[GitHub] incubator-zeppelin pull request: Notebook Authorization

Fri, 26 Feb 2016 09:59:13 -0800 

GitHub user prasadwagle reopened a pull request:

    https://github.com/apache/incubator-zeppelin/pull/681

    Notebook Authorization

    ### What is this PR for?
    The goal of the PR is to add authorization for notebooks according to the 
design document [here] 
(https://gist.github.com/prasadwagle/712b7ca1e0f1f4f1aa20).
    The PR uses Shiro authentication.
    
    ### What type of PR is it?
    Feature
    
    ### Todos
    * [ ] - Find way to get roles for a user in SecurityUtils (see SHIRO-492)
    * [x] - Investigate how to use Shiro authorization
    * [x] - Use groups associated with user to determine if operation is 
permitted
    * [x] - Check if user has permissions to modify note permissions
    * [x] - Add checks in more NotebookServer operations
    * [x] - Improve UI (explain permissions, error messages)
    * [x] - Add unit tests
    * [x] - Documentation
    
    ### Is there a relevant Jira issue?
    ZEPPELIN-549
    
    ### How should this be tested?
    1. Enable Basic Auth Security by changing conf/shiro.ini.
    1. Create a note. By default all operations are allowed by any 
authenticated user.
    1. Update readers, writers and owners by clicking on the lock icon in the 
top right area.
    1. Check if users can or cannot perform operations according to the 
permissions.
    
    ### Screenshots (if appropriate)
    
![Screenshot](https://cloud.githubusercontent.com/assets/870829/12711820/c70fa336-c877-11e5-84e8-e282231988b2.gif)
    
    
    ### Questions:
    * Does the licenses files need update? No
    * Is there breaking changes for older versions? No
    * Does this needs documentation? No

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/prasadwagle/incubator-zeppelin 
notebook_authorization

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/incubator-zeppelin/pull/681.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #681
    
----
commit 6e85730343399c174090d2cf329bc3407d12e142
Author: Prasad Wagle <pwa...@twitter.com>
Date:   2016-02-01T06:30:51Z

    Notebook Authorization

commit a8d0ecbb8f973a10a60e17f0b27b2c63c6623e78
Author: Prasad Wagle <pwa...@twitter.com>
Date:   2016-02-05T01:57:19Z

    Add security documentation

commit 6b9e27447ddc2b7f58be9bad16cf527521405ce1
Author: Prasad Wagle <pwa...@twitter.com>
Date:   2016-02-05T02:01:53Z

    Add unit test for note permissions

commit 06c5e07c23cdc5f2e95dd8368faf5780f0f0665a
Author: Prasad Wagle <pwa...@twitter.com>
Date:   2016-02-05T02:02:47Z

    Update navigation.html for security docs

commit fbbd04b39e8b0a629c2b6284016c4853c7f6425a
Author: Prasad Wagle <pwa...@twitter.com>
Date:   2016-02-05T02:04:38Z

    Make insufficient privileges error message easier to read

commit 3a5e5c08daae705c5a48a63d4f3b9660a3b7ef17
Author: Prasad Wagle <pwa...@twitter.com>
Date:   2016-02-05T02:05:18Z

    Check if user has permissions to modify note permissions

commit 25543155b2e1b7065493352688836ba1d0d7c9d1
Author: Prasad Wagle <pwa...@twitter.com>
Date:   2016-02-06T00:26:53Z

    Use user and roles for checking note permissions

commit 6c89dbe93d5b3e0c2d86ff892271a25fc1809e9d
Author: Prasad Wagle <pwa...@twitter.com>
Date:   2016-02-10T21:44:31Z

    Implement Moon's suggestions on note permissions background and wildcard 
placeholder

commit 1ac076e1a87e6ee11644cf77d78f59d444e82180
Author: Prasad Wagle <pwa...@twitter.com>
Date:   2016-02-11T04:54:10Z

    Fixed typo in _navigation.html and updated interpreter_authorization.md

commit 28ea69763cf2954d8fae84568a974672c65b18a8
Author: Prasad Wagle <pwa...@twitter.com>
Date:   2016-02-15T22:56:18Z

    Fixed issues with security documentation reported by @AhyoungRyu

commit 733530f0fe35e8d0ada2f44653e04060dfdf87d9
Author: Prasad Wagle <pwa...@twitter.com>
Date:   2016-02-25T21:00:06Z

    Minor doc fix

commit 52f491468818634dd6403cfee69f7f3653b2a512
Author: Prasad Wagle <pwa...@twitter.com>
Date:   2016-02-25T23:22:51Z

    Check whether roles is non-empty before adding to userAndRoles

commit 29ebf486fc28d4a1570d59a1efef5dac562ac72e
Author: Prasad Wagle <pwa...@twitter.com>
Date:   2016-02-25T23:38:23Z

    Merge with master

commit 24e8de4a8540da37039b4472e8ab5739e0a320c8
Author: Prasad Wagle <pwa...@twitter.com>
Date:   2016-02-26T00:01:13Z

    Remove duplicate imports

commit e7cffd821dfad92012b6449fccb7a7d64300dc7c
Author: Prasad Wagle <pwa...@twitter.com>
Date:   2016-02-26T00:54:47Z

    Restore anon default in shiro.ini

----


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

Reply via email to