mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joerg Schad <jo...@mesosphere.io>
Subject Re: Review Request 46613: Introduced filtering relevant actions and acls.
Date Thu, 26 May 2016 04:43:49 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/46613/#review134909
-----------------------------------------------------------




include/mesos/authorizer/acls.proto (line 194)
<https://reviews.apache.org/r/46613/#comment199846>

    running



src/authorizer/local/authorizer.cpp (line 58)
<https://reviews.apache.org/r/46613/#comment199847>

    Above



src/authorizer/local/authorizer.cpp (line 110)
<https://reviews.apache.org/r/46613/#comment199848>

    above



src/authorizer/local/authorizer.cpp (line 574)
<https://reviews.apache.org/r/46613/#comment199849>

    2 indents



src/authorizer/local/authorizer.cpp (line 586)
<https://reviews.apache.org/r/46613/#comment199850>

    use



src/authorizer/local/authorizer.cpp (line 587)
<https://reviews.apache.org/r/46613/#comment199851>

    atemp



src/authorizer/local/authorizer.cpp (line 589)
<https://reviews.apache.org/r/46613/#comment199852>

    are set, attempts



src/authorizer/local/authorizer.cpp (line 590)
<https://reviews.apache.org/r/46613/#comment199854>

    FrameworkInfo



src/authorizer/local/authorizer.cpp (line 609)
<https://reviews.apache.org/r/46613/#comment199855>

    remove else



src/authorizer/local/authorizer.cpp (line 615)
<https://reviews.apache.org/r/46613/#comment199853>

    FrameworkInfo



src/authorizer/local/authorizer.cpp (line 624)
<https://reviews.apache.org/r/46613/#comment199856>

    remove else



src/authorizer/local/authorizer.cpp (line 628)
<https://reviews.apache.org/r/46613/#comment199857>

    Similar default.


- Joerg Schad


On May 26, 2016, 1:07 a.m., Joerg Schad wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/46613/
> -----------------------------------------------------------
> 
> (Updated May 26, 2016, 1:07 a.m.)
> 
> 
> Review request for mesos, Adam B, Alexander Rojas, and Michael Park.
> 
> 
> Bugs: MESOS-5169
>     https://issues.apache.org/jira/browse/MESOS-5169
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> In order to allow for framework and task level filtering we introduce
> the following authorizer actions:
> * VIEW_FRAMEWORK
> * VIEW_TASK
> * VIEW_EXECUTOR
> 
> Note that we need different actions for authorizing a tasks
> based on the object being authorized.
> 
> We also introduce the following acls for the local authorizer:
> * ViewFramework  (giving access to frameworks running under
>   a specific OS user)
> * ViewTask  (giving access to Tasks run under a
>     specific OS user)
> * ViewExecutors (giving access to Executors run under a
>     specific OS user)
> 
> 
> Diffs
> -----
> 
>   include/mesos/authorizer/acls.proto b178f53a299a2941afc073af963f6aff26af1ca8 
>   include/mesos/authorizer/authorizer.proto 911a2271211249a41c4467f6754e9996f640bf38

>   src/authorizer/local/authorizer.cpp dc53bc4374aea98b5ed41ade5617374d2447229b 
> 
> Diff: https://reviews.apache.org/r/46613/diff/
> 
> 
> Testing
> -------
> 
> make check (OSX)
> 
> 
> Thanks,
> 
> Joerg Schad
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message