You are viewing a plain text version of this content. The canonical link for it is here.
Posted to reviews@mesos.apache.org by Greg Mann <gr...@mesosphere.io> on 2016/02/04 20:01:02 UTC
Review Request 43199: Updated authorization documentation.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43199/
-----------------------------------------------------------
Review request for mesos, Neil Conway and Vinod Kone.
Bugs: MESOS-4452
https://issues.apache.org/jira/browse/MESOS-4452
Repository: mesos
Description
-------
Updated authorization documentation.
Added information about the distinction between roles and principals, as well as a real-world authorization example.
Diffs
-----
docs/authorization.md dbbfd60cb35cbb67e47b6a468d4f4ab824981e5d
Diff: https://reviews.apache.org/r/43199/diff/
Testing
-------
Viewed in the mesos website container: https://github.com/mesosphere/mesos-website-container
Thanks,
Greg Mann
Re: Review Request 43199: Updated authorization documentation.
Posted by Vinod Kone <vi...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43199/#review118325
-----------------------------------------------------------
docs/authorization.md (lines 98 - 101)
<https://reviews.apache.org/r/43199/#comment179550>
don't need this. permissive bit above takes care of this.
docs/authorization.md (line 143)
<https://reviews.apache.org/r/43199/#comment179551>
s/register/register framework/
s/register/register framework/
docs/authorization.md (line 166)
<https://reviews.apache.org/r/43199/#comment179552>
s/register/register framework/
s/register/register framework/
docs/authorization.md (line 189)
<https://reviews.apache.org/r/43199/#comment179553>
s/register/register framework/
s/register/register framework/
- Vinod Kone
On Feb. 8, 2016, 6:40 p.m., Greg Mann wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/43199/
> -----------------------------------------------------------
>
> (Updated Feb. 8, 2016, 6:40 p.m.)
>
>
> Review request for mesos, Neil Conway and Vinod Kone.
>
>
> Bugs: MESOS-4452
> https://issues.apache.org/jira/browse/MESOS-4452
>
>
> Repository: mesos
>
>
> Description
> -------
>
> Updated authorization documentation.
>
> Added information about the distinction between roles and principals, as well as a real-world authorization example.
>
>
> Diffs
> -----
>
> docs/authorization.md dbbfd60cb35cbb67e47b6a468d4f4ab824981e5d
>
> Diff: https://reviews.apache.org/r/43199/diff/
>
>
> Testing
> -------
>
> Viewed in the mesos website container: https://github.com/mesosphere/mesos-website-container
>
>
> Thanks,
>
> Greg Mann
>
>
Re: Review Request 43199: Updated authorization documentation.
Posted by Neil Conway <ne...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43199/#review118446
-----------------------------------------------------------
Fix it, then Ship it!
docs/authorization.md (line 76)
<https://reviews.apache.org/r/43199/#comment179675>
"Unix"
s/user groups/groups/
First two sentences are a little fluffy to me; I would cut them. We don't actually say what a principal _is_, either. Can we have a sentence like, "A principal identifies an entity that interacts with Mesos."
docs/authorization.md (line 116)
<https://reviews.apache.org/r/43199/#comment179678>
Maybe we should say "operating system user" instead of just "user"?
- Neil Conway
On Feb. 9, 2016, 7:35 p.m., Greg Mann wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/43199/
> -----------------------------------------------------------
>
> (Updated Feb. 9, 2016, 7:35 p.m.)
>
>
> Review request for mesos, Neil Conway and Vinod Kone.
>
>
> Bugs: MESOS-4452
> https://issues.apache.org/jira/browse/MESOS-4452
>
>
> Repository: mesos
>
>
> Description
> -------
>
> Updated authorization documentation.
>
> Added information about the distinction between roles and principals, as well as a real-world authorization example.
>
>
> Diffs
> -----
>
> docs/authorization.md dbbfd60cb35cbb67e47b6a468d4f4ab824981e5d
>
> Diff: https://reviews.apache.org/r/43199/diff/
>
>
> Testing
> -------
>
> Viewed in the mesos website container: https://github.com/mesosphere/mesos-website-container
>
>
> Thanks,
>
> Greg Mann
>
>
Re: Review Request 43199: Updated authorization documentation.
Posted by Greg Mann <gr...@mesosphere.io>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43199/
-----------------------------------------------------------
(Updated Feb. 11, 2016, 1:31 a.m.)
Review request for mesos, Neil Conway and Vinod Kone.
Bugs: MESOS-4452
https://issues.apache.org/jira/browse/MESOS-4452
Repository: mesos
Description
-------
Updated authorization documentation.
Added information about the distinction between roles and principals, as well as a real-world authorization example.
Diffs (updated)
-----
docs/authorization.md dbbfd60cb35cbb67e47b6a468d4f4ab824981e5d
Diff: https://reviews.apache.org/r/43199/diff/
Testing
-------
Viewed in the mesos website container: https://github.com/mesosphere/mesos-website-container
Thanks,
Greg Mann
Re: Review Request 43199: Updated authorization documentation.
Posted by Greg Mann <gr...@mesosphere.io>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43199/
-----------------------------------------------------------
(Updated Feb. 11, 2016, 1:26 a.m.)
Review request for mesos, Neil Conway and Vinod Kone.
Bugs: MESOS-4452
https://issues.apache.org/jira/browse/MESOS-4452
Repository: mesos
Description
-------
Updated authorization documentation.
Added information about the distinction between roles and principals, as well as a real-world authorization example.
Diffs (updated)
-----
docs/authorization.md dbbfd60cb35cbb67e47b6a468d4f4ab824981e5d
Diff: https://reviews.apache.org/r/43199/diff/
Testing
-------
Viewed in the mesos website container: https://github.com/mesosphere/mesos-website-container
Thanks,
Greg Mann
Re: Review Request 43199: Updated authorization documentation.
Posted by Guangya Liu <gy...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43199/#review118583
-----------------------------------------------------------
Ship it!
Ship It!
- Guangya Liu
On 二月 10, 2016, 12:32 a.m., Greg Mann wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/43199/
> -----------------------------------------------------------
>
> (Updated 二月 10, 2016, 12:32 a.m.)
>
>
> Review request for mesos, Neil Conway and Vinod Kone.
>
>
> Bugs: MESOS-4452
> https://issues.apache.org/jira/browse/MESOS-4452
>
>
> Repository: mesos
>
>
> Description
> -------
>
> Updated authorization documentation.
>
> Added information about the distinction between roles and principals, as well as a real-world authorization example.
>
>
> Diffs
> -----
>
> docs/authorization.md dbbfd60cb35cbb67e47b6a468d4f4ab824981e5d
>
> Diff: https://reviews.apache.org/r/43199/diff/
>
>
> Testing
> -------
>
> Viewed in the mesos website container: https://github.com/mesosphere/mesos-website-container
>
>
> Thanks,
>
> Greg Mann
>
>
Re: Review Request 43199: Updated authorization documentation.
Posted by Greg Mann <gr...@mesosphere.io>.
> On Feb. 10, 2016, 8:06 a.m., Adam B wrote:
> > docs/authorization.md, line 89
> > <https://reviews.apache.org/r/43199/diff/7/?file=1239109#file1239109line89>
> >
> > "operating system user" still isn't quite right to me, especially in light of the abstraction of a "datacenter operating system", in which case this is not the "dcos user", but the linux(/windows) user on the local machine where the task is actually run. I'd prefer something more like the "agent machine's operating system userid", but that's so long. I was thinking "agent linux user" but I suppose it could be a windows user. "Agent local userid"?
I went with "agent operating system user" :-)
Good enough?
- Greg
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43199/#review118611
-----------------------------------------------------------
On Feb. 11, 2016, 1:26 a.m., Greg Mann wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/43199/
> -----------------------------------------------------------
>
> (Updated Feb. 11, 2016, 1:26 a.m.)
>
>
> Review request for mesos, Neil Conway and Vinod Kone.
>
>
> Bugs: MESOS-4452
> https://issues.apache.org/jira/browse/MESOS-4452
>
>
> Repository: mesos
>
>
> Description
> -------
>
> Updated authorization documentation.
>
> Added information about the distinction between roles and principals, as well as a real-world authorization example.
>
>
> Diffs
> -----
>
> docs/authorization.md dbbfd60cb35cbb67e47b6a468d4f4ab824981e5d
>
> Diff: https://reviews.apache.org/r/43199/diff/
>
>
> Testing
> -------
>
> Viewed in the mesos website container: https://github.com/mesosphere/mesos-website-container
>
>
> Thanks,
>
> Greg Mann
>
>
Re: Review Request 43199: Updated authorization documentation.
Posted by Greg Mann <gr...@mesosphere.io>.
> On Feb. 10, 2016, 8:06 a.m., Adam B wrote:
> > docs/authorization.md, line 189
> > <https://reviews.apache.org/r/43199/diff/7/?file=1239109#file1239109line189>
> >
> > Does this mean that no other principal can register a framework at all? Or can they still register a framework with role '*'?
Even `*` is disallowed. I changed the text to clarify this.
- Greg
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43199/#review118611
-----------------------------------------------------------
On Feb. 11, 2016, 1:31 a.m., Greg Mann wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/43199/
> -----------------------------------------------------------
>
> (Updated Feb. 11, 2016, 1:31 a.m.)
>
>
> Review request for mesos, Neil Conway and Vinod Kone.
>
>
> Bugs: MESOS-4452
> https://issues.apache.org/jira/browse/MESOS-4452
>
>
> Repository: mesos
>
>
> Description
> -------
>
> Updated authorization documentation.
>
> Added information about the distinction between roles and principals, as well as a real-world authorization example.
>
>
> Diffs
> -----
>
> docs/authorization.md dbbfd60cb35cbb67e47b6a468d4f4ab824981e5d
>
> Diff: https://reviews.apache.org/r/43199/diff/
>
>
> Testing
> -------
>
> Viewed in the mesos website container: https://github.com/mesosphere/mesos-website-container
>
>
> Thanks,
>
> Greg Mann
>
>
Re: Review Request 43199: Updated authorization documentation.
Posted by Adam B <ad...@mesosphere.io>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43199/#review118611
-----------------------------------------------------------
Fix it, then Ship it!
Just a few clarification questions, but it looks good to me.
docs/authorization.md (line 83)
<https://reviews.apache.org/r/43199/#comment179893>
I was surprised by this new part of the scenario, since you introduce the original only as a "scenario in which the accounting department launches a framework".
Please introduce it as an extension of the previous scenario and start a new bullet list.
Or say "scenario in which the accounting department launches a framework and then tries to destroy a persistent volume"
docs/authorization.md (line 89)
<https://reviews.apache.org/r/43199/#comment179896>
"operating system user" still isn't quite right to me, especially in light of the abstraction of a "datacenter operating system", in which case this is not the "dcos user", but the linux(/windows) user on the local machine where the task is actually run. I'd prefer something more like the "agent machine's operating system userid", but that's so long. I was thinking "agent linux user" but I suppose it could be a windows user. "Agent local userid"?
docs/authorization.md (line 185)
<https://reviews.apache.org/r/43199/#comment179897>
Does this mean that no other principal can register a framework at all? Or can they still register a framework with role '*'?
docs/authorization.md (lines 220 - 221)
<https://reviews.apache.org/r/43199/#comment179898>
Would be kinda nice if the permissive bit could apply per-action instead of only globally. Amirite?
docs/authorization.md (line 233)
<https://reviews.apache.org/r/43199/#comment179899>
What about unauthenticated frameworks that don't have principals?
- Adam B
On Feb. 9, 2016, 4:32 p.m., Greg Mann wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/43199/
> -----------------------------------------------------------
>
> (Updated Feb. 9, 2016, 4:32 p.m.)
>
>
> Review request for mesos, Neil Conway and Vinod Kone.
>
>
> Bugs: MESOS-4452
> https://issues.apache.org/jira/browse/MESOS-4452
>
>
> Repository: mesos
>
>
> Description
> -------
>
> Updated authorization documentation.
>
> Added information about the distinction between roles and principals, as well as a real-world authorization example.
>
>
> Diffs
> -----
>
> docs/authorization.md dbbfd60cb35cbb67e47b6a468d4f4ab824981e5d
>
> Diff: https://reviews.apache.org/r/43199/diff/
>
>
> Testing
> -------
>
> Viewed in the mesos website container: https://github.com/mesosphere/mesos-website-container
>
>
> Thanks,
>
> Greg Mann
>
>
Re: Review Request 43199: Updated authorization documentation.
Posted by Greg Mann <gr...@mesosphere.io>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43199/
-----------------------------------------------------------
(Updated Feb. 10, 2016, 12:32 a.m.)
Review request for mesos, Neil Conway and Vinod Kone.
Bugs: MESOS-4452
https://issues.apache.org/jira/browse/MESOS-4452
Repository: mesos
Description
-------
Updated authorization documentation.
Added information about the distinction between roles and principals, as well as a real-world authorization example.
Diffs (updated)
-----
docs/authorization.md dbbfd60cb35cbb67e47b6a468d4f4ab824981e5d
Diff: https://reviews.apache.org/r/43199/diff/
Testing
-------
Viewed in the mesos website container: https://github.com/mesosphere/mesos-website-container
Thanks,
Greg Mann
Re: Review Request 43199: Updated authorization documentation.
Posted by Greg Mann <gr...@mesosphere.io>.
> On Feb. 9, 2016, 11:27 p.m., Neil Conway wrote:
> > docs/authorization.md, line 78
> > <https://reviews.apache.org/r/43199/diff/6/?file=1239052#file1239052line78>
> >
> > I don't think a "framework is used to represent various individuals or groups". A framework is just a piece of software. I'd just say "principals" here.
This was a typo; intended for it to read "principals and roles might be used..."
- Greg
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43199/#review118499
-----------------------------------------------------------
On Feb. 10, 2016, 12:32 a.m., Greg Mann wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/43199/
> -----------------------------------------------------------
>
> (Updated Feb. 10, 2016, 12:32 a.m.)
>
>
> Review request for mesos, Neil Conway and Vinod Kone.
>
>
> Bugs: MESOS-4452
> https://issues.apache.org/jira/browse/MESOS-4452
>
>
> Repository: mesos
>
>
> Description
> -------
>
> Updated authorization documentation.
>
> Added information about the distinction between roles and principals, as well as a real-world authorization example.
>
>
> Diffs
> -----
>
> docs/authorization.md dbbfd60cb35cbb67e47b6a468d4f4ab824981e5d
>
> Diff: https://reviews.apache.org/r/43199/diff/
>
>
> Testing
> -------
>
> Viewed in the mesos website container: https://github.com/mesosphere/mesos-website-container
>
>
> Thanks,
>
> Greg Mann
>
>
Re: Review Request 43199: Updated authorization documentation.
Posted by Neil Conway <ne...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43199/#review118499
-----------------------------------------------------------
docs/authorization.md (line 78)
<https://reviews.apache.org/r/43199/#comment179752>
I don't think a "framework is used to represent various individuals or groups". A framework is just a piece of software. I'd just say "principals" here.
- Neil Conway
On Feb. 9, 2016, 11:19 p.m., Greg Mann wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/43199/
> -----------------------------------------------------------
>
> (Updated Feb. 9, 2016, 11:19 p.m.)
>
>
> Review request for mesos, Neil Conway and Vinod Kone.
>
>
> Bugs: MESOS-4452
> https://issues.apache.org/jira/browse/MESOS-4452
>
>
> Repository: mesos
>
>
> Description
> -------
>
> Updated authorization documentation.
>
> Added information about the distinction between roles and principals, as well as a real-world authorization example.
>
>
> Diffs
> -----
>
> docs/authorization.md dbbfd60cb35cbb67e47b6a468d4f4ab824981e5d
>
> Diff: https://reviews.apache.org/r/43199/diff/
>
>
> Testing
> -------
>
> Viewed in the mesos website container: https://github.com/mesosphere/mesos-website-container
>
>
> Thanks,
>
> Greg Mann
>
>
Re: Review Request 43199: Updated authorization documentation.
Posted by Greg Mann <gr...@mesosphere.io>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43199/
-----------------------------------------------------------
(Updated Feb. 9, 2016, 11:19 p.m.)
Review request for mesos, Neil Conway and Vinod Kone.
Bugs: MESOS-4452
https://issues.apache.org/jira/browse/MESOS-4452
Repository: mesos
Description
-------
Updated authorization documentation.
Added information about the distinction between roles and principals, as well as a real-world authorization example.
Diffs (updated)
-----
docs/authorization.md dbbfd60cb35cbb67e47b6a468d4f4ab824981e5d
Diff: https://reviews.apache.org/r/43199/diff/
Testing
-------
Viewed in the mesos website container: https://github.com/mesosphere/mesos-website-container
Thanks,
Greg Mann
Re: Review Request 43199: Updated authorization documentation.
Posted by Greg Mann <gr...@mesosphere.io>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43199/
-----------------------------------------------------------
(Updated Feb. 9, 2016, 7:35 p.m.)
Review request for mesos, Neil Conway and Vinod Kone.
Bugs: MESOS-4452
https://issues.apache.org/jira/browse/MESOS-4452
Repository: mesos
Description
-------
Updated authorization documentation.
Added information about the distinction between roles and principals, as well as a real-world authorization example.
Diffs (updated)
-----
docs/authorization.md dbbfd60cb35cbb67e47b6a468d4f4ab824981e5d
Diff: https://reviews.apache.org/r/43199/diff/
Testing
-------
Viewed in the mesos website container: https://github.com/mesosphere/mesos-website-container
Thanks,
Greg Mann
Re: Review Request 43199: Updated authorization documentation.
Posted by Greg Mann <gr...@mesosphere.io>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43199/
-----------------------------------------------------------
(Updated Feb. 8, 2016, 6:40 p.m.)
Review request for mesos, Neil Conway and Vinod Kone.
Changes
-------
Added more ACL examples, and altered the existing ACL examples to be more practical.
Bugs: MESOS-4452
https://issues.apache.org/jira/browse/MESOS-4452
Repository: mesos
Description
-------
Updated authorization documentation.
Added information about the distinction between roles and principals, as well as a real-world authorization example.
Diffs (updated)
-----
docs/authorization.md dbbfd60cb35cbb67e47b6a468d4f4ab824981e5d
Diff: https://reviews.apache.org/r/43199/diff/
Testing
-------
Viewed in the mesos website container: https://github.com/mesosphere/mesos-website-container
Thanks,
Greg Mann
Re: Review Request 43199: Updated authorization documentation.
Posted by Greg Mann <gr...@mesosphere.io>.
> On Feb. 6, 2016, 8:02 a.m., Guangya Liu wrote:
> > docs/authorization.md, line 50
> > <https://reviews.apache.org/r/43199/diff/3/?file=1236976#file1236976line50>
> >
> > Do u want to add an example for quota_principals?
Good idea! I added examples for quota. Also, after reading through the existing examples, I edited some of them to be a bit more practical; there were a couple that I didn't think made much sense in practice.
- Greg
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43199/#review118140
-----------------------------------------------------------
On Feb. 8, 2016, 6:40 p.m., Greg Mann wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/43199/
> -----------------------------------------------------------
>
> (Updated Feb. 8, 2016, 6:40 p.m.)
>
>
> Review request for mesos, Neil Conway and Vinod Kone.
>
>
> Bugs: MESOS-4452
> https://issues.apache.org/jira/browse/MESOS-4452
>
>
> Repository: mesos
>
>
> Description
> -------
>
> Updated authorization documentation.
>
> Added information about the distinction between roles and principals, as well as a real-world authorization example.
>
>
> Diffs
> -----
>
> docs/authorization.md dbbfd60cb35cbb67e47b6a468d4f4ab824981e5d
>
> Diff: https://reviews.apache.org/r/43199/diff/
>
>
> Testing
> -------
>
> Viewed in the mesos website container: https://github.com/mesosphere/mesos-website-container
>
>
> Thanks,
>
> Greg Mann
>
>
Re: Review Request 43199: Updated authorization documentation.
Posted by Guangya Liu <gy...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43199/#review118140
-----------------------------------------------------------
docs/authorization.md (line 50)
<https://reviews.apache.org/r/43199/#comment179391>
Do u want to add an example for quota_principals?
docs/authorization.md (line 76)
<https://reviews.apache.org/r/43199/#comment179390>
Can you please add a link here for ACL? https://github.com/apache/mesos/blob/master/docs/authorization.md
- Guangya Liu
On 二月 6, 2016, 2:40 a.m., Greg Mann wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/43199/
> -----------------------------------------------------------
>
> (Updated 二月 6, 2016, 2:40 a.m.)
>
>
> Review request for mesos, Neil Conway and Vinod Kone.
>
>
> Bugs: MESOS-4452
> https://issues.apache.org/jira/browse/MESOS-4452
>
>
> Repository: mesos
>
>
> Description
> -------
>
> Updated authorization documentation.
>
> Added information about the distinction between roles and principals, as well as a real-world authorization example.
>
>
> Diffs
> -----
>
> docs/authorization.md dbbfd60cb35cbb67e47b6a468d4f4ab824981e5d
>
> Diff: https://reviews.apache.org/r/43199/diff/
>
>
> Testing
> -------
>
> Viewed in the mesos website container: https://github.com/mesosphere/mesos-website-container
>
>
> Thanks,
>
> Greg Mann
>
>
Re: Review Request 43199: Updated authorization documentation.
Posted by Greg Mann <gr...@mesosphere.io>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43199/
-----------------------------------------------------------
(Updated Feb. 6, 2016, 2:40 a.m.)
Review request for mesos, Neil Conway and Vinod Kone.
Changes
-------
Addressed comments.
Bugs: MESOS-4452
https://issues.apache.org/jira/browse/MESOS-4452
Repository: mesos
Description
-------
Updated authorization documentation.
Added information about the distinction between roles and principals, as well as a real-world authorization example.
Diffs (updated)
-----
docs/authorization.md dbbfd60cb35cbb67e47b6a468d4f4ab824981e5d
Diff: https://reviews.apache.org/r/43199/diff/
Testing
-------
Viewed in the mesos website container: https://github.com/mesosphere/mesos-website-container
Thanks,
Greg Mann
Re: Review Request 43199: Updated authorization documentation.
Posted by Greg Mann <gr...@mesosphere.io>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43199/
-----------------------------------------------------------
(Updated Feb. 4, 2016, 7:54 p.m.)
Review request for mesos, Neil Conway and Vinod Kone.
Bugs: MESOS-4452
https://issues.apache.org/jira/browse/MESOS-4452
Repository: mesos
Description
-------
Updated authorization documentation.
Added information about the distinction between roles and principals, as well as a real-world authorization example.
Diffs (updated)
-----
docs/authorization.md dbbfd60cb35cbb67e47b6a468d4f4ab824981e5d
Diff: https://reviews.apache.org/r/43199/diff/
Testing
-------
Viewed in the mesos website container: https://github.com/mesosphere/mesos-website-container
Thanks,
Greg Mann
Re: Review Request 43199: Updated authorization documentation.
Posted by Greg Mann <gr...@mesosphere.io>.
> On Feb. 4, 2016, 7:43 p.m., Neil Conway wrote:
> > docs/authorization.md, line 223
> > <https://reviews.apache.org/r/43199/diff/1/?file=1232300#file1232300line223>
> >
> > s/framework/principal/ , I'd think.
Fixed this here, and elsewhere.
- Greg
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43199/#review117865
-----------------------------------------------------------
On Feb. 6, 2016, 2:40 a.m., Greg Mann wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/43199/
> -----------------------------------------------------------
>
> (Updated Feb. 6, 2016, 2:40 a.m.)
>
>
> Review request for mesos, Neil Conway and Vinod Kone.
>
>
> Bugs: MESOS-4452
> https://issues.apache.org/jira/browse/MESOS-4452
>
>
> Repository: mesos
>
>
> Description
> -------
>
> Updated authorization documentation.
>
> Added information about the distinction between roles and principals, as well as a real-world authorization example.
>
>
> Diffs
> -----
>
> docs/authorization.md dbbfd60cb35cbb67e47b6a468d4f4ab824981e5d
>
> Diff: https://reviews.apache.org/r/43199/diff/
>
>
> Testing
> -------
>
> Viewed in the mesos website container: https://github.com/mesosphere/mesos-website-container
>
>
> Thanks,
>
> Greg Mann
>
>
Re: Review Request 43199: Updated authorization documentation.
Posted by Neil Conway <ne...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43199/#review117865
-----------------------------------------------------------
docs/authorization.md (line 78)
<https://reviews.apache.org/r/43199/#comment179118>
"roughly correspond" => "typically correspond"
Overall, I would phrase this paragraph to be a little less prescriptive: roles and principals are just tools, and they are mapped to real-world concepts in different ways by different organizations.
docs/authorization.md (line 223)
<https://reviews.apache.org/r/43199/#comment179125>
s/framework/principal/ , I'd think.
- Neil Conway
On Feb. 4, 2016, 7:01 p.m., Greg Mann wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/43199/
> -----------------------------------------------------------
>
> (Updated Feb. 4, 2016, 7:01 p.m.)
>
>
> Review request for mesos, Neil Conway and Vinod Kone.
>
>
> Bugs: MESOS-4452
> https://issues.apache.org/jira/browse/MESOS-4452
>
>
> Repository: mesos
>
>
> Description
> -------
>
> Updated authorization documentation.
>
> Added information about the distinction between roles and principals, as well as a real-world authorization example.
>
>
> Diffs
> -----
>
> docs/authorization.md dbbfd60cb35cbb67e47b6a468d4f4ab824981e5d
>
> Diff: https://reviews.apache.org/r/43199/diff/
>
>
> Testing
> -------
>
> Viewed in the mesos website container: https://github.com/mesosphere/mesos-website-container
>
>
> Thanks,
>
> Greg Mann
>
>