mesos-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ka...@apache.org
Subject [5/7] mesos git commit: Added authorization callback for '/metrics/snapshot'.
Date Thu, 12 May 2016 06:00:48 GMT
Added authorization callback for '/metrics/snapshot'.

This patch adds a callback to the generating
function `CreateAuthorizationCallbacks` for the
'/metrics/snapshot' endpoint.

Review: https://reviews.apache.org/r/46883/


Project: http://git-wip-us.apache.org/repos/asf/mesos/repo
Commit: http://git-wip-us.apache.org/repos/asf/mesos/commit/12b05e83
Tree: http://git-wip-us.apache.org/repos/asf/mesos/tree/12b05e83
Diff: http://git-wip-us.apache.org/repos/asf/mesos/diff/12b05e83

Branch: refs/heads/master
Commit: 12b05e837f96acfa7a88926fc331eeba695d2112
Parents: d0b0ca6
Author: Greg Mann <greg@mesosphere.io>
Authored: Wed May 11 22:45:40 2016 -0400
Committer: Kapil Arya <kapil@mesosphere.io>
Committed: Thu May 12 01:50:20 2016 -0400

----------------------------------------------------------------------
 src/common/http.cpp | 24 +++++++++++++++++++++++-
 1 file changed, 23 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/mesos/blob/12b05e83/src/common/http.cpp
----------------------------------------------------------------------
diff --git a/src/common/http.cpp b/src/common/http.cpp
index e44d1a2..798acf5 100644
--- a/src/common/http.cpp
+++ b/src/common/http.cpp
@@ -587,7 +587,29 @@ static void json(JSON::StringWriter* writer, const Value::Text& text)
 const AuthorizationCallbacks createAuthorizationCallbacks(
     Authorizer* authorizer)
 {
-  return AuthorizationCallbacks();
+  AuthorizationCallbacks callbacks;
+
+  callbacks.insert(std::make_pair("/metrics/snapshot", [authorizer](
+      const process::http::Request& httpRequest,
+      const Option<string>& principal) -> process::Future<bool> {
+        authorization::Request authRequest;
+        authRequest.set_action(mesos::authorization::GET_ENDPOINT_WITH_PATH);
+
+        if (principal.isSome()) {
+          authRequest.mutable_subject()->set_value(principal.get());
+        }
+
+        const string path = httpRequest.url.path;
+        authRequest.mutable_object()->set_value(path);
+
+        LOG(INFO) << "Authorizing principal '"
+                  << (principal.isSome() ? principal.get() : "ANY")
+                  << "' to GET the endpoint '" << path << "'";
+
+        return authorizer->authorized(authRequest);
+      }));
+
+  return callbacks;
 }
 
 }  // namespace mesos {


Mime
View raw message