[GitHub] zeppelin pull request #1554: [ZEPPELIN-1320] Run zeppelin interpreter proces...

[prabhjyotsingh]

GitHub user prabhjyotsingh opened a pull request:

    https://github.com/apache/zeppelin/pull/1554

    [ZEPPELIN-1320] Run zeppelin interpreter process as web front end user

    Have recreated this from https://github.com/apache/zeppelin/pull/1322
    
    ### What is this PR for?
    
    While running a Notebook using shell, spark, python uses same user as which 
zeppelin server is running. Which means these interprets have same permission 
on file system as zeppelin server.
    IMO users should be able to impersonate themselves as a complete security 
system.
    
    ### What type of PR is it?
    [Improvement]
    
    ### Todos
    * [ ] - Update doc
    * [x] - FIX NPEs
    * [x] - FIX CI
    
    ### What is the Jira issue?
    * [ZEPPELIN-1320](https://issues.apache.org/jira/browse/ZEPPELIN-1320)
    
    ### How should this be tested?
     - Enable shiro auth in shiro.ini
     - Add ssh key for the same user you want to try and impersonate (say 
user1).
    ```
    adduser user1
    ssh-keygen
    ssh user1@localhost mkdir -p .ssh
    cat ~/.ssh/id_rsa.pub | ssh user1@localhost 'cat >> .ssh/authorized_keys'
    ```
     - Start zeppelin server, try and run following in paragraph in a notebook
     - Go to interpreter setting page, and enable "User Impersonate" in any of 
the interpreter (in my example its shell interpreter)
    
    ```
    %sh
    whoami
    ```
    
    Check that it should run as new user, i.e. "user1"
    
    ### Screenshots (if appropriate)
    
    ![user 
impersonate](https://cloud.githubusercontent.com/assets/674497/17700306/d9294e80-63e2-11e6-8be8-1c4b84ef5aee.gif)
    
    
    
    ### Questions:
    * Does the licenses files need update? no
    * Is there breaking changes for older versions? no
    * Does this needs documentation? yes
    


You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/prabhjyotsingh/zeppelin ZEPPELIN-1320-2

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/zeppelin/pull/1554.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #1554
    
----
commit aff1bf0645785102bff90e99150d40d8bbc2f03d
Author: Prabhjyot Singh <prabhjyotsi...@gmail.org>
Date:   2016-10-23T07:46:59Z

    user should have option to run these interpreters as different user.

----


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---