From 4248c0b590986e59891f4289df93237a9b4284da Mon Sep 17 00:00:00 2001
From: cloverhearts <cloverheartsdev@gmail.com>
Date: Wed, 28 Dec 2016 23:55:08 -0800
Subject: [PATCH 1/2] refix

---
 .../apache/zeppelin/rest/NotebookRestApi.java | 10 +--
 .../src/app/notebook/notebook.controller.js   | 65 ++++++++++---------
 2 files changed, 38 insertions(+), 37 deletions(-)

diff --git a/zeppelin-server/src/main/java/org/apache/zeppelin/rest/NotebookRestApi.java b/zeppelin-server/src/main/java/org/apache/zeppelin/rest/NotebookRestApi.java
index 64d65f4de2b..7b02207d809 100644
--- a/zeppelin-server/src/main/java/org/apache/zeppelin/rest/NotebookRestApi.java
+++ b/zeppelin-server/src/main/java/org/apache/zeppelin/rest/NotebookRestApi.java
@@ -95,7 +95,7 @@ public NotebookRestApi(Notebook notebook, NotebookServer notebookServer, SearchS
   @ZeppelinApi
   public Response getNotePermissions(@PathParam("noteId") String noteId) throws IOException {
 
-    checkIfUserIsAnon(blockNotAuthenticatedUserError());
+    checkIfUserIsAnon(getBlockNotAuthenticatedUserErrorMsg());
     checkIfUserCanRead(noteId,
         "Insufficient privileges you cannot get the list of permissions for this note");
     HashMap<String, Set<String>> permissionsMap = new HashMap<>();
@@ -113,8 +113,7 @@ private String ownerPermissionError(Set<String> current, Set<String> allowed) th
         "User belongs to: " + current.toString();
   }
 
-  private String blockNotAuthenticatedUserError() throws IOException {
-    LOG.info("Anonymous user cannot set any permissions for this note.");
+  private String getBlockNotAuthenticatedUserErrorMsg() throws IOException {
     return  "Only authenticated user can set the permission.";
   }
 
@@ -129,7 +128,8 @@ private String blockNotAuthenticatedUserError() throws IOException {
    */
   private void checkIfUserIsAnon(String errorMsg) {
     boolean isAuthenticated = SecurityUtils.isAuthenticated();
-    if (!isAuthenticated) {
+    if (isAuthenticated && SecurityUtils.getPrincipal().equals("anonymous")) {
+      LOG.info("Anonymous user cannot set any permissions for this note.");
       throw new ForbiddenException(errorMsg);
     }
   }
@@ -196,7 +196,7 @@ public Response putNotePermissions(@PathParam("noteId") String noteId, String re
     userAndRoles.add(principal);
     userAndRoles.addAll(roles);
 
-    checkIfUserIsAnon(blockNotAuthenticatedUserError());
+    checkIfUserIsAnon(getBlockNotAuthenticatedUserErrorMsg());
     checkIfUserIsOwner(noteId,
         ownerPermissionError(userAndRoles, notebookAuthorization.getOwners(noteId)));
     
diff --git a/zeppelin-web/src/app/notebook/notebook.controller.js b/zeppelin-web/src/app/notebook/notebook.controller.js
index f9510353cf6..c5b573564f3 100644
--- a/zeppelin-web/src/app/notebook/notebook.controller.js
+++ b/zeppelin-web/src/app/notebook/notebook.controller.js
@@ -91,30 +91,26 @@
     };
 
     $scope.blockAnonUsers = function() {
-      var principal = $rootScope.ticket.principal;
-      if (principal) {
-        $scope.isAnonymous = principal === 'anonymous' ? true : false;
-        if ($scope.isAnonymous) {
-          var zeppelinVersion = $rootScope.zeppelinVersion;
-          var url = 'https://zeppelin.apache.org/docs/' + zeppelinVersion + '/security/notebook_authorization.html';
-          var content = 'Only authenticated user can set the permission.' +
-            '<a data-toggle="tooltip" data-placement="top" title="Learn more" target="_blank" href=' + url + '>' +
-            '<i class="icon-question" />' +
-            '</a>';
-          BootstrapDialog.show({
-            closable: false,
-            closeByBackdrop: false,
-            closeByKeyboard: false,
-            title: 'No permission',
-            message: content,
-            buttons: [{
-              label: 'Close',
-              action: function(dialog) {
-                dialog.close();
-              }
-            }]
-          });
-        }
+      if ($scope.isAnonymous) {
+        var zeppelinVersion = $rootScope.zeppelinVersion;
+        var url = 'https://zeppelin.apache.org/docs/' + zeppelinVersion + '/security/notebook_authorization.html';
+        var content = 'Only authenticated user can set the permission.' +
+          '<a data-toggle="tooltip" data-placement="top" title="Learn more" target="_blank" href=' + url + '>' +
+          '<i class="icon-question" />' +
+          '</a>';
+        BootstrapDialog.show({
+          closable: false,
+          closeByBackdrop: false,
+          closeByKeyboard: false,
+          title: 'No permission',
+          message: content,
+          buttons: [{
+            label: 'Close',
+            action: function(dialog) {
+              dialog.close();
+            }
+          }]
+        });
       }
     };
 
@@ -772,15 +768,20 @@
     };
 
     $scope.togglePermissions = function() {
-      $scope.blockAnonUsers();
-      if ($scope.showPermissions) {
-        $scope.closePermissions();
-        angular.element('#selectOwners').select2({});
-        angular.element('#selectReaders').select2({});
-        angular.element('#selectWriters').select2({});
+      var principal = $rootScope.ticket.principal;
+      $scope.isAnonymous = principal === 'anonymous' ? true : false;
+      if (!!principal) {
+        $scope.blockAnonUsers();
       } else {
-        $scope.openPermissions();
-        $scope.closeSetting();
+        if ($scope.showPermissions) {
+          $scope.closePermissions();
+          angular.element('#selectOwners').select2({});
+          angular.element('#selectReaders').select2({});
+          angular.element('#selectWriters').select2({});
+        } else {
+          $scope.openPermissions();
+          $scope.closeSetting();
+        }
       }
     };
 

From 3d542f224b67b2fd30c0fcdffddf1a96ffa1903a Mon Sep 17 00:00:00 2001
From: cloverhearts <cloverheartsdev@gmail.com>
Date: Fri, 30 Dec 2016 10:20:02 -0800
Subject: [PATCH 2/2] fixed bug isAnanimous

---
 .../src/app/notebook/notebook.controller.js   | 42 +++++++++----------
 1 file changed, 20 insertions(+), 22 deletions(-)

diff --git a/zeppelin-web/src/app/notebook/notebook.controller.js b/zeppelin-web/src/app/notebook/notebook.controller.js
index c5b573564f3..d18c7bda0c0 100644
--- a/zeppelin-web/src/app/notebook/notebook.controller.js
+++ b/zeppelin-web/src/app/notebook/notebook.controller.js
@@ -91,27 +91,25 @@
     };
 
     $scope.blockAnonUsers = function() {
-      if ($scope.isAnonymous) {
-        var zeppelinVersion = $rootScope.zeppelinVersion;
-        var url = 'https://zeppelin.apache.org/docs/' + zeppelinVersion + '/security/notebook_authorization.html';
-        var content = 'Only authenticated user can set the permission.' +
-          '<a data-toggle="tooltip" data-placement="top" title="Learn more" target="_blank" href=' + url + '>' +
-          '<i class="icon-question" />' +
-          '</a>';
-        BootstrapDialog.show({
-          closable: false,
-          closeByBackdrop: false,
-          closeByKeyboard: false,
-          title: 'No permission',
-          message: content,
-          buttons: [{
-            label: 'Close',
-            action: function(dialog) {
-              dialog.close();
-            }
-          }]
-        });
-      }
+      var zeppelinVersion = $rootScope.zeppelinVersion;
+      var url = 'https://zeppelin.apache.org/docs/' + zeppelinVersion + '/security/notebook_authorization.html';
+      var content = 'Only authenticated user can set the permission.' +
+        '<a data-toggle="tooltip" data-placement="top" title="Learn more" target="_blank" href=' + url + '>' +
+        '<i class="icon-question" />' +
+        '</a>';
+      BootstrapDialog.show({
+        closable: false,
+        closeByBackdrop: false,
+        closeByKeyboard: false,
+        title: 'No permission',
+        message: content,
+        buttons: [{
+          label: 'Close',
+          action: function(dialog) {
+            dialog.close();
+          }
+        }]
+      });
     };
 
     /** Init the new controller */
@@ -770,7 +768,7 @@
     $scope.togglePermissions = function() {
       var principal = $rootScope.ticket.principal;
       $scope.isAnonymous = principal === 'anonymous' ? true : false;
-      if (!!principal) {
+      if (!!principal && $scope.isAnonymous) {
         $scope.blockAnonUsers();
       } else {
         if ($scope.showPermissions) {