just wanted to make even if some users are already defined in `[users]` section, the other user ( maybe `admin`) can hide the three information. This is the scope of this PR :)
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---