Uploaded image for project: 'Zeppelin'
  1. Zeppelin
  2. ZEPPELIN-987

Enable user to secure interpreter setting, credentials and configurations info

Details

    • Improvement
    • Status: Resolved
    • Minor
    • Resolution: Fixed
    • None
    • 0.7.0
    • None
    • None

    Description

      It would be better if users can hide Interpreter Setting, Credentials and Configuration information in Apache Zeppelin by using Shiro authentication.

      ( This issue was originally came from Zeppelin user mailing list by Tom Norden. )

      Attachments

        Issue Links

          Activity

            githubbot ASF GitHub Bot added a comment -

            GitHub user AhyoungRyu opened a pull request:

            https://github.com/apache/zeppelin/pull/993

            ZEPPELIN-987 Enable user to secure interpreter setting, credentials and configurations info

                1. What is this PR for?
                  For some user case, people might want to hide *Interpreter Setting, **Credentials* and *Configurations* information to other users (who are defined in `conf/shiro.ini`). So I added

            ```
            #/api/interpreter/** = authc, roles[admin]
            #/api/configurations/** = authc, roles[admin]
            #/api/credential/** = authc, roles[admin]
            ```
            below the [ [urls] ](https://github.com/apache/zeppelin/blob/master/conf/shiro.ini#L38) section.

            This issue was originally suggested in [Zeppelin user mailing list](https://mail-archives.apache.org/mod_mbox/zeppelin-users/201606.mbox/%3CCAPgU7Y%3DBJrXQ_P0ond4PTukoya0FEjwoPuUb31iN3qwo8iyM1Q%40mail.gmail.com%3E) by @TomNorden

                1. What type of PR is it?
                  Improvement | Documentation
                1. Todos
            • [x] - Add `interpreter`, `credential` and `configuration` url to `conf/shiro.ini`
            • [x] - Update `shiroauthentication.md` for this change
                1. What is the Jira issue?
                  ZEPPELIN-987(https://issues.apache.org/jira/browse/ZEPPELIN-987)
                1. How should this be tested?
                  1. Apply this patch and restart Zeppelin
                  2. Login with `admin` and `password1`
                  3. Go to interpreter, credential and configuration tab -> You can see all of the information in each tabs
                  4. Logout -> Login again with `user1` and `password2`
                  5. Go to interpreter, credential and configuration tab -> In this time, you can't see all of the information in each tabs
                1. Screenshots (if appropriate)
            • `shiroauthentication.md`
              <img width="807" alt="screen shot 2016-06-10 at 12 25 02 pm" src="https://cloud.githubusercontent.com/assets/10060731/15976949/a49bc542-2f0a-11e6-8869-8575ba8f1875.png">
                1. Questions:
            • Does the licenses files need update? No
            • Is there breaking changes for older versions? No
            • Does this needs documentation? Yes, so I updated.

            You can merge this pull request into a Git repository by running:

            $ git pull https://github.com/AhyoungRyu/incubator-zeppelin ZEPPELIN-987

            Alternatively you can review and apply these changes as the patch at:

            https://github.com/apache/zeppelin/pull/993.patch

            To close this pull request, make a commit to your master/trunk branch
            with (at least) the following in the commit message:

            This closes #993


            commit c42c927e4f1c2aeb4630e28b6e47a7b54879da01
            Author: AhyoungRyu <fbdkdud93@hanmail.net>
            Date: 2016-06-10T19:36:42Z

            Change authcBasic -> authc

            commit 57cfe3616244a985cdb25babd72640cc51c9dea0
            Author: AhyoungRyu <fbdkdud93@hanmail.net>
            Date: 2016-06-10T19:37:12Z

            Update shiro authentication docs

            commit 3238c7540a7d7ea28eae00e33f1300481130a396
            Author: AhyoungRyu <fbdkdud93@hanmail.net>
            Date: 2016-06-10T19:41:15Z

            Add interpreter, credential and configuration urls to shiro.ini


            githubbot ASF GitHub Bot added a comment - GitHub user AhyoungRyu opened a pull request: https://github.com/apache/zeppelin/pull/993 ZEPPELIN-987 Enable user to secure interpreter setting, credentials and configurations info What is this PR for? For some user case, people might want to hide * Interpreter Setting , **Credentials * and * Configurations * information to other users (who are defined in `conf/shiro.ini`). So I added ``` #/api/interpreter/** = authc, roles [admin] #/api/configurations/** = authc, roles [admin] #/api/credential/** = authc, roles [admin] ``` below the [ [urls] ]( https://github.com/apache/zeppelin/blob/master/conf/shiro.ini#L38 ) section. This issue was originally suggested in [Zeppelin user mailing list] ( https://mail-archives.apache.org/mod_mbox/zeppelin-users/201606.mbox/%3CCAPgU7Y%3DBJrXQ_P0ond4PTukoya0FEjwoPuUb31iN3qwo8iyM1Q%40mail.gmail.com%3E ) by @TomNorden What type of PR is it? Improvement | Documentation Todos [x] - Add `interpreter`, `credential` and `configuration` url to `conf/shiro.ini` [x] - Update `shiroauthentication.md` for this change What is the Jira issue? ZEPPELIN-987 ( https://issues.apache.org/jira/browse/ZEPPELIN-987 ) How should this be tested? 1. Apply this patch and restart Zeppelin 2. Login with `admin` and `password1` 3. Go to interpreter, credential and configuration tab -> You can see all of the information in each tabs 4. Logout -> Login again with `user1` and `password2` 5. Go to interpreter, credential and configuration tab -> In this time, you can't see all of the information in each tabs Screenshots (if appropriate) When you login with `user1` (doesn't have permission to see the interpreter, credential and cofiguration info) ! [shiro] ( https://cloud.githubusercontent.com/assets/10060731/15976943/9bbdc100-2f0a-11e6-884c-379449c7b5a2.gif ) `shiroauthentication.md` <img width="807" alt="screen shot 2016-06-10 at 12 25 02 pm" src="https://cloud.githubusercontent.com/assets/10060731/15976949/a49bc542-2f0a-11e6-8869-8575ba8f1875.png"> Questions: Does the licenses files need update? No Is there breaking changes for older versions? No Does this needs documentation? Yes, so I updated. You can merge this pull request into a Git repository by running: $ git pull https://github.com/AhyoungRyu/incubator-zeppelin ZEPPELIN-987 Alternatively you can review and apply these changes as the patch at: https://github.com/apache/zeppelin/pull/993.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #993 commit c42c927e4f1c2aeb4630e28b6e47a7b54879da01 Author: AhyoungRyu <fbdkdud93@hanmail.net> Date: 2016-06-10T19:36:42Z Change authcBasic -> authc commit 57cfe3616244a985cdb25babd72640cc51c9dea0 Author: AhyoungRyu <fbdkdud93@hanmail.net> Date: 2016-06-10T19:37:12Z Update shiro authentication docs commit 3238c7540a7d7ea28eae00e33f1300481130a396 Author: AhyoungRyu <fbdkdud93@hanmail.net> Date: 2016-06-10T19:41:15Z Add interpreter, credential and configuration urls to shiro.ini
            githubbot ASF GitHub Bot added a comment -

            Github user prabhjyotsingh commented on the issue:

            https://github.com/apache/zeppelin/pull/993

            @AhyoungRyu is this still a work in progress ?
            Is there a way in which we can go away with seeing all of these three munu i.e. Interpreter setting, Credentials and Configurations if user is not authorize to ?

            Otherwise LGTM.

            githubbot ASF GitHub Bot added a comment - Github user prabhjyotsingh commented on the issue: https://github.com/apache/zeppelin/pull/993 @AhyoungRyu is this still a work in progress ? Is there a way in which we can go away with seeing all of these three munu i.e. Interpreter setting, Credentials and Configurations if user is not authorize to ? Otherwise LGTM.
            githubbot ASF GitHub Bot added a comment -

            Github user AhyoungRyu commented on the issue:

            https://github.com/apache/zeppelin/pull/993

            @prabhjyotsingh No, I'm just waiting some reviews. I'm not sure that i understood your comment correctly,
            >Is there a way in which we can go away with seeing all of these three menu i.e. Interpreter setting, Credentials and Configurations if user is not authorize to ?

            I just wanted to make even if some users are already defined in `[users]` section, the other user ( maybe `admin`) can hide the three information. This is the scope of this PR

            githubbot ASF GitHub Bot added a comment - Github user AhyoungRyu commented on the issue: https://github.com/apache/zeppelin/pull/993 @prabhjyotsingh No, I'm just waiting some reviews. I'm not sure that i understood your comment correctly, >Is there a way in which we can go away with seeing all of these three menu i.e. Interpreter setting, Credentials and Configurations if user is not authorize to ? I just wanted to make even if some users are already defined in ` [users] ` section, the other user ( maybe `admin`) can hide the three information. This is the scope of this PR
            githubbot ASF GitHub Bot added a comment -

            Github user prabhjyotsingh commented on the issue:

            https://github.com/apache/zeppelin/pull/993

            I was thinking if all of these 3 Interpreter, Credentials, and Configuration menu can be hidden, like the way they are hidden in case of user not loggedin.

            githubbot ASF GitHub Bot added a comment - Github user prabhjyotsingh commented on the issue: https://github.com/apache/zeppelin/pull/993 I was thinking if all of these 3 Interpreter, Credentials, and Configuration menu can be hidden, like the way they are hidden in case of user not loggedin.
            githubbot ASF GitHub Bot added a comment -

            Github user AhyoungRyu commented on the issue:

            https://github.com/apache/zeppelin/pull/993

            @prabhjyotsingh Yeah it makes sense. It would be better. Let me figure out it then

            githubbot ASF GitHub Bot added a comment - Github user AhyoungRyu commented on the issue: https://github.com/apache/zeppelin/pull/993 @prabhjyotsingh Yeah it makes sense. It would be better. Let me figure out it then
            githubbot ASF GitHub Bot added a comment -

            Github user echarles commented on the issue:

            https://github.com/apache/zeppelin/pull/993

            @AhyoungRyu If you can come to an implementation that fits @prabhjyotsingh good idea, it would be great if you could make it `generic`, with a configurable list of functions that reflect in to the menu.

            githubbot ASF GitHub Bot added a comment - Github user echarles commented on the issue: https://github.com/apache/zeppelin/pull/993 @AhyoungRyu If you can come to an implementation that fits @prabhjyotsingh good idea, it would be great if you could make it `generic`, with a configurable list of functions that reflect in to the menu.
            githubbot ASF GitHub Bot added a comment -

            Github user AhyoungRyu commented on the issue:

            https://github.com/apache/zeppelin/pull/993

            @echarles Yes. Thanks for your suggestion !

            githubbot ASF GitHub Bot added a comment - Github user AhyoungRyu commented on the issue: https://github.com/apache/zeppelin/pull/993 @echarles Yes. Thanks for your suggestion !
            githubbot ASF GitHub Bot added a comment -

            Github user cquptEthan commented on the issue:

            https://github.com/apache/zeppelin/pull/993

            nice!

            githubbot ASF GitHub Bot added a comment - Github user cquptEthan commented on the issue: https://github.com/apache/zeppelin/pull/993 nice!
            githubbot ASF GitHub Bot added a comment -

            Github user corneadoug commented on the issue:

            https://github.com/apache/zeppelin/pull/993

            @AhyoungRyu Still working on this?
            Could you rebase the branch with master?

            githubbot ASF GitHub Bot added a comment - Github user corneadoug commented on the issue: https://github.com/apache/zeppelin/pull/993 @AhyoungRyu Still working on this? Could you rebase the branch with master?
            githubbot ASF GitHub Bot added a comment -

            Github user AhyoungRyu commented on the issue:

            https://github.com/apache/zeppelin/pull/993

            @prabhjyotsingh Sorry for my late response. Since i think they need to know the existence of those menus(`Interpretes`, `Configurations` and `Credentials`), I added `ngToast` error message instead of totally hiding the menus. See the updated gif images in the PR description. What do you think?

            githubbot ASF GitHub Bot added a comment - Github user AhyoungRyu commented on the issue: https://github.com/apache/zeppelin/pull/993 @prabhjyotsingh Sorry for my late response. Since i think they need to know the existence of those menus(`Interpretes`, `Configurations` and `Credentials`), I added `ngToast` error message instead of totally hiding the menus. See the updated gif images in the PR description. What do you think?
            githubbot ASF GitHub Bot added a comment -

            Github user prabhjyotsingh commented on the issue:

            https://github.com/apache/zeppelin/pull/993

            Sure this will work. Thanks for the fix.

            githubbot ASF GitHub Bot added a comment - Github user prabhjyotsingh commented on the issue: https://github.com/apache/zeppelin/pull/993 Sure this will work. Thanks for the fix.
            githubbot ASF GitHub Bot added a comment -

            Github user AhyoungRyu commented on the issue:

            https://github.com/apache/zeppelin/pull/993

            @prabhjyotsingh Thanks for your feedback. I addressed it in the last commit

            githubbot ASF GitHub Bot added a comment - Github user AhyoungRyu commented on the issue: https://github.com/apache/zeppelin/pull/993 @prabhjyotsingh Thanks for your feedback. I addressed it in the last commit
            githubbot ASF GitHub Bot added a comment -

            Github user prabhjyotsingh commented on the issue:

            https://github.com/apache/zeppelin/pull/993

            LGTM!

            githubbot ASF GitHub Bot added a comment - Github user prabhjyotsingh commented on the issue: https://github.com/apache/zeppelin/pull/993 LGTM!
            githubbot ASF GitHub Bot added a comment -

            Github user AhyoungRyu commented on the issue:

            https://github.com/apache/zeppelin/pull/993

            @prabhjyotsingh i'll rebase after #1100 merged and add the alert message to credential page as well

            githubbot ASF GitHub Bot added a comment - Github user AhyoungRyu commented on the issue: https://github.com/apache/zeppelin/pull/993 @prabhjyotsingh i'll rebase after #1100 merged and add the alert message to credential page as well
            githubbot ASF GitHub Bot added a comment -

            Github user AhyoungRyu commented on the issue:

            https://github.com/apache/zeppelin/pull/993

            @prabhjyotsingh Since #1100 was merged into master, I updated `credential.controler.js`.

            githubbot ASF GitHub Bot added a comment - Github user AhyoungRyu commented on the issue: https://github.com/apache/zeppelin/pull/993 @prabhjyotsingh Since #1100 was merged into master, I updated `credential.controler.js`.
            githubbot ASF GitHub Bot added a comment -

            Github user prabhjyotsingh commented on the issue:

            https://github.com/apache/zeppelin/pull/993

            Tested on both firefox and chrome. Works well. 👍

            githubbot ASF GitHub Bot added a comment - Github user prabhjyotsingh commented on the issue: https://github.com/apache/zeppelin/pull/993 Tested on both firefox and chrome. Works well. 👍
            githubbot ASF GitHub Bot added a comment -

            Github user prabhjyotsingh commented on the issue:

            https://github.com/apache/zeppelin/pull/993

            Merging this if no more discussion.

            githubbot ASF GitHub Bot added a comment - Github user prabhjyotsingh commented on the issue: https://github.com/apache/zeppelin/pull/993 Merging this if no more discussion.
            githubbot ASF GitHub Bot added a comment -

            Github user asfgit closed the pull request at:

            https://github.com/apache/zeppelin/pull/993

            githubbot ASF GitHub Bot added a comment - Github user asfgit closed the pull request at: https://github.com/apache/zeppelin/pull/993

            Issue resolved by pull request 993
            https://github.com/apache/zeppelin/pull/993

            prabhjyotsingh Prabhjyot Singh added a comment - Issue resolved by pull request 993 https://github.com/apache/zeppelin/pull/993

            People

              Ahyoung Ahyoung Ryu
              Ahyoung Ahyoung Ryu
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: