Hi,
I found that I can change permission of notebooks even if I only have read access using the UI or sending calls to the REST API. I have tested this against Zeppelin 0.7.1 If I check the logs I can see lots of line like these ones: INFO [2017-09-08 13:52:33,140] ({qtp1753447031-2786} NotebookRestApi.java[ownerPermissionError]:109) - Cannot change permissions. Connection owners [admin]. Allowed owners [admin, analyst] INFO [2017-09-08 13:52:33,140] ({qtp1753447031-2786} NotebookRestApi.java[putNotePermissions]:207) - Set permissions 2CGGE4ETT admin [admin, analyst] [admin, analyst] [admin, analyst] I get those errors in the logs even if I'm the owner. Regards, Luis Angel Vicente Sanchez [hidden email] |
I found that the "Cannot change permissions is always printed even if
you have the rights to change the permissions. But anyway, I can change permissions even if I only have read access. Check the following log messages: INFO [2017-09-08 14:28:41,045] ({qtp1753447031-3709} NotebookRestApi.java[ownerPermissionError]:109) - Cannot change permissions. Connection owners [client2]. Allowed owners [client1] INFO [2017-09-08 14:28:41,045] ({qtp1753447031-3709} NotebookRestApi.java[putNotePermissions]:207) - Set permissions 2CRXM67WA client2 [client1 ] [client2 ] [client1 ] client1 and client2 have different roles (one is analyst the other is user) so... I shouldn't be allowed to change the permissions. This is on Zeppelin 0.7.1 -- Luis Angel Vicente Sanchez [hidden email] On Fri, 8 Sep 2017, at 14:57, Luis Angel Vicente Sanchez wrote: > Hi, > > I found that I can change permission of notebooks even if I only have > read access using the UI or sending calls to the REST API. I have tested > this against Zeppelin 0.7.1 > > If I check the logs I can see lots of line like these ones: > > INFO [2017-09-08 13:52:33,140] ({qtp1753447031-2786} > NotebookRestApi.java[ownerPermissionError]:109) - Cannot change > permissions. Connection owners [admin]. Allowed owners [admin, analyst] > INFO [2017-09-08 13:52:33,140] ({qtp1753447031-2786} > NotebookRestApi.java[putNotePermissions]:207) - Set permissions > 2CGGE4ETT admin [admin, analyst] [admin, analyst] [admin, analyst] > > I get those errors in the logs even if I'm the owner. > > Regards, > > Luis Angel Vicente Sanchez > [hidden email] |
Ok... problem found, zeppelin.anonymous.enabled was not set to false. I
would say that the message saying that it's ignoring the owner of a notebook because the anonymous access is enabled should be an INFO level message and not a DEBUG one. -- Luis Angel Vicente Sanchez [hidden email] On Fri, 8 Sep 2017, at 16:00, Luis Angel Vicente Sanchez wrote: > I found that the "Cannot change permissions is always printed even if > you have the rights to change the permissions. But anyway, I can change > permissions even if I only have read access. Check the following log > messages: > > INFO [2017-09-08 14:28:41,045] ({qtp1753447031-3709} > NotebookRestApi.java[ownerPermissionError]:109) - Cannot change > permissions. Connection owners [client2]. Allowed owners [client1] > INFO [2017-09-08 14:28:41,045] ({qtp1753447031-3709} > NotebookRestApi.java[putNotePermissions]:207) - Set permissions > 2CRXM67WA client2 [client1 ] [client2 ] [client1 ] > > client1 and client2 have different roles (one is analyst the other is > user) so... I shouldn't be allowed to change the permissions. > > This is on Zeppelin 0.7.1 > > -- > Luis Angel Vicente Sanchez > [hidden email] > > On Fri, 8 Sep 2017, at 14:57, Luis Angel Vicente Sanchez wrote: > > Hi, > > > > I found that I can change permission of notebooks even if I only have > > read access using the UI or sending calls to the REST API. I have tested > > this against Zeppelin 0.7.1 > > > > If I check the logs I can see lots of line like these ones: > > > > INFO [2017-09-08 13:52:33,140] ({qtp1753447031-2786} > > NotebookRestApi.java[ownerPermissionError]:109) - Cannot change > > permissions. Connection owners [admin]. Allowed owners [admin, analyst] > > INFO [2017-09-08 13:52:33,140] ({qtp1753447031-2786} > > NotebookRestApi.java[putNotePermissions]:207) - Set permissions > > 2CGGE4ETT admin [admin, analyst] [admin, analyst] [admin, analyst] > > > > I get those errors in the logs even if I'm the owner. > > > > Regards, > > > > Luis Angel Vicente Sanchez > > [hidden email] |
Hello, if this is the case, can you please open a JIRA issue? Raffaele 2017-09-08 18:18 GMT+02:00 Luis Angel Vicente Sanchez <[hidden email]>: Ok... problem found, zeppelin.anonymous.enabled was not set to false. I |
Free forum by Nabble | Edit this page |