mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jan Schlicht <...@mesosphere.io>
Subject Re: Review Request 67501: Added authorization for storage operations.
Date Tue, 26 Jun 2018 13:59:43 GMT


> On June 25, 2018, 9:08 p.m., Chun-Hung Hsiao wrote:
> > include/mesos/authorizer/acls.proto
> > Line 542 (original), 538 (patched)
> > <https://reviews.apache.org/r/67501/diff/3-4/?file=2044102#file2044102line542>
> >
> >     Is it because that implementing explicit objects takes significant efforts and
has a lower priority, so we decided to leave it as a TODO?

Yes, exactly. See the next reviews in the chain by Benjamin that add a principal to resources
created by resource providers and in the end add support for `SOME` to `DestroyBlockDisk`
and `DestroyMountDisk`.


- Jan


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/67501/#review205307
-----------------------------------------------------------


On June 25, 2018, 3:58 p.m., Jan Schlicht wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/67501/
> -----------------------------------------------------------
> 
> (Updated June 25, 2018, 3:58 p.m.)
> 
> 
> Review request for mesos, Benjamin Bannier and Chun-Hung Hsiao.
> 
> 
> Bugs: MESOS-7329
>     https://issues.apache.org/jira/browse/MESOS-7329
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> Framework operations `CREATE_VOLUME`, `DESTROY_VOLUME`, `CREATE_BLOCK`,
> `DESTROY_BLOCK` are authorized. Respective ACL actions have been added
> to the local authorizer. Currently access can only be given to either
> 'ANY' or 'NONE' resource providers.
> 
> 
> Diffs
> -----
> 
>   docs/authorization.md cd8622b9848b7a020c079cc1901e3933fa6eb0c0 
>   include/mesos/authorizer/acls.proto e4889939481dabe6c1c2876a54d654f98d00dec8 
>   include/mesos/authorizer/authorizer.proto bb1010d7eb97de17807b0a730ce16a4b28bc2aa3

>   src/authorizer/local/authorizer.cpp 61e9ab5ce9f1ce4eee4a3f8502c9b60140efcb7e 
>   src/master/master.hpp 4180341e2c7b16503a4376c501f611bb78ba901c 
>   src/master/master.cpp 4ade16f044f8a4fdafd5afaba4e6a23232f83a5a 
>   src/tests/authorization_tests.cpp f6f77692112d2299f3009fde4468f82bfd934c60 
> 
> 
> Diff: https://reviews.apache.org/r/67501/diff/4/
> 
> 
> Testing
> -------
> 
> make check
> 
> 
> Thanks,
> 
> Jan Schlicht
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message