You are viewing a plain text version of this content. The canonical link for it is here.
Posted to reviews@mesos.apache.org by Michael Park <mc...@gmail.com> on 2015/12/01 16:18:54 UTC
Re: Review Request 39988: [4/5] Added authorization for dynamic
reservation master endpoints.
> On Nov. 30, 2015, 9:44 p.m., Jie Yu wrote:
> > src/master/http.cpp, line 2313
> > <https://reviews.apache.org/r/39988/diff/10/?file=1149304#file1149304line2313>
> >
> > Instead of adding a new parameter to `_operation`. Can we put the logics of checking authorization result to `_reserve` and `_unreserve`? It's wiered to me that `_operation` needs to check authorization result.
> >
> > ```
> > auto _unreserve = [=](bool authorized) {
> > if (!authorized) {
> > return Unauthorized("Mesos master");
> > }
> >
> > return _operation(slaveId, resources, operation);
> > };
> >
> > return master->authorizeUnreserveResources(...)
> > .then(defer(master->self(), _unreserve))
> > .repair([](const Future<Response>& future) {
> > return BadRequest("Invalid UNRESERVE operation: " + future.failure());
> > });
> > ```
I think `teardown` can benefit from this pattern as well. I've tried it out to see how it would fit: https://reviews.apache.org/r/40822/
- Michael
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/39988/#review108397
-----------------------------------------------------------
On Nov. 30, 2015, 8:46 p.m., Greg Mann wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/39988/
> -----------------------------------------------------------
>
> (Updated Nov. 30, 2015, 8:46 p.m.)
>
>
> Review request for mesos, Adam B, Jie Yu, Michael Park, and Till Toenshoff.
>
>
> Bugs: MESOS-3062
> https://issues.apache.org/jira/browse/MESOS-3062
>
>
> Repository: mesos
>
>
> Description
> -------
>
> Added authorization for dynamic reservation master endpoints.
> Note: this review is continued from https://reviews.apache.org/r/37126/
>
>
> Diffs
> -----
>
> src/master/http.cpp 9d729ef7f7d7ad6185934648f833e4f8a4f0a123
> src/master/master.hpp 96951e766de32842197506504e5ac67a2caa3efe
> src/tests/reservation_endpoints_tests.cpp f30ff8bc6a3e9773437fa7fd7c8f569b7d7e2d9d
>
> Diff: https://reviews.apache.org/r/39988/diff/
>
>
> Testing
> -------
>
> This is the fourth in a chain of 5 patches. Added new reservation endpoints tests to validate authorization of reserve and unreserve operations using ACLs. `make check` was run to test after all patches were applied.
>
>
> Thanks,
>
> Greg Mann
>
>