mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Benjamin Bannier <benjamin.bann...@mesosphere.io>
Subject Re: Review Request 69578: Set up `Object.value` for `CREATE_DISK` and `DESTROY_DISK` authorization.
Date Tue, 18 Dec 2018 17:13:08 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/69578/#review211402
-----------------------------------------------------------


Fix it, then Ship it!





src/master/master.cpp
Lines 3869-3872 (patched)
<https://reviews.apache.org/r/69578/#comment296442>

    How about:
    ```
    // The master ensures that resources are in post-reservation refinement
    // format and we set the `object.value` field to the most refined role.
    // If there is no reservation, the value is by default set to `*` for
    // consistency.
    ````



src/master/master.cpp
Lines 3874 (patched)
<https://reviews.apache.org/r/69578/#comment296446>

    Instead of making this a very specific `TODO` you could instead make this a more general
comment, e.g.,
    
    ```
    We set `object.value` in addition to `object.resource` to support legacy authorizers making
only use of `value`.
    ```



src/master/master.cpp
Lines 3877 (patched)
<https://reviews.apache.org/r/69578/#comment296444>

    `resource.reservations.empty()`



src/master/master.cpp
Lines 3931-3935 (patched)
<https://reviews.apache.org/r/69578/#comment296443>

    Ditto.



src/master/master.cpp
Lines 3936 (patched)
<https://reviews.apache.org/r/69578/#comment296448>

    Ditto.



src/master/master.cpp
Lines 3939 (patched)
<https://reviews.apache.org/r/69578/#comment296445>

    Ditto.


- Benjamin Bannier


On Dec. 18, 2018, 7:14 a.m., Chun-Hung Hsiao wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/69578/
> -----------------------------------------------------------
> 
> (Updated Dec. 18, 2018, 7:14 a.m.)
> 
> 
> Review request for mesos, Benjamin Bannier, Greg Mann, Jan Schlicht, and Till Toenshoff.
> 
> 
> Bugs: MESOS-9486
>     https://issues.apache.org/jira/browse/MESOS-9486
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> This patch sets up `Object.value` to the role of the resource for
> authorization actions `CREATE_BLOCK_DISK`, `DESTROY_BLOCK_DISK`,
> `CREATE_MOUNT_DISK` and `DESTROY_MOUNT_DISK` so an old-school authorizer
> can rely on the field to perform authorization.
> 
> 
> Diffs
> -----
> 
>   src/master/master.cpp 3de0fd35cc815f4b5787ee2cb5e81f5059d7a47c 
> 
> 
> Diff: https://reviews.apache.org/r/69578/diff/1/
> 
> 
> Testing
> -------
> 
> make check
> 
> 
> Thanks,
> 
> Chun-Hung Hsiao
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message