Github user prasadwagle commented on the pull request:
https://github.com/apache/incubator-zeppelin/pull/681#issuecomment-182639353
@Leemoonsoo and @sourav-mazumder, I really appreciate your feedback.
@Leemoonsoo,
I fixed the note permission background and wildcard placeholder issue.
> So, do you have good idea to make note permission feature gracefully
aware notebook portability?
I am not sure how to gracefully deal with permissions when notebooks are
ported to a different Zeppelin server with different user and groups. One
option is to delete permission information when we port so notes are accessible
to anyone (the default case). We could save permissions information in a
separate file. I have created
https://issues.apache.org/jira/browse/ZEPPELIN-666 to track this issue.
@sourav-mazumder,
Regarding comment 1 and 3, I will clarify the interpreter vs target data
source authorization distinction in docs/security/interpreter_authorization.md
and research Apache Knox.
Regarding comment 2, it is not clear to me why user and group names allowed
to access notebooks should be encrypted. We are not storing any credentials and
only the zeppelin process can modify note permissions when a request is made by
one of the note's owners.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
