[ZEPPELIN-1237] Auto-suggestion of notebook permissions should list roles as well#1236
[ZEPPELIN-1237] Auto-suggestion of notebook permissions should list roles as well#1236prabhjyotsingh wants to merge 3 commits intoapache:masterfrom
Conversation
prabhjyotsingh
force-pushed
the
ZEPPELIN-1237
branch
from
0a328d5 to
0793c10
Compare
| import org.apache.zeppelin.server.JsonResponse; | ||
| import org.apache.zeppelin.ticket.TicketContainer; | ||
| import org.apache.zeppelin.utils.SecurityUtils; | ||
| import org.eclipse.jetty.util.StringUtil; |
|
@prabhjyotsingh 404 for |
prabhjyotsingh
force-pushed
the
ZEPPELIN-1237
branch
from
d30a30d to
73ff727
Compare
prabhjyotsingh
force-pushed
the
ZEPPELIN-1237
branch
from
73ff727 to
17e17a9
Compare
|
@r-kamath have implement your feedback. |
prabhjyotsingh
force-pushed
the
ZEPPELIN-1237
branch
from
3c8721e to
b944dc2
Compare
|
is it a bit of an information disclosure security issue though, that we should all user name when someone type the first character? |
|
I've looked up few products of which the popular ones Outlook (app) limit to 8 results, Outlook (web i.e. owa) limit to 5 results and JIRA does not limits. I don't have a strong opinion on this, can change according to recommendation. |
|
@felixcheung i think this will continue to remain a problem, till the time we allow all user roles to setup/modify these permissions. Unless we can recognize and separate this as an admin (superuser) action, this seems okay to me. There will be cases when the LDAP user id's will end up in zeppelin/POSIX systems as 'a1890xx', based upon conversion rules, when users who setup these permissions will find it very hard to use. Hence for now, showing all users is a reasonable approach. |
|
I'm ok with it - maybe open a JIRA to track role-based access control on user names? |
|
I think a part of this problem is solved by #993 (ZEPPELIN-987). But, yes I agree this has scope for improvising. Will merge this if no more discussion. |
…oles as well ### What is this PR for? Auto-suggestion of notebook permissions should list roles as well ### What type of PR is it? [Improvement] ### Todos * [x] - Fix test case (selenium) * [x] - select2 in bower.json ### What is the Jira issue? * [ZEPPELIN-1237](https://issues.apache.org/jira/browse/ZEPPELIN-1237) ### How should this be tested? Search for group/roles in notebook permission, it should get listed ### Screenshots (if appropriate)  ### Questions: * Does the licenses files need update? n/a * Is there breaking changes for older versions? n/a * Does this needs documentation? n/a Author: Prabhjyot Singh <prabhjyotsingh@gmail.com> Closes apache#1236 from prabhjyotsingh/ZEPPELIN-1237 and squashes the following commits: b944dc2 [Prabhjyot Singh] Merge remote-tracking branch 'origin/master' into ZEPPELIN-1237 17e17a9 [Prabhjyot Singh] implement @r-kamath feedback 0793c10 [Prabhjyot Singh] Auto-suggestion of notebook permissions should list group as well
4 participants
What is this PR for?
Auto-suggestion of notebook permissions should list roles as well
What type of PR is it?
[Improvement]
Todos
What is the Jira issue?
How should this be tested?
Search for group/roles in notebook permission, it should get listed
Screenshots (if appropriate)
Questions: