mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Adam B <a...@mesosphere.io>
Subject Re: Review Request 47509: Fixed authorization::Request initializings.
Date Sat, 28 May 2016 08:44:31 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/47509/#review135386
-----------------------------------------------------------



I think we should allow each action to define whether or not it requires an object, since
some like ACCESS_MESOS_LOG might actually want to check that there is never an object. And
then, if the action allows/requires an object, we can define an object with no fields set
(including the new optional FrameworkInfo/ExecutorInfo/TaskInfo fields) as an ANY object.


src/authorizer/local/authorizer.cpp (line 423)
<https://reviews.apache.org/r/47509/#comment200400>

    Why must a request have an object field? The new ACCESS_MESOS_LOG action doesn't have
an object, since there is only one log, and a noop object seems worse than not having one.
    https://reviews.apache.org/r/47921/



src/tests/authorization_tests.cpp (line 598)
<https://reviews.apache.org/r/47509/#comment200401>

    Nice catch


- Adam B


On May 17, 2016, 8:10 p.m., Till Toenshoff wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/47509/
> -----------------------------------------------------------
> 
> (Updated May 17, 2016, 8:10 p.m.)
> 
> 
> Review request for mesos, Adam B, Alexander Rukletsov, Alexander Rojas, and Vinod Kone.
> 
> 
> Bugs: MESOS-5405
>     https://issues.apache.org/jira/browse/MESOS-5405
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> Fixes a number of a authorization::Request initializings that were
> missing required fields. Also adds a CHECK to the LocalAuthorizer
> helping us to catch and prevent these problems in the future.
> 
> 
> Diffs
> -----
> 
>   src/authorizer/local/authorizer.cpp e95435327bb3b6f447e814b8657bce8084535346 
>   src/common/http.cpp ad6a4b44af3ec847a3a6c0839a88fba18cda5011 
>   src/master/http.cpp 6cefcc8b6ddcfe4098521e838bfdc95936fe7476 
>   src/master/master.cpp 35b428b0f7dee5954514d8860cfc498271ccf267 
>   src/master/quota_handler.cpp 6590519d8440f352f5bf00fda805414a5aad725c 
>   src/master/weights_handler.cpp 4bc060fdb015df6658194eef92fe11b14aa15c79 
>   src/slave/http.cpp 0fb9b81c4a87250e454e3380c61cf9037454810b 
>   src/tests/authorization_tests.cpp f50ac69c32d0551a63391d97f31559ff4f414011 
> 
> Diff: https://reviews.apache.org/r/47509/diff/
> 
> 
> Testing
> -------
> 
> make check (OSX)
> 
> 
> Thanks,
> 
> Till Toenshoff
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message