mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joerg Schad <jo...@mesosphere.io>
Subject Re: Review Request 47558: Added ObjectAllower interface to authorizer.
Date Fri, 27 May 2016 03:47:10 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/47558/#review135102
-----------------------------------------------------------




include/mesos/authorizer/authorizer.hpp (line 40)
<https://reviews.apache.org/r/47558/#comment200109>

    ObjectAuthorization ()



include/mesos/authorizer/authorizer.hpp (line 45)
<https://reviews.apache.org/r/47558/#comment200110>

    : next line



include/mesos/authorizer/authorizer.hpp (lines 59 - 62)
<https://reviews.apache.org/r/47558/#comment200112>

    +1 indent



include/mesos/authorizer/authorizer.hpp (line 61)
<https://reviews.apache.org/r/47558/#comment200111>

    is/it



include/mesos/authorizer/authorizer.hpp (line 73)
<https://reviews.apache.org/r/47558/#comment200152>

    Duplicate and remove here



include/mesos/authorizer/authorizer.hpp (line 146)
<https://reviews.apache.org/r/47558/#comment200114>

    Add comment.



src/authorizer/local/authorizer.cpp (line 59)
<https://reviews.apache.org/r/47558/#comment200118>

    Move out



src/authorizer/local/authorizer.cpp (line 175)
<https://reviews.apache.org/r/47558/#comment200119>

    individual lines



src/authorizer/local/authorizer.cpp (line 180)
<https://reviews.apache.org/r/47558/#comment200120>

    2 indent.



src/authorizer/local/authorizer.cpp (line 205)
<https://reviews.apache.org/r/47558/#comment200122>

    TaskInfo
    ExecutorInfo not



src/authorizer/local/authorizer.cpp (line 217)
<https://reviews.apache.org/r/47558/#comment200123>

    format



src/authorizer/local/authorizer.cpp (line 218)
<https://reviews.apache.org/r/47558/#comment200124>

    -2



src/authorizer/local/authorizer.cpp (line 246)
<https://reviews.apache.org/r/47558/#comment200125>

    Move before view
    Authorization



src/authorizer/local/authorizer.cpp (line 247)
<https://reviews.apache.org/r/47558/#comment200126>

    ANY



src/authorizer/local/authorizer.cpp (line 274)
<https://reviews.apache.org/r/47558/#comment200127>

    return false;
    unknown



src/authorizer/local/authorizer.cpp (line 339)
<https://reviews.apache.org/r/47558/#comment200142>

    static private
    Result<vector...



src/authorizer/local/authorizer.cpp (line 340)
<https://reviews.apache.org/r/47558/#comment200132>

    each on line



src/authorizer/local/authorizer.cpp (line 556)
<https://reviews.apache.org/r/47558/#comment200137>

    No log.



src/authorizer/local/authorizer.cpp (line 558)
<https://reviews.apache.org/r/47558/#comment200140>

    Update comment:
    return None()



src/authorizer/local/authorizer.cpp (line 571)
<https://reviews.apache.org/r/47558/#comment200146>

    do not save future



src/authorizer/local/authorizer.cpp (line 576)
<https://reviews.apache.org/r/47558/#comment200148>

    other fields



src/authorizer/local/authorizer.cpp (line 597)
<https://reviews.apache.org/r/47558/#comment200151>

    if genericAcls.isNone -> return falseObjectAllower



src/authorizer/local/authorizer.cpp (line 599)
<https://reviews.apache.org/r/47558/#comment200150>

    Individual lines



src/master/http.cpp (line 157)
<https://reviews.apache.org/r/47558/#comment200155>

    allowViewFrameworkInfo


- Joerg Schad


On May 26, 2016, 8:38 p.m., Joerg Schad wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/47558/
> -----------------------------------------------------------
> 
> (Updated May 26, 2016, 8:38 p.m.)
> 
> 
> Review request for mesos, Adam B and Michael Park.
> 
> 
> Bugs: MESOS-5403
>     https://issues.apache.org/jira/browse/MESOS-5403
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> With to goal to provide more efficient authorization
> for multiple, potentially large objects we extend the
> authorizer interface to support `ObjectAllower`.
> Retrieving an ObjectAllower for a given action is an
> asynchronous operation but following authorization
> of multiple objects can be done synchronously without
> copying the object.
> NOTE: This implies that Authorizer Module writers
> need to ensure an ObjectAllower will behave nicely
> and especially not block.
> 
> 
> Diffs
> -----
> 
>   include/mesos/authorizer/authorizer.hpp ed5f9e73661e25a83722cf1e408ae61023cd4a21 
>   src/authorizer/local/authorizer.hpp 61388454025211fd7d53e71a86983fd8479950b6 
>   src/authorizer/local/authorizer.cpp dc53bc4374aea98b5ed41ade5617374d2447229b 
>   src/master/http.cpp b36b439a1fa07c52146deff2b90728f92676ade3 
>   src/tests/mesos.hpp 79bf1ff16412ce2a510a9b75ab1ac91c1c182653 
>   src/tests/mesos.cpp 629135f0dc59346f0fcddb2cbe65ca5770fad34e 
> 
> Diff: https://reviews.apache.org/r/47558/diff/
> 
> 
> Testing
> -------
> 
> tested entire chain.
> 
> 
> Thanks,
> 
> Joerg Schad
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message