[jira] [Created] (ZEPPELIN-2825) Zeppelin can't apply one of many Shiro roles to URLs
Vipin Rathor created ZEPPELIN-2825: -- Summary: Zeppelin can't apply one of many Shiro roles to URLs Key: ZEPPELIN-2825 URL: https://issues.apache.org/jira/browse/ZEPPELIN-2825 Project: Zeppelin Issue Type: Bug Components: zeppelin-server Affects Versions: 0.8.0 Reporter: Vipin Rathor Zeppelin with Shiro configuration can not apply multiple Shiro roles to URLs. For example, if Shiro configuration is this: {code:java} [urls] /api/version = anon /api/interpreter/** = authc, roles[admin, role1] /api/configurations/** = authc, roles[admin] /api/credential/** = authc, roles[admin] {code} Then, as per [Shiro documentation|https://shiro.apache.org/web.html#Web-{{\urls\}}] and current [roles filter implementation|https://shiro.apache.org/static/1.2.3/apidocs/org/apache/shiro/web/filter/authz/RolesAuthorizationFilter.html] , user will be able to access interpreter only when he/she is part of "all" the roles defined against interpreter URL above. This fails when you have a user who belongs to any one of those roles roles[admin, role1]. There is a need for such a configuration which can give access to user who is part of "any of" the roles defined in Shiro configuration. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[GitHub] zeppelin pull request #2515: [ZEPPELIN-2825] - Fix Zeppelin to support any o...
GitHub user VipinRathor opened a pull request: https://github.com/apache/zeppelin/pull/2515 [ZEPPELIN-2825] - Fix Zeppelin to support any of the Shiro roles ### What is this PR for? This PR adds support for such a configuration which can give access to user who belongs to "any of" the roles defined in Shiro configuration. By default, as per Shiro implementation, user is allowed only when he/she belongs to "all" the roles defined. This PR fixes the problem for static users/roles in Shiro as well as Active Directory and/or LDAP based user-group-roles mapping. ### What type of PR is it? Improvement ### TODO * [ ] - Add documentation ### What is the Jira issue? https://issues.apache.org/jira/browse/ZEPPELIN-2825 ### How should this be tested? Add the following in shiro.ini: [main] ... anyofroles = org.apache.zeppelin.utils.AnyOfRolesAuthorizationFilter [urls] ... /api/interpreter/** = authc, **anyofroles**[admin, role1] /api/configurations/** = authc, roles[admin] /api/credential/** = authc, roles[admin] ### Screenshots (if appropriate) Not applicable ### Questions: * Does the licenses files need update? No * Is there breaking changes for older versions? No * Does this needs documentation? Yes You can merge this pull request into a Git repository by running: $ git pull https://github.com/VipinRathor/zeppelin ZEPPELIN-2825 Alternatively you can review and apply these changes as the patch at: https://github.com/apache/zeppelin/pull/2515.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #2515 commit c5fc9deac9a5cd5111be899ce45cf471f54a5a83 Author: Vipin RathorDate: 2017-08-02T22:40:01Z ZEPPELIN-2825 - Fix Zeppelin to support any of the Shiro roles --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[GitHub] zeppelin issue #2515: [ZEPPELIN-2825] - Fix Zeppelin to support any of the S...
Github user VipinRathor commented on the issue: https://github.com/apache/zeppelin/pull/2515 @felixcheung @Leemoonsoo @prabhjyotsingh Please help with review and merge. Thanks. --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[GitHub] zeppelin pull request #2514: replace pegdown to markdown zeppelin interprete...
GitHub user cloverhearts opened a pull request: https://github.com/apache/zeppelin/pull/2514 replace pegdown to markdown zeppelin interpreter ### What is this PR for? I was change markdown render librarry for Jupyter note convertor. currently, we can got a same result for markdown. ### What type of PR is it? Improvement ### What is the Jira issue? https://issues.apache.org/jira/browse/ZEPPELIN-2824 ### How should this be tested? 1. build jupyter module `mvn clean package -DskipTests -pl 'zeppelin-jupyter' --am` 2. `cd zeppelin-jupyter/target` 3. `java -classpath zeppelin-jupyter-0.8.0-SNAPSHOT.jar org.apache.zeppelin.jupyter.JupyterUtil -i {your ipynb note file path!/getting_started.ipynb` (good sample : [go to sample](https://github.com/SciRuby/sciruby-notebooks/blob/master/getting_started.ipynb) 4. get a `note.json` and import to zeppelin on frontend! 5. enjoy ### Screenshots (if appropriate) problem ![28689484-9b13f3d2-72ca-11e7-9bda-02d33b30f036](https://user-images.githubusercontent.com/10525473/28861908-0d05c592-779e-11e7-9a4e-94e3fd2bd176.png) after ![image](https://user-images.githubusercontent.com/10525473/28807730-029510e6-76b2-11e7-9111-0e18569b1630.png) ### Questions: * Does the licenses files need update? no * Is there breaking changes for older versions? no * Does this needs documentation? no You can merge this pull request into a Git repository by running: $ git pull https://github.com/cloverhearts/zeppelin ZEPPELIN-2824-2 Alternatively you can review and apply these changes as the patch at: https://github.com/apache/zeppelin/pull/2514.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #2514 commit 2e8b3326b6fe3fb017f78cdfd6cecf1135484706 Author: CloverHeartsDate: 2017-08-02T07:12:45Z replace pegdown to markdown zeppelin interpreter --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---