mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Adam B <a...@mesosphere.io>
Subject Re: Review Request 52600: Enable multiple field based authorization in the authorizer interface.
Date Wed, 16 Nov 2016 02:53:06 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/52600/#review156015
-----------------------------------------------------------


Fix it, then Ship it!




Looks great! Just a couple of nits.


include/mesos/authorizer/authorizer.proto (lines 68 - 69)
<https://reviews.apache.org/r/52600/#comment226100>

    Let's reorder this to put the important information first, and the deprecation note after.
    
    `REGISTER_FRAMEWORK` sets an object of type `FrameworkInfo`. The `value` field is no longer
used.
    The `_WITH_ROLE` variant is deprecated and will be removed after Mesos 1.2's deprecation
cycle ends.



src/authorizer/local/authorizer.cpp (lines 224 - 225)
<https://reviews.apache.org/r/52600/#comment226103>

    Ooh, only 2 left using 'value'. I wonder if we can ever get rid of it completely, maybe
add explicit "role" and "path" fields to replace it.



src/authorizer/local/authorizer.cpp (line 230)
<https://reviews.apache.org/r/52600/#comment226104>

    Should these have a chance at ANY if object->value is NULL?



src/authorizer/local/authorizer.cpp (line 305)
<https://reviews.apache.org/r/52600/#comment226105>

    nit: newline before the breaks, for consistency



src/authorizer/local/authorizer.cpp (line 316)
<https://reviews.apache.org/r/52600/#comment226106>

    nit: newline before the breaks, for consistency



src/authorizer/local/authorizer.cpp (line 332)
<https://reviews.apache.org/r/52600/#comment226107>

    nit: newline before the breaks, for consistency


- Adam B


On Nov. 7, 2016, 7:29 a.m., Alexander Rojas wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/52600/
> -----------------------------------------------------------
> 
> (Updated Nov. 7, 2016, 7:29 a.m.)
> 
> 
> Review request for mesos, Adam B, Kapil Arya, and Till Toenshoff.
> 
> 
> Bugs: MESOS-6401
>     https://issues.apache.org/jira/browse/MESOS-6401
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> Updates the authorizer interfaces and well as the local authorizer,
> such that all actions which were limited to use a _role_ or a
> _principal_ as an object, are able to use whole protobuf messages
> as objects. This change enables more sofisticated authorization
> mechanisms.
> 
> 
> Diffs
> -----
> 
>   include/mesos/authorizer/authorizer.hpp cb365c7d8d088f2810bde11b72dc20843a18fa51 
>   include/mesos/authorizer/authorizer.proto b6a9f142eecbdfd59210872a92e3126f04de334c

>   src/authorizer/local/authorizer.cpp f1dff65d973fc84f4171f68fd0391a2343a96965 
> 
> Diff: https://reviews.apache.org/r/52600/diff/
> 
> 
> Testing
> -------
> 
> tests in the last patch of the chain.
> 
> 
> Thanks,
> 
> Alexander Rojas
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message