mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alexander Rojas <alexan...@mesosphere.io>
Subject Re: Review Request 56618: Updated common Mesos code to use 'AuthenticationContext'.
Date Thu, 16 Feb 2017 10:58:33 GMT


> On Feb. 14, 2017, 4:12 p.m., Jan Schlicht wrote:
> > src/common/http.hpp, line 133
> > <https://reviews.apache.org/r/56618/diff/1/?file=1632574#file1632574line133>
> >
> >     How about using an `Option<AuthenticationContext>` here and returning
`Subject()` in the case of `context.isNone()`?
> >     All calls to this functions in the following patch are either
> >     ```
> >     authorization::Subject subject = context.isSome()
> >       ? createAuthorizationSubject(context.get())
> >       : authorization::Subject();
> >     ```
> >     or
> >     ```
> >     if (context.isSome()) {
> >       request.mutable_subject()->CopyFrom(createAuthorizationSubject(context.get()));
> >     }
> >     ```
> >     At least the first form would look much simpler and concise when changing the
function signature this way:
> >     ```
> >     authorization::Subject subject = createAuthorizationSubject(context)
> >     ```
> >     What do you think?

We discussed this, and the semantics of a default created `authorization::Subject` are different
from that of a non setted subject, therefore this is a bad idea. However, there may be a related
bug already inside Mesos authorizer for not paying attention to the different semantics. We
still need to build a test for it.


- Alexander


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/56618/#review165511
-----------------------------------------------------------


On Feb. 14, 2017, 12:46 a.m., Greg Mann wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/56618/
> -----------------------------------------------------------
> 
> (Updated Feb. 14, 2017, 12:46 a.m.)
> 
> 
> Review request for mesos, Adam B, Alexander Rojas, Jan Schlicht, Till Toenshoff, and
Vinod Kone.
> 
> 
> Bugs: MESOS-7003
>     https://issues.apache.org/jira/browse/MESOS-7003
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> This patch updates common Mesos HTTP-related helpers,
> as well as the `authorization::Subject` protobuf
> message, to make use of the `AuthenticationContext`
> type instead of an `Option<string> principal`.
> 
> 
> Diffs
> -----
> 
>   include/mesos/authorizer/authorizer.proto 8b860a3e8e0b1c660a8fefc97f10f5acc0501920

>   src/common/http.hpp 3d5ab59ddc4dce4d791c1b439f5e1459d1a724a4 
>   src/common/http.cpp abfbf7248beb2d4068be06b7f5f829d7617f943e 
> 
> Diff: https://reviews.apache.org/r/56618/diff/
> 
> 
> Testing
> -------
> 
> Testing information can be found at the end of this review chain.
> 
> 
> Thanks,
> 
> Greg Mann
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message