mesos-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Adam B (JIRA)" <j...@apache.org>
Subject [jira] [Created] (MESOS-5709) Authorization for /roles
Date Fri, 24 Jun 2016 12:19:16 GMT
Adam B created MESOS-5709:
-----------------------------

             Summary: Authorization for /roles
                 Key: MESOS-5709
                 URL: https://issues.apache.org/jira/browse/MESOS-5709
             Project: Mesos
          Issue Type: Task
          Components: security
            Reporter: Adam B
            Priority: Minor
             Fix For: 1.0.0


The /roles endpoint exposes the list of all roles and their weights, as well as the list of
all frameworkIds registered with each role. This is a superset of the information exposed
on GET /weights, which we already protect. We should protect the data in /roles the same way.
- Should we reuse VIEW_FRAMEWORK with role (from /state)?
- Should we add a new VIEW_ROLE and adapt GET_WEIGHTS to use it?



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message