[jira] [Comment Edited] (MESOS-6401) Authorizer interface should behave more uniform

["Alexander Rojas (JIRA)" <ji...@apache.org>]

    [ https://issues.apache.org/jira/browse/MESOS-6401?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15581798#comment-15581798 ] 

Alexander Rojas edited comment on MESOS-6401 at 10/31/16 9:07 AM:
------------------------------------------------------------------

[r/52600/|https://reviews.apache.org/r/52600/]: Enable multiple field based authorization in the authorizer interface.
[r/53057/|https://reviews.apache.org/r/53057/]: Updates calls to the authorizer to use whole protobuf messages.
[r/53058/|https://reviews.apache.org/r/53058/]: Added tests for whole protobuf message based authorization.


was (Author: arojas):
[r/52600/|https://reviews.apache.org/r/52600/]: Enable multiple field based authorization in the authorizer interface.

> Authorizer interface should behave more uniform
> -----------------------------------------------
>
>                 Key: MESOS-6401
>                 URL: https://issues.apache.org/jira/browse/MESOS-6401
>             Project: Mesos
>          Issue Type: Improvement
>            Reporter: Alexander Rojas
>            Assignee: Alexander Rojas
>
> As currently implemented, the Authorizer interface distinguish between two types of authorizations, those suffixed with either {{_WITH_PRINCIPAL}} and {{_WITH_ROLE}} and almost all other actions. While the former expect a single value to perform authorization, the latter allow for multiple fields based on whole protobuf messages.
> Since protobuf messages are associated with almost all authorization actions (exceptions are {{VIEW_ROLES}} and {{GET_ENDPOINT_WITH_PATH}}, it makes sense to standardize the way authorization is performed by using protobuf messages for all actions that have one available.
> This will also help module writers which desire to create complex rules when an action can be performed.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)