You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@mesos.apache.org by "Alexander Rojas (JIRA)" <ji...@apache.org> on 2016/10/17 10:09:58 UTC

[jira] [Updated] (MESOS-6401) Authorizer interface should behave more uniform

     [ https://issues.apache.org/jira/browse/MESOS-6401?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Alexander Rojas updated MESOS-6401:
-----------------------------------
    Issue Type: Improvement  (was: Bug)

> Authorizer interface should behave more uniform
> -----------------------------------------------
>
>                 Key: MESOS-6401
>                 URL: https://issues.apache.org/jira/browse/MESOS-6401
>             Project: Mesos
>          Issue Type: Improvement
>            Reporter: Alexander Rojas
>            Assignee: Alexander Rojas
>
> As currently implemented, the Authorizer interface distinguish between two types of authorizations, those suffixed with either {{_WITH_PRINCIPAL}} and {{_WITH_ROLE}} and almost all other actions. While the former expect a single value to perform authorization, the latter allow for multiple fields based on whole protobuf messages.
> Since protobuf messages are associated with almost all authorization actions (exceptions are {{VIEW_ROLES}} and {{GET_ENDPOINT_WITH_PATH}}, it makes sense to standardize the way authorization is performed by using protobuf messages for all actions that have one available.
> This will also help module writers which desire to create complex rules when an action can be performed.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)