mesos-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Vinod Kone" <vinodk...@gmail.com>
Subject Re: Review Request 18730: Implemented a basic Authorizer interface.
Date Fri, 09 May 2014 19:51:17 GMT


> On May 9, 2014, 4:43 p.m., Benjamin Hindman wrote:
> > src/authorizer/authorizer.hpp, line 190
> > <https://reviews.apache.org/r/18730/diff/10/?file=577243#file577243line190>
> >
> >     Run mesos-style.py. ;-)

good eye. mesos-style didn't catch it fwiw.


> On May 9, 2014, 4:43 p.m., Benjamin Hindman wrote:
> > src/authorizer/authorizer.hpp, line 199
> > <https://reviews.apache.org/r/18730/diff/10/?file=577243#file577243line199>
> >
> >     The caveat with this one is that two different ACLs might satisfy this request
in aggregate. Consider these ACLs:
> >     
> >     users: [ benh ]
> >     action: http_get
> >     urls: [ /secret ]
> >     
> >     users: [ vinod ]
> >     action: http_get
> >     urls: [ /secret ]
> >     
> >     And now this request:
> >     
> >     users: [ benh, vinod ]
> >     action: http_get
> >     urls: [ /secret ]
> >     
> >     So if we aren't going to do any aggregation then we need to call this out explicitly
in the documentation (and add a TODO to relax this after we add aggregation). But to be perfectly
honest, I don't think this kind of aggregation is that difficult.

Good point. Although, users can setup aggregate ACLs if they want to make aggregate requests,
so I will add a TODO for now. 


- Vinod


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/18730/#review42577
-----------------------------------------------------------


On May 9, 2014, 6:12 p.m., Vinod Kone wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/18730/
> -----------------------------------------------------------
> 
> (Updated May 9, 2014, 6:12 p.m.)
> 
> 
> Review request for mesos, Adam B, Benjamin Hindman, and Niklas Nielsen.
> 
> 
> Bugs: MESOS-911
>     https://issues.apache.org/jira/browse/MESOS-911
> 
> 
> Repository: mesos-git
> 
> 
> Description
> -------
> 
> See summary.
> 
> 
> Diffs
> -----
> 
>   include/mesos/mesos.proto a5826d7d732b32b31802b3ed9a1e34b234bea061 
>   src/Makefile.am f461a1515e7bafac677f2d0bcdd499f57ba3f029 
>   src/authorizer/authorizer.hpp PRE-CREATION 
>   src/tests/authorization_tests.cpp PRE-CREATION 
>   src/tests/master_contender_detector_tests.cpp 42051bfc7c698e2e80cfe23686ee11ef722b679e

> 
> Diff: https://reviews.apache.org/r/18730/diff/
> 
> 
> Testing
> -------
> 
> make check
> 
> 
> Thanks,
> 
> Vinod Kone
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message