You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mesos.apache.org by mp...@apache.org on 2015/10/12 19:42:11 UTC
[2/2] mesos git commit: Validated `Credential` messages earlier in
the HTTP endpoints.
Validated `Credential` messages earlier in the HTTP endpoints.
Review: https://reviews.apache.org/r/39100
Project: http://git-wip-us.apache.org/repos/asf/mesos/repo
Commit: http://git-wip-us.apache.org/repos/asf/mesos/commit/df2a1fd1
Tree: http://git-wip-us.apache.org/repos/asf/mesos/tree/df2a1fd1
Diff: http://git-wip-us.apache.org/repos/asf/mesos/diff/df2a1fd1
Branch: refs/heads/master
Commit: df2a1fd1d917549118087c66dd3b2f700a12e714
Parents: a9148f6
Author: Isabel Jimenez <co...@isabeljimenez.com>
Authored: Mon Oct 12 19:33:01 2015 +0200
Committer: Michael Park <mp...@apache.org>
Committed: Mon Oct 12 19:33:02 2015 +0200
----------------------------------------------------------------------
src/master/http.cpp | 31 +++++++++++++++----------------
1 file changed, 15 insertions(+), 16 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/mesos/blob/df2a1fd1/src/master/http.cpp
----------------------------------------------------------------------
diff --git a/src/master/http.cpp b/src/master/http.cpp
index 4b9f9ed..76954ac 100644
--- a/src/master/http.cpp
+++ b/src/master/http.cpp
@@ -686,6 +686,11 @@ Future<Response> Master::Http::reserve(const Request& request) const
return BadRequest("Expecting POST");
}
+ Result<Credential> credential = authenticate(request);
+ if (credential.isError()) {
+ return Unauthorized("Mesos master", credential.error());
+ }
+
// Parse the query string in the request body.
Try<hashmap<string, string>> decode =
process::http::query::decode(request.body);
@@ -730,11 +735,6 @@ Future<Response> Master::Http::reserve(const Request& request) const
resources += resource.get();
}
- Result<Credential> credential = authenticate(request);
- if (credential.isError()) {
- return Unauthorized("Mesos master", credential.error());
- }
-
// Create an offer operation.
Offer::Operation operation;
operation.set_type(Offer::Operation::RESERVE);
@@ -1234,6 +1234,11 @@ Future<Response> Master::Http::teardown(const Request& request) const
return BadRequest("Expecting POST");
}
+ Result<Credential> credential = authenticate(request);
+ if (credential.isError()) {
+ return Unauthorized("Mesos master", credential.error());
+ }
+
// Parse the query string in the request body (since this is a POST)
// in order to determine the framework ID to shutdown.
Try<hashmap<string, string>> decode =
@@ -1258,12 +1263,6 @@ Future<Response> Master::Http::teardown(const Request& request) const
return BadRequest("No framework found with specified ID");
}
- Result<Credential> credential = authenticate(request);
-
- if (credential.isError()) {
- return Unauthorized("Mesos master", credential.error());
- }
-
// Skip authorization if no ACLs were provided to the master.
if (master->authorizer.isNone()) {
return _teardown(id);
@@ -1833,6 +1832,11 @@ Future<Response> Master::Http::unreserve(const Request& request) const
return BadRequest("Expecting POST");
}
+ Result<Credential> credential = authenticate(request);
+ if (credential.isError()) {
+ return Unauthorized("Mesos master", credential.error());
+ }
+
// Parse the query string in the request body.
Try<hashmap<string, string>> decode =
process::http::query::decode(request.body);
@@ -1877,11 +1881,6 @@ Future<Response> Master::Http::unreserve(const Request& request) const
resources += resource.get();
}
- Result<Credential> credential = authenticate(request);
- if (credential.isError()) {
- return Unauthorized("Mesos master", credential.error());
- }
-
// Create an offer operation.
Offer::Operation operation;
operation.set_type(Offer::Operation::UNRESERVE);