Github user elbamos commented on the pull request:
https://github.com/apache/incubator-zeppelin/pull/53#issuecomment-167490159
I think we should have an organized plan to review and address this PR.
I propose that the PR be merged into a new branch of Zeppelin, where the
community as a whole will have an easier time reviewing and making PRs on the
branch.
Then I propose that we review the aspects of this separately. By
reviewing/approving/voting-on each aspect in sequence, we will have a clear
idea of where the PR is in process, and that will make it easier to move PR
forward to final merge (if that's what we want to do). The aspects I see are:
* Feature set -- is this the kind of security interface we want to put in
Zeppelin?
* Architecture -- Is this (shiro) how we want to implement security?
* Does it work?
* Do we have adequate tests to be able to support and maintain it?
* Is it adequately documented that people will be able to use it?
The reason I propose a more formal process is that this PR has been sitting
here for 8 months now. With that, and with some 82 (!!!) commits, a more
structured approach seems like the best way to resolve this PR (one way or the
other).
(In full disclosure -- My only view about this is that since its
security-related, it needs to have *mounds* of tests to make sure the security
doesn't get compromised by later commits.)
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
