Return-Path: <reviews-return-69326-archive-asf-public=cust-asf.ponee.io@mesos.apache.org>
X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io
Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io
Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183])
	by cust-asf2.ponee.io (Postfix) with ESMTP id 43442200D45
	for <archive-asf-public-internal@cust-asf2.ponee.io>; Thu, 23 Nov 2017 10:41:57 +0100 (CET)
Received: by cust-asf.ponee.io (Postfix)
	id 41C82160BFE; Thu, 23 Nov 2017 09:41:57 +0000 (UTC)
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by cust-asf.ponee.io (Postfix) with SMTP id 8843B160BEF
	for <archive-asf-public@cust-asf.ponee.io>; Thu, 23 Nov 2017 10:41:56 +0100 (CET)
Received: (qmail 42337 invoked by uid 500); 23 Nov 2017 09:41:55 -0000
Mailing-List: contact reviews-help@mesos.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:reviews-help@mesos.apache.org>
List-Unsubscribe: <mailto:reviews-unsubscribe@mesos.apache.org>
List-Post: <mailto:reviews@mesos.apache.org>
List-Id: <reviews.mesos.apache.org>
Reply-To: reviews@mesos.apache.org
Delivered-To: mailing list reviews@mesos.apache.org
Received: (qmail 42324 invoked by uid 99); 23 Nov 2017 09:41:55 -0000
Received: from pnap-us-west-generic-nat.apache.org (HELO spamd3-us-west.apache.org) (209.188.14.142)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 23 Nov 2017 09:41:55 +0000
Received: from localhost (localhost [127.0.0.1])
	by spamd3-us-west.apache.org (ASF Mail Server at spamd3-us-west.apache.org) with ESMTP id A3EA2180635;
	Thu, 23 Nov 2017 09:41:54 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at spamd3-us-west.apache.org
X-Spam-Flag: NO
X-Spam-Score: 3.25
X-Spam-Level: ***
X-Spam-Status: No, score=3.25 tagged_above=-999 required=6.31
	tests=[HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=2,
	KAM_LAZY_DOMAIN_SECURITY=1, KAM_LOTSOFHASH=0.25,
	RP_MATCHES_RCVD=-0.001] autolearn=disabled
Received: from mx1-lw-us.apache.org ([10.40.0.8])
	by localhost (spamd3-us-west.apache.org [10.40.0.10]) (amavisd-new, port 10024)
	with ESMTP id lmuYrgP71YHI; Thu, 23 Nov 2017 09:41:53 +0000 (UTC)
Received: from mailrelay1-us-west.apache.org (mailrelay1-us-west.apache.org [209.188.14.139])
	by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTP id CD31D5F6D2;
	Thu, 23 Nov 2017 09:41:52 +0000 (UTC)
Received: from reviews.apache.org (unknown [10.41.0.12])
	by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTP id 6C674E041F;
	Thu, 23 Nov 2017 09:41:52 +0000 (UTC)
Received: from reviews-vm2.apache.org (localhost [IPv6:::1])
	by reviews.apache.org (ASF Mail Server at reviews-vm2.apache.org) with ESMTP id 660EBC40173;
	Thu, 23 Nov 2017 09:41:52 +0000 (UTC)
Content-Type: multipart/alternative;
 boundary="===============2470834716530152193=="
MIME-Version: 1.0
Subject: Re: Review Request 62762: Added `LocalResourceProvider::principal()`
 for authentication.
From: Chun-Hung Hsiao <chhsiao@mesosphere.io>
To: Jie Yu <yujie.jay@gmail.com>, Alexander Rojas <alexander@mesosphere.io>,
 Joseph Wu <joseph@mesosphere.io>, Greg Mann <greg@mesosphere.io>
Cc: Chun-Hung Hsiao <chhsiao@mesosphere.io>, mesos <reviews@mesos.apache.org>
Date: Thu, 23 Nov 2017 09:41:52 -0000
Message-ID: <20171123094152.29235.28898@reviews-vm2.apache.org>
X-ReviewBoard-URL: https://reviews.apache.org/
Auto-Submitted: auto-generated
Sender: Chun-Hung Hsiao <noreply@reviews.apache.org>
X-ReviewGroup: mesos
X-Auto-Response-Suppress: DR, RN, OOF, AutoReply
X-ReviewRequest-URL: https://reviews.apache.org/r/62762/
X-Sender: Chun-Hung Hsiao <noreply@reviews.apache.org>
References: <20171122031010.49374.96987@reviews-vm2.apache.org>
In-Reply-To: <20171122031010.49374.96987@reviews-vm2.apache.org>
Reply-To: Chun-Hung Hsiao <chhsiao@mesosphere.io>
X-ReviewRequest-Repository: mesos
archived-at: Thu, 23 Nov 2017 09:41:57 -0000

--===============2470834716530152193==
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62762/
-----------------------------------------------------------

(Updated Nov. 23, 2017, 9:41 a.m.)


Review request for mesos, Alexander Rojas, Greg Mann, Jie Yu, and Joseph Wu.


Changes
-------

Addressed some of jieyu's comments.


Bugs: MESOS-8100
    https://issues.apache.org/jira/browse/MESOS-8100


Repository: mesos


Description
-------

The `LocalResourceProvider::principal()` function takes a
`ResourceProviderInfo` and generates a principal with the following
claim:

  {"cid_prefix", <type-with-dots-replaced-by-dashes>-<name>--}

For example, for resource provider with type
'org.apache.mesos.rp.local.storage' and name 'foo', the claim would be:

  {"cid_prefix", "org-apache-mesos-rp-local-storage-foo--"}

In the future, we could add more claims for authorizing other
operations, such as authorization for Resource Provider API.


Diffs (updated)
-----

  src/resource_provider/local.hpp ebaa07d03ad77d516066ee2d4b60864be0611b5f 
  src/resource_provider/local.cpp ad98f333c5668ca81de6e7ed3fc8f59323b151da 
  src/resource_provider/storage/provider.hpp 6de88c2329b358fcf48bc39ddda0132170991c3c 
  src/resource_provider/storage/provider.cpp 46224997430ac0c568904d80014166a6f059907f 


Diff: https://reviews.apache.org/r/62762/diff/9/

Changes: https://reviews.apache.org/r/62762/diff/8-9/


Testing
-------

make


Thanks,

Chun-Hung Hsiao


--===============2470834716530152193==--