Savalek closed pull request #3179: [ZEPPELIN-3773] - add check permission on
write.
URL: https://github.com/apache/zeppelin/pull/3179
This is a PR merged from a forked repository.
As GitHub hides the original diff on merge, it is displayed below for
the sake of provenance:
As this is a foreign pull request (from a fork), the diff is supplied
below (as it won't show otherwise due to GitHub magic):
diff --git a/zeppelin-web/src/app/notebook/notebook.controller.js
b/zeppelin-web/src/app/notebook/notebook.controller.js
index 426667d6c9..52b5774252 100644
--- a/zeppelin-web/src/app/notebook/notebook.controller.js
+++ b/zeppelin-web/src/app/notebook/notebook.controller.js
@@ -1200,6 +1200,31 @@ function NotebookCtrl($scope, $route, $routeParams,
$location, $rootScope,
return true;
};
+ $scope.userHasWritePermission = function() {
+ let owners = $scope.permissions.owners;
+ let writers = $scope.permissions.writers;
+
+ if (owners.length === 0 || writers.length === 0) {
+ return true;
+ }
+
+ let userName = $rootScope.ticket.principal;
+ let userRoles = $rootScope.ticket.roles;
+
+ userRoles = userRoles.substr(1, userRoles.length - 2).replace(/"/g,
'').split(',');
+ let userNameAndRoles = [];
+ userNameAndRoles.push(userName);
+ if (userRoles !== null) {
+ userNameAndRoles = userRoles.concat(userNameAndRoles);
+ }
+
+ if (owners.concat(writers).some((name) =>
userNameAndRoles.includes(name))) {
+ return true;
+ }
+
+ return false;
+ };
+
$scope.toggleNotePersonalizedMode = function() {
let personalizedMode = $scope.note.config.personalizedMode;
if ($scope.isOwner) {
diff --git a/zeppelin-web/src/app/notebook/paragraph/paragraph.controller.js
b/zeppelin-web/src/app/notebook/paragraph/paragraph.controller.js
index 5f01c7e802..7ab39fd988 100644
--- a/zeppelin-web/src/app/notebook/paragraph/paragraph.controller.js
+++ b/zeppelin-web/src/app/notebook/paragraph/paragraph.controller.js
@@ -759,6 +759,9 @@ function ParagraphCtrl($scope, $rootScope, $route, $window,
$routeParams, $locat
};
$scope.sendPatch = function() {
+ if (!$scope.userHasWritePermission()) {
+ return;
+ }
$scope.originalText = $scope.originalText ? $scope.originalText : '';
let patch = $scope.diffMatchPatch.patch_make($scope.originalText,
$scope.dirtyText).toString();
$scope.originalText = $scope.dirtyText;
@@ -1126,6 +1129,7 @@ function ParagraphCtrl($scope, $rootScope, $route,
$window, $routeParams, $locat
$scope.$on('editorSetting', function(event, data) {
if (paragraph.id === data.paragraphId) {
deferred.resolve(data);
+ $scope.editor.setReadOnly(!$scope.userHasWritePermission());
}
}
), 1000);
@@ -1528,7 +1532,7 @@ function ParagraphCtrl($scope, $rootScope, $route,
$window, $routeParams, $locat
$scope.paragraph.settings = newPara.settings;
$scope.paragraph.runtimeInfos = newPara.runtimeInfos;
if ($scope.editor) {
- let isReadOnly = $scope.isRunning(newPara) || $scope.isNoteRunning;
+ let isReadOnly = $scope.isRunning(newPara) || $scope.isNoteRunning ||
!$scope.userHasWritePermission();
$scope.editor.setReadOnly(isReadOnly);
}
diff --git
a/zeppelin-web/src/app/notebook/paragraph/result/result.controller.js
b/zeppelin-web/src/app/notebook/paragraph/result/result.controller.js
index 86f112bda3..9103b37661 100644
--- a/zeppelin-web/src/app/notebook/paragraph/result/result.controller.js
+++ b/zeppelin-web/src/app/notebook/paragraph/result/result.controller.js
@@ -758,7 +758,9 @@ function ResultCtrl($scope, $rootScope, $route, $window,
$routeParams, $location
}, newParagraphConfig.results[resultIndex], paragraph, resultIndex);
renderResult($scope.type, true);
} else {
- return websocketMsgSrv.commitParagraph(paragraph.id, title, text,
newParagraphConfig, params);
+ if ($scope.userHasWritePermission()) {
+ return websocketMsgSrv.commitParagraph(paragraph.id, title, text,
newParagraphConfig, params);
+ }
}
};
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
