Repository: zeppelin Updated Branches: refs/heads/master d38b2661e -> 0f81b6d61
[ZEPPELIN-3012] Interpreter Permissions not working properly for groups ### What is this PR for? This fixes issues when using Zeppelin with permissions for users belonging to more than one roles / groups. Constructor of org.apache.zeppelin.user.AuthenticationInfo didn't consider that the roles String will contain spaces, in case there is more than one role, e.g. 'role1, role2'. This change fixes the issue, by invoking trim() on each role. ### What type of PR is it? [Bug Fix] ### Todos ### What is the Jira issue? https://issues.apache.org/jira/browse/ZEPPELIN-3012 ### How should this be tested? * Enable shiro.ini, including 'admin' user * Login with 'admin' and enable Interpreter Permissions for any Interpreter, granting access to 'role2' * Try to use this Interpreter with 'user1', who belongs to role2. ### Screenshots (if appropriate) ### Questions: * Does the licenses files need update? no * Is there breaking changes for older versions? no * Does this needs documentation? no Author: Andreas Weise <a.we...@avm.de> Closes #2647 from weand/ZEPPELIN-3012 and squashes the following commits: 53a515a [Andreas Weise] [ZEPPELIN-3012] Interpreter Permissions not working properly for groups f46c11f [Andreas Weise] [ZEPPELIN-3012] Interpreter Permissions not working properly for groups b6103e3 [Andreas Weise] [ZEPPELIN-3012] Interpreter Permissions not working properly for groups [fix codestyle] 1e5d2b7 [Andreas Weise] [ZEPPELIN-3012] Interpreter Permissions not working properly for groups Project: http://git-wip-us.apache.org/repos/asf/zeppelin/repo Commit: http://git-wip-us.apache.org/repos/asf/zeppelin/commit/0f81b6d6 Tree: http://git-wip-us.apache.org/repos/asf/zeppelin/tree/0f81b6d6 Diff: http://git-wip-us.apache.org/repos/asf/zeppelin/diff/0f81b6d6 Branch: refs/heads/master Commit: 0f81b6d6132471ddf0e91cc3738da1ff365604f8 Parents: d38b266 Author: Andreas Weise <a.we...@avm.de> Authored: Wed Nov 8 20:42:15 2017 +0100 Committer: Jeff Zhang <zjf...@apache.org> Committed: Thu Nov 9 07:03:39 2017 +0800 ---------------------------------------------------------------------- .../zeppelin/user/AuthenticationInfo.java | 13 ++++-- .../zeppelin/user/AuthenticationInfoTest.java | 42 ++++++++++++++++++++ 2 files changed, 51 insertions(+), 4 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/zeppelin/blob/0f81b6d6/zeppelin-interpreter/src/main/java/org/apache/zeppelin/user/AuthenticationInfo.java ---------------------------------------------------------------------- diff --git a/zeppelin-interpreter/src/main/java/org/apache/zeppelin/user/AuthenticationInfo.java b/zeppelin-interpreter/src/main/java/org/apache/zeppelin/user/AuthenticationInfo.java index d00d160..fe9cba6 100644 --- a/zeppelin-interpreter/src/main/java/org/apache/zeppelin/user/AuthenticationInfo.java +++ b/zeppelin-interpreter/src/main/java/org/apache/zeppelin/user/AuthenticationInfo.java @@ -20,14 +20,15 @@ package org.apache.zeppelin.user; import java.util.ArrayList; -import java.util.Arrays; import java.util.List; -import com.google.gson.Gson; + import org.apache.commons.lang.StringUtils; import org.apache.zeppelin.common.JsonSerializable; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import com.google.gson.Gson; + /*** * */ @@ -57,8 +58,11 @@ public class AuthenticationInfo implements JsonSerializable { this.user = user; this.ticket = ticket; if (StringUtils.isNotBlank(roles) && roles.length() > 2) { - String[] r = roles.substring(1, roles.length() - 1).split(","); - this.roles = Arrays.asList(r); + this.roles = new ArrayList<>(); + for (final String role : roles.substring(1, roles.length() - 1) + .split(",")) { + this.roles.add(role.trim()); + } } } @@ -120,6 +124,7 @@ public class AuthenticationInfo implements JsonSerializable { || StringUtils.isEmpty(this.getUser()); } + @Override public String toJson() { return gson.toJson(this); } http://git-wip-us.apache.org/repos/asf/zeppelin/blob/0f81b6d6/zeppelin-interpreter/src/test/java/org/apache/zeppelin/user/AuthenticationInfoTest.java ---------------------------------------------------------------------- diff --git a/zeppelin-interpreter/src/test/java/org/apache/zeppelin/user/AuthenticationInfoTest.java b/zeppelin-interpreter/src/test/java/org/apache/zeppelin/user/AuthenticationInfoTest.java new file mode 100644 index 0000000..a13d91a --- /dev/null +++ b/zeppelin-interpreter/src/test/java/org/apache/zeppelin/user/AuthenticationInfoTest.java @@ -0,0 +1,42 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.zeppelin.user; + +import static org.junit.Assert.assertEquals; + +import java.util.ArrayList; +import java.util.Arrays; + +import org.junit.Test; + +public class AuthenticationInfoTest { + + @Test + public void testRoles() { + final String roles = "[role1, role2, role with space]"; + + final AuthenticationInfo authenticationInfo = new AuthenticationInfo("foo", + roles, "bar"); + + assertEquals( + new ArrayList<>(Arrays.asList("role1", "role2", "role with space")), + authenticationInfo.getRoles()); + + } + +}
