5975125f18
### What is this PR for? I added auto TOC(Table of Contents) generator for Zeppelin documentation website. TOC can help people looking through whole contents at a glance and finding what they want quickly. I just added `<div id="toc"></div>` to the each documentation header. [`toc`](https://github.com/apache/zeppelin/compare/master...AhyoungRyu:ZEPPELIN-1018?expand=1#diff-85af09fb498a5667ea455391533f945dR3) recognize `<h2>` & `<h3>` as a title in the docs and it automatically generate TOC. So I set a rule for this work. (I'll write this rule on `docs/CONTRIBUTING.md` or [docs/howtocontributewebsite](https://zeppelin.apache.org/docs/0.6.0-SNAPSHOT/development/howtocontributewebsite.html)). ``` # Level-1 Heading <- Use only for the main title of the page ## Level-2 Heading <- Start with this one ### Level-3 heading <- Only use this one for child of Level-2 toc only recognize Level-2 & Level-3 ``` Please see the below attached screenshot image. ### What type of PR is it? Improvement & Documentation ### Todos * [x] - Add TOC generator * [x] - Apply TOC(`<div id="toc"></div>`) to every documentation and reorganize each headers(apply the above rule) * [x] - Fix some broken code block in several docs * [x] - Apply TOC to `r.md` (Currently R docs has some duplicated info since [this one](d5e87fb8ba) and [this one](7d6cc7e991) ) * [x] - Apply TOC to `install.md` after #1010 merged * [x] - Apply TOC to `interpreterinstallation.md` after #1042 merged ### What is the Jira issue? [ZEPPELIN-1018](https://issues.apache.org/jira/browse/ZEPPELIN-1018) ### How should this be tested? 1. Apply this patch and build `docs/` with [this guide](https://github.com/apache/zeppelin/tree/master/docs#build-documentation) 2. Visit some docs page. Then you can see TOC in the header of page. ### Screenshots (if appropriate) - Automatically generated TOC in Spark interpreter docs page <img width="831" alt="screen shot 2016-06-16 at 9 37 18 pm" src="https://cloud.githubusercontent.com/assets/10060731/16140902/945b9c7a-340a-11e6-91f3-b6174738bed0.png"> ### Questions: * Does the licenses files need update? No. Actually I used [jekyll-table-of-contents#copyright](https://github.com/ghiculescu/jekyll-table-of-contents#copyright). But I don't need to add a license for this :) * Is there breaking changes for older versions? No * Does this needs documentation? Maybe Author: AhyoungRyu <fbdkdud93@hanmail.net> Closes #1031 from AhyoungRyu/ZEPPELIN-1018 and squashes the following commits:e66397b[AhyoungRyu] Apply TOC to interpreterinstallation.md009579b[AhyoungRyu] Add more info to 'What is the next?' in install.md04cf501[AhyoungRyu] Revert 'where to start' sectionb7cbe5f[AhyoungRyu] Fix typocf0911c[AhyoungRyu] Rename license file388f35a[AhyoungRyu] Add jekyll-table-of-contents license info6394c70[AhyoungRyu] Fix image path in python.mdd00e4b1[AhyoungRyu] Move interpreter/screenshot/ -> asset/../img/docs-img/3ffb383[AhyoungRyu] Remove duplicated info in r.md & apply toca03ca99[AhyoungRyu] Exclude toc.js from pom.xml3fae7df[AhyoungRyu] Apply auto generated toc to install.mdd114a9d[AhyoungRyu] Address @felixcheung feedback6a788fe[AhyoungRyu] Resize TOC tab indent6760c00[AhyoungRyu] Apply auto TOC to all of docs under docs/storage/fbde57f[AhyoungRyu] Apply auto TOC to all of docs under docs/quickstart/db76eb6[AhyoungRyu] Apply auto TOC to all of docs under docs/install/f35db47[AhyoungRyu] Apply auto TOC to all of docs under docs/displaysystem/b05365f[AhyoungRyu] Apply auto TOC to all of docs under docs/rest-api/163691c[AhyoungRyu] Apply auto TOC to all of docs under docs/manual/bef398e[AhyoungRyu] Apply auto TOC to all of docs under docs/development/9c5f76b[AhyoungRyu] Apply auto TOC to all of docs under docs/interpreter/587d4ba[AhyoungRyu] Apply auto TOC to all of docs under docs/security/1f10b97[AhyoungRyu] Change toc configuration78dca9e[AhyoungRyu] Add toc.js for auto generating TOC
3 KiB
| layout | title | description | group |
|---|---|---|---|
| page | Notebook Authorization | Notebook Authorization | security |
Zeppelin Notebook Authorization
Overview
We assume that there is an Shiro Authentication component that associates a user string and a set of group strings with every NotebookSocket. If you don't set the authentication components yet, please check Shiro authentication for Apache Zeppelin first.
Authorization Setting
You can set Zeppelin notebook permissions in each notebooks. Of course only notebook owners can change this configuration. Just click Lock icon and open the permission setting page in your notebook.
As you can see, each Zeppelin notebooks has 3 entities :
- Owners ( users or groups )
- Readers ( users or groups )
- Writers ( users or groups )
Fill out the each forms with comma seperated users and groups configured in conf/shiro.ini file.
If the form is empty (*), it means that any users can perform that operation.
If someone who doesn't have read permission is trying to access the notebook or someone who doesn't have write permission is trying to edit the notebook, Zeppelin will ask to login or block the user.
How it works
In this section, we will explain the detail about how the notebook authorization works in backend side.
NotebookServer
The NotebookServer classifies every notebook operations into three categories: Read, Write, Manage.
Before executing a notebook operation, it checks if the user and the groups associated with the NotebookSocket have permissions.
For example, before executing a Read operation, it checks if the user and the groups have at least one entity that belongs to the Reader entities.
Notebook REST API call
Zeppelin executes a REST API call for the notebook permission information. In the backend side, Zeppelin gets the user information for the connection and allows the operation if the users and groups associated with the current user have at least one entity that belongs to owner entities for the notebook.