[GitHub] zeppelin issue #2925: ZEPPELIN-3404. Fail to run cronjob when user doesn't r...

2018-04-26 Thread weand 
Github user weand commented on the issue:

https://github.com/apache/zeppelin/pull/2925
  
great. LGTM :+1: please merge to master and branch-0.8


---

[GitHub] zeppelin issue #2925: ZEPPELIN-3404. Fail to run cronjob when user doesn't r...

2018-04-25 Thread zjffdu 
Github user zjffdu commented on the issue:

https://github.com/apache/zeppelin/pull/2925
  
Thanks @weand for review, comments are addressed


---

[GitHub] zeppelin issue #2925: ZEPPELIN-3404. Fail to run cronjob when user doesn't r...

2018-04-23 Thread weand 
Github user weand commented on the issue:

https://github.com/apache/zeppelin/pull/2925
  
@zjffdu uhm, I can't confirm it. Today after checking out this PR from 
scratch my first point now works correctly. sorry for the spam.

created issue 
[ZEPPELIN-3427](https://issues.apache.org/jira/browse/ZEPPELIN-3427) for the 
second point. is that really so complex to wait for 0.8.1 or 0.9.0 ?

Part of that change would be:
1) moving/adding logic of setting note.config.cronExecutionUser + 
cronExecutionRoles to 
org.apache.zeppelin.socket.NotebookServer.isCronUpdated(Map, 
Map) when _cronUpdated = true_.
2) Then evaluate those config properties in 
org.apache.zeppelin.notebook.Note.runAll() when authenticationInfo is created




---

[GitHub] zeppelin issue #2925: ZEPPELIN-3404. Fail to run cronjob when user doesn't r...

2018-04-23 Thread zjffdu 
Github user zjffdu commented on the issue:

https://github.com/apache/zeppelin/pull/2925
  
@weand I don't the first issue you mentioned, can you confirm that ? 
For the second point, I am afraid this is not trivial to fix, I would 
suggest to defer it to 0.8.1 or 0.9, what do you think ? 


---

[GitHub] zeppelin issue #2925: ZEPPELIN-3404. Fail to run cronjob when user doesn't r...

2018-04-22 Thread mebelousov 
Github user mebelousov commented on the issue:

https://github.com/apache/zeppelin/pull/2925
  
@weand Thank you!
Some addition to 2.
Over time user may not belong to group.
At first we could store cronExecutingRoles and in future it's to be good to 
check groups on the fly.


---

[GitHub] zeppelin issue #2925: ZEPPELIN-3404. Fail to run cronjob when user doesn't r...

2018-04-21 Thread weand 
Github user weand commented on the issue:

https://github.com/apache/zeppelin/pull/2925
  
The notebook now runs successfully after restart with the user who enabled 
the scheduler.

2 remaining issues:

1) user1 schedules the cron. then the note is executed via cron with 
'user1' only as long as nobody else runs the note. as soon as 'user2' runs the 
note manually, the cron will also use 'user2' from that time on. Endusers would 
expect the cron will always run as 'user1'.

2) One more valid but yet uncovered use case left in my mind (dealing with 
permissions):
- interpreter permissions have been set only for groups (e.g. DepartmentA 
should be allowed to run spark interpreter)
- user created note with %spark interpreter and schedules a cron
- now when cron runs, **only username is added to authentication info. 
groups of the user (e.g. DepartmentA in that example) are omitted** and the 
notebook fails with an error, that **user 'xyz' has no permission for running 
the interpreter**.

any chance to fix that case as well? 
I think of something like introducing cronExecutingRoles (in addition to  
cronExecutingUser) and adding all roles of the user who enables the cron to 
that config property. And then when a cron runs, all that roles are added to 
the corresponding authentication info.


---

[GitHub] zeppelin issue #2925: ZEPPELIN-3404. Fail to run cronjob when user doesn't r...

2018-04-21 Thread weand 
Github user weand commented on the issue:

https://github.com/apache/zeppelin/pull/2925
  
The notebook now runs successfully after restart with the user who enabled 
the scheduler.

There is one more valid use case left in my mind (dealing with permissions):
- interpreter permissions have been set only for groups (e.g. DepartmentA 
should be allowed to run spark interpreter)
- user created note with %spark interpreter and schedules a cron
- now when cron runs, only username is added to authentication info. groups 
of the user (e.g. DepartmentA in that example) are omitted and the notebook 
fails with an error, that user 'xyz' has no permission for running spark 
interpreter.

any chance to fix that case as well? 
I think of something like introducing cronExecutingRoles (in addition to  
cronExecutingUser) and adding all roles of the user who enables the cron to 
that config property. And then when a cron runs, all that roles are added to 
the corresponding authentication info.


---

[GitHub] zeppelin issue #2925: ZEPPELIN-3404. Fail to run cronjob when user doesn't r...

2018-04-19 Thread zjffdu 
Github user zjffdu commented on the issue:

https://github.com/apache/zeppelin/pull/2925
  
Thanks @weand , I agree with you that your proposal seems much easier. I 
have updated the PR, please help verify it, thanks 


---

[GitHub] zeppelin issue #2925: ZEPPELIN-3404. Fail to run cronjob when user doesn't r...

2018-04-19 Thread weand 
Github user weand commented on the issue:

https://github.com/apache/zeppelin/pull/2925
  
@mebelousov I fully agree that running document as the group is not what a 
user would expect.

That's why I'm proposing another approach again:
1) prior to #2914 the cronExecutionUser config property was added to 
org.apache.zeppelin.notebook.Note.config when activating the cron and entering 
a username
2) that property is not set anymore. this PR here only sets the 
authentication info at running time to something (a principal) from the 
permission tab (which can be user or groups, which can not be determined 
properly)
3) so why not again set that cronExecutionUser config property from 1) 
(under the hood): with the user who activates the cron schedule expression. 
when only the owner can enable cron expressions, it will always be the username 
regardless of what principals exactly are configured in the permissions tab.


---

[GitHub] zeppelin issue #2925: ZEPPELIN-3404. Fail to run cronjob when user doesn't r...

2018-04-19 Thread zjffdu 
Github user zjffdu commented on the issue:

https://github.com/apache/zeppelin/pull/2925
  
I am saying using group is not good, it just depends on user's setting. 
BTW, it looks like this PR also works for your scenario. In this PR, I would 
always choose the owner to run the cronjob. And in your case, you just set the 
owner as group. Do I understand it correctly ? :)




---

[GitHub] zeppelin issue #2925: ZEPPELIN-3404. Fail to run cronjob when user doesn't r...

2018-04-19 Thread mebelousov 
Github user mebelousov commented on the issue:

https://github.com/apache/zeppelin/pull/2925
  
@zjffdu This is your solution ;) I have tested your branch.

Do we have uniform opinion that running document as the group is not good?


---

[GitHub] zeppelin issue #2925: ZEPPELIN-3404. Fail to run cronjob when user doesn't r...

2018-04-19 Thread zjffdu 
Github user zjffdu commented on the issue:

https://github.com/apache/zeppelin/pull/2925
  
@mebelousov Your solution depends on shiro setting, we  could not assume 
that in code.


---

[GitHub] zeppelin issue #2925: ZEPPELIN-3404. Fail to run cronjob when user doesn't r...

2018-04-18 Thread mebelousov 
Github user mebelousov commented on the issue:

https://github.com/apache/zeppelin/pull/2925
  
@weand cronExecutionUser is set to the user who set the cron string inside 
the note.
@zjffdu I define groups in shiro.ini.
The user sets groupname in owner field. Then the note runs on cron from 
this groupname.


![image](https://user-images.githubusercontent.com/9324163/38917720-3fa94b32-42f4-11e8-938d-d68ac459d511.png)



---

[GitHub] zeppelin issue #2925: ZEPPELIN-3404. Fail to run cronjob when user doesn't r...

2018-04-17 Thread zjffdu 
Github user zjffdu commented on the issue:

https://github.com/apache/zeppelin/pull/2925
  
@mebelousov What do you mean `group as owner` ? And how do you use that ?




---

[GitHub] zeppelin issue #2925: ZEPPELIN-3404. Fail to run cronjob when user doesn't r...

2018-04-17 Thread weand 
Github user weand commented on the issue:

https://github.com/apache/zeppelin/pull/2925
  
and optionally (or alternatively) introduce a config parameter for a static 
cronExecutionUser (kind of service user) to be defined by ops team. when this 
config parameter is set, cron schedules will always use that user.


---

[GitHub] zeppelin issue #2925: ZEPPELIN-3404. Fail to run cronjob when user doesn't r...

2018-04-17 Thread weand 
Github user weand commented on the issue:

https://github.com/apache/zeppelin/pull/2925
  
@zjffdu is there a chance to set the cronExecutionUser implictly to the 
user who activates the cron schedule. 
and in addtion only allow owners (which can be defined by username or 
groupnames) to activate the cron schedule.


---

[GitHub] zeppelin issue #2925: ZEPPELIN-3404. Fail to run cronjob when user doesn't r...

2018-04-17 Thread mebelousov 
Github user mebelousov commented on the issue:

https://github.com/apache/zeppelin/pull/2925
  
@zjffdu I have checked with group as owner. This is ok.
Why do you think that use of owner is more secure than cronExecutingUser?


---

[GitHub] zeppelin issue #2925: ZEPPELIN-3404. Fail to run cronjob when user doesn't r...

2018-04-17 Thread zjffdu 
Github user zjffdu commented on the issue:

https://github.com/apache/zeppelin/pull/2925
  
@mebelousov Currently I would only allow note owner to set the schedule and 
run cron job via the owner. But seems zeppelin allow multiple owners for one 
note (it doesn't make sense to me), this is only what I can do the eliminate 
the security issue. 


---

[GitHub] zeppelin issue #2925: ZEPPELIN-3404. Fail to run cronjob when user doesn't r...

2018-04-17 Thread mebelousov 
Github user mebelousov commented on the issue:

https://github.com/apache/zeppelin/pull/2925
  
Groups can be note owners. As I see `AuthenticationInfo` is not valid for 
internal shiro groups.

How can I find the user which scheduled note?


---

[GitHub] zeppelin issue #2925: ZEPPELIN-3404. Fail to run cronjob when user doesn't r...

2018-04-16 Thread zjffdu 
Github user zjffdu commented on the issue:

https://github.com/apache/zeppelin/pull/2925
  
Update the PR to run the cron job as the note owner 


---

[GitHub] zeppelin issue #2925: ZEPPELIN-3404. Fail to run cronjob when user doesn't r...

2018-04-16 Thread zjffdu 
Github user zjffdu commented on the issue:

https://github.com/apache/zeppelin/pull/2925
  
Thanks @weand , even I didn't realize the user in note.json means the last 
user run the paragraph (I thought it is the owner). In that case, it seems 
meaningless to store user in note.json IMHO.  
Regarding the issue, I will update it soon


---

[GitHub] zeppelin issue #2925: ZEPPELIN-3404. Fail to run cronjob when user doesn't r...

2018-04-16 Thread weand 
Github user weand commented on the issue:

https://github.com/apache/zeppelin/pull/2925
  
so running via cron will use the last user that executed a paragraph. that 
does not fit exactly to the docu change from original PR:
> Cron executing user (It is removed from 0.8 where it **enforces the cron 
execution user to be the note owner** for security purpose)

[https://github.com/apache/zeppelin/pull/2914/files#diff-bed1be4fb1f7f6c8e3bd6db18d72dc44](https://github.com/apache/zeppelin/pull/2914/files#diff-bed1be4fb1f7f6c8e3bd6db18d72dc44)


---

[GitHub] zeppelin issue #2925: ZEPPELIN-3404. Fail to run cronjob when user doesn't r...

2018-04-16 Thread r-kamath 
Github user r-kamath commented on the issue:

https://github.com/apache/zeppelin/pull/2925
  
LGTM


---

[GitHub] zeppelin issue #2925: ZEPPELIN-3404. Fail to run cronjob when user doesn't r...

2018-04-15 Thread zjffdu 
Github user zjffdu commented on the issue:

https://github.com/apache/zeppelin/pull/2925
  
@felixcheung Mind to help review it ?


---