Richard Xin created ZEPPELIN-2805:
-------------------------------------
Summary: S3NotebookRepo does not use user's pricinpal
Key: ZEPPELIN-2805
URL: https://issues.apache.org/jira/browse/ZEPPELIN-2805
Project: Zeppelin
Issue Type: Bug
Components: zeppelin-zengine
Reporter: Richard Xin
I enabled S3NotebookRepo in zeppelin-site and rename shiro.ini in order to
enable standard security.
I expected the S3 directory structure to be:
s3://{bucket}/{username}/{notebook-id}/note.json where {username} is the user's
login name.
in S3NotebookRepo.java's save function
String key = user + "/" + "notebook" + "/" + note.getId() + "/" + "note.json";
I added log, it showed that the key has the value of
"user/notebook/[note_id]/note.json"
the line 92 of S3NotebookRepo.java, the user is from
ZeppelinConfiguration.getUser(), it doesn't sound right to me. I believe it
should be passed from user principal similar to
https://github.com/apache/zeppelin/blob/master/zeppelin-server/src/main/java/org/apache/zeppelin/socket/NotebookServer.java#L799
String user = fromMessage.principal;
I am not sure where this info is passed to S3NotebookRepo
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
