You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@mesos.apache.org by "Alexander Rojas (JIRA)" <ji...@apache.org> on 2016/10/17 10:08:58 UTC

[jira] [Created] (MESOS-6401) Authorizer interface should behave more uniform

Alexander Rojas created MESOS-6401:
--------------------------------------

             Summary: Authorizer interface should behave more uniform
                 Key: MESOS-6401
                 URL: https://issues.apache.org/jira/browse/MESOS-6401
             Project: Mesos
          Issue Type: Bug
            Reporter: Alexander Rojas
            Assignee: Alexander Rojas


As currently implemented, the Authorizer interface distinguish between two types of authorizations, those suffixed with either {{_WITH_PRINCIPAL}} and {{_WITH_ROLE}} and almost all other actions. While the former expect a single value to perform authorization, the latter allow for multiple fields based on whole protobuf messages.

Since protobuf messages are associated with almost all authorization actions (exceptions are {{VIEW_ROLES}} and {{GET_ENDPOINT_WITH_PATH}}, it makes sense to standardize the way authorization is performed by using protobuf messages for all actions that have one available.

This will also help module writers which desire to create complex rules when an action can be performed.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)