Repository: incubator-zeppelin Updated Branches: refs/heads/master b15964544 -> 81b47c039
add note permission,logout so that people cannot access my notes ### What is this PR for? resolve logout so that people cannot access my notes, Notebook to modify the permissions will pop up, and provide the login button, rather than the login button on the home page ### What type of PR is it? [ Improvement ] ### Todos * [ ] - Task ### What is the Jira issue? https://issues.apache.org/jira/browse/ZEPPELIN-723 ### How should this be tested? 1. create a notebook 2. click Note Permission 3. Enter comma separated users and groups,ex: owners:admin,user1; readers:*;writers:admin,user1 4. click "Run this paragraph", warn "only admin,user1 can write this notebook ", prompt box show "Login" button 5. click "Login" button, userName:user1,password:password2, after login success, click "Run this paragraph", can access this notebook 6. click "Logout" button,cannot access this notebook ### Screenshots (if appropriate) ### Questions: * Does the licenses files need update? * Is there breaking changes for older versions? * Does this needs documentation? Author: wind0727 <[email protected]> Closes #861 from wind0727/branch_permission and squashes the following commits: 77c54f2 [wind0727] Update navbar.html 48134c8 [wind0727] Update navbar.html 461adab [wind0727] add note permission 57dbcbe [wind0727] add note permission 5927e2e [wind0727] add note permission 62568a2 [wind0727] add note permission 59ae368 [wind0727] add note permission b5f4117 [wind0727] add note permission 9fedb5c [wind0727] add note permission 61ebd98 [wind0727] add note permission d1cc0ce [wind0727] add note permission d8fa99b [wind0727] add note permission e736955 [wind0727] add note permission 02e606d [wind0727] add note permission d69dd1d [wind0727] add note permission Project: http://git-wip-us.apache.org/repos/asf/incubator-zeppelin/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-zeppelin/commit/81b47c03 Tree: http://git-wip-us.apache.org/repos/asf/incubator-zeppelin/tree/81b47c03 Diff: http://git-wip-us.apache.org/repos/asf/incubator-zeppelin/diff/81b47c03 Branch: refs/heads/master Commit: 81b47c039ea99cd85f663e02f7aef9c1248fea55 Parents: b159645 Author: wind0727 <[email protected]> Authored: Tue May 3 12:49:35 2016 +0800 Committer: Prabhjyot Singh <[email protected]> Committed: Wed May 11 12:02:18 2016 +0530 ---------------------------------------------------------------------- .../org/apache/zeppelin/rest/LoginRestApi.java | 20 ++++++++++++++++++ .../src/app/notebook/notebook.controller.js | 22 ++++++++++++++++---- .../src/components/login/login.controller.js | 1 + .../src/components/navbar/navbar.controller.js | 21 +++++++++++++++++-- zeppelin-web/src/components/navbar/navbar.html | 5 +++-- .../websocketEvents/websocketEvents.factory.js | 22 ++++++++++++++++---- 6 files changed, 79 insertions(+), 12 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-zeppelin/blob/81b47c03/zeppelin-server/src/main/java/org/apache/zeppelin/rest/LoginRestApi.java ---------------------------------------------------------------------- diff --git a/zeppelin-server/src/main/java/org/apache/zeppelin/rest/LoginRestApi.java b/zeppelin-server/src/main/java/org/apache/zeppelin/rest/LoginRestApi.java index 2cf707c..0069d47 100644 --- a/zeppelin-server/src/main/java/org/apache/zeppelin/rest/LoginRestApi.java +++ b/zeppelin-server/src/main/java/org/apache/zeppelin/rest/LoginRestApi.java @@ -65,6 +65,9 @@ public class LoginRestApi { JsonResponse response = null; // ticket set to anonymous for anonymous user. Simplify testing. Subject currentUser = org.apache.shiro.SecurityUtils.getSubject(); + if (currentUser.isAuthenticated()) { + currentUser.logout(); + } if (!currentUser.isAuthenticated()) { try { UsernamePasswordToken token = new UsernamePasswordToken(userName, password); @@ -107,6 +110,23 @@ public class LoginRestApi { LOG.warn(response.toString()); return response.build(); } + + @POST + @Path("logout") + public Response logout() { + JsonResponse response; + + Subject currentUser = org.apache.shiro.SecurityUtils.getSubject(); + currentUser.logout(); + Map<String, String> data = new HashMap<>(); + data.put("principal", "anonymous"); + data.put("roles", ""); + data.put("ticket", "anonymous"); + + response = new JsonResponse(Response.Status.OK, "", data); + LOG.warn(response.toString()); + return response.build(); + } } http://git-wip-us.apache.org/repos/asf/incubator-zeppelin/blob/81b47c03/zeppelin-web/src/app/notebook/notebook.controller.js ---------------------------------------------------------------------- diff --git a/zeppelin-web/src/app/notebook/notebook.controller.js b/zeppelin-web/src/app/notebook/notebook.controller.js index 3656394..8fe5a34 100644 --- a/zeppelin-web/src/app/notebook/notebook.controller.js +++ b/zeppelin-web/src/app/notebook/notebook.controller.js @@ -686,10 +686,24 @@ angular.module('zeppelinWebApp').controller('NotebookCtrl', }). error(function(data, status, headers, config) { console.log('Error %o %o', status, data.message); - BootstrapDialog.alert({ - closable: true, - title: 'Insufficient privileges', - message: data.message + BootstrapDialog.show({ + closable: true, + title: 'Insufficient privileges', + message: data.message, + buttons: [{ + label: 'Login', + action: function(dialog) { + dialog.close(); + angular.element('#loginModal').modal({ + show: 'true' + }); + } + }, { + label: 'Cancel', + action: function(dialog){ + dialog.close(); + } + }] }); }); }; http://git-wip-us.apache.org/repos/asf/incubator-zeppelin/blob/81b47c03/zeppelin-web/src/components/login/login.controller.js ---------------------------------------------------------------------- diff --git a/zeppelin-web/src/components/login/login.controller.js b/zeppelin-web/src/components/login/login.controller.js index 3a4f535..0513021 100644 --- a/zeppelin-web/src/components/login/login.controller.js +++ b/zeppelin-web/src/components/login/login.controller.js @@ -33,6 +33,7 @@ angular.module('zeppelinWebApp').controller('LoginCtrl', $rootScope.ticket = response.data.body; angular.element('#loginModal').modal('toggle'); $rootScope.$broadcast('loginSuccess', true); + $rootScope.userName = $scope.loginParams.userName; }, function errorCallback(errorResponse) { $scope.loginParams.errorText = 'The username and password that you entered don\'t match.'; }); http://git-wip-us.apache.org/repos/asf/incubator-zeppelin/blob/81b47c03/zeppelin-web/src/components/navbar/navbar.controller.js ---------------------------------------------------------------------- diff --git a/zeppelin-web/src/components/navbar/navbar.controller.js b/zeppelin-web/src/components/navbar/navbar.controller.js index 02db331..80fe83a 100644 --- a/zeppelin-web/src/components/navbar/navbar.controller.js +++ b/zeppelin-web/src/components/navbar/navbar.controller.js @@ -14,8 +14,8 @@ 'use strict'; -angular.module('zeppelinWebApp').controller('NavCtrl', function($scope, $rootScope, $routeParams, - $location, notebookListDataFactory, websocketMsgSrv, arrayOrderingSrv) { +angular.module('zeppelinWebApp').controller('NavCtrl', function($scope, $rootScope, $http, $routeParams, + $location, notebookListDataFactory, baseUrlSrv, websocketMsgSrv, arrayOrderingSrv) { /** Current list of notes (ids) */ $scope.showLoginWindow = function() { @@ -70,6 +70,23 @@ angular.module('zeppelinWebApp').controller('NavCtrl', function($scope, $rootSco $scope.checkUsername(); loadNotes(); }); + + $scope.logout = function() { + $http.post(baseUrlSrv.getRestApiBase()+'/login/logout'). + success(function(data, status, headers, config) { + $rootScope.userName = ''; + $rootScope.ticket.principal = ''; + $rootScope.ticket.ticket = ''; + $rootScope.ticket.roles = ''; + BootstrapDialog.show({ + message: 'Logout Success' + }); + }). + error(function(data, status, headers, config) { + console.log('Error %o %o', status, data.message); + }); + + }; $scope.search = function() { $location.url(/search/ + $scope.searchTerm); http://git-wip-us.apache.org/repos/asf/incubator-zeppelin/blob/81b47c03/zeppelin-web/src/components/navbar/navbar.html ---------------------------------------------------------------------- diff --git a/zeppelin-web/src/components/navbar/navbar.html b/zeppelin-web/src/components/navbar/navbar.html index db74317..d3baaf7 100644 --- a/zeppelin-web/src/components/navbar/navbar.html +++ b/zeppelin-web/src/components/navbar/navbar.html @@ -2,9 +2,7 @@ Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at - http://www.apache.org/licenses/LICENSE-2.0 - Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -96,6 +94,9 @@ limitations under the License. <li ng-if="!ticket"> <button class="btn btn-default" data-toggle="modal" data-target="#loginModal" ng-click="showLoginWindow()" style="margin-left: 10px">Login</button> </li> + <li ng-show="ticket.principal != 'anonymous'"> + <button type="button" class="btn btn-default btn-xs" ng-click="logout()" tooltip-placement="bottom" tooltip="logout">{{ticket.principal}}</button> + </li> </ul> </div> </div> http://git-wip-us.apache.org/repos/asf/incubator-zeppelin/blob/81b47c03/zeppelin-web/src/components/websocketEvents/websocketEvents.factory.js ---------------------------------------------------------------------- diff --git a/zeppelin-web/src/components/websocketEvents/websocketEvents.factory.js b/zeppelin-web/src/components/websocketEvents/websocketEvents.factory.js index 0367889..3a261a7 100644 --- a/zeppelin-web/src/components/websocketEvents/websocketEvents.factory.js +++ b/zeppelin-web/src/components/websocketEvents/websocketEvents.factory.js @@ -60,10 +60,24 @@ angular.module('zeppelinWebApp').factory('websocketEvents', function($rootScope, } else if (op === 'NOTES_INFO') { $rootScope.$broadcast('setNoteMenu', data.notes); } else if (op === 'AUTH_INFO') { - BootstrapDialog.alert({ - closable: true, - title: 'Insufficient privileges', - message: data.info.toString() + BootstrapDialog.show({ + closable: true, + title: 'Insufficient privileges', + message: data.info.toString(), + buttons: [{ + label: 'Login', + action: function(dialog) { + dialog.close(); + angular.element('#loginModal').modal({ + show: 'true' + }); + } + }, { + label: 'Cancel', + action: function(dialog){ + dialog.close(); + } + }] }); } else if (op === 'PARAGRAPH') { $rootScope.$broadcast('updateParagraph', data);
