You are viewing a plain text version of this content. The canonical link for it is here.
Posted to reviews@mesos.apache.org by Greg Mann <gr...@mesosphere.io> on 2016/02/04 20:01:02 UTC

Review Request 43199: Updated authorization documentation.

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43199/
-----------------------------------------------------------

Review request for mesos, Neil Conway and Vinod Kone.


Bugs: MESOS-4452
    https://issues.apache.org/jira/browse/MESOS-4452


Repository: mesos


Description
-------

Updated authorization documentation.

Added information about the distinction between roles and principals, as well as a real-world authorization example.


Diffs
-----

  docs/authorization.md dbbfd60cb35cbb67e47b6a468d4f4ab824981e5d 

Diff: https://reviews.apache.org/r/43199/diff/


Testing
-------

Viewed in the mesos website container: https://github.com/mesosphere/mesos-website-container


Thanks,

Greg Mann

Re: Review Request 43199: Updated authorization documentation.

Posted by Vinod Kone <vi...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43199/#review118325
-----------------------------------------------------------




docs/authorization.md (lines 98 - 101)
<https://reviews.apache.org/r/43199/#comment179550>

    don't need this. permissive bit above takes care of this.



docs/authorization.md (line 143)
<https://reviews.apache.org/r/43199/#comment179551>

    s/register/register framework/
    s/register/register framework/



docs/authorization.md (line 166)
<https://reviews.apache.org/r/43199/#comment179552>

    s/register/register framework/
    s/register/register framework/



docs/authorization.md (line 189)
<https://reviews.apache.org/r/43199/#comment179553>

    s/register/register framework/
    s/register/register framework/


- Vinod Kone


On Feb. 8, 2016, 6:40 p.m., Greg Mann wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/43199/
> -----------------------------------------------------------
> 
> (Updated Feb. 8, 2016, 6:40 p.m.)
> 
> 
> Review request for mesos, Neil Conway and Vinod Kone.
> 
> 
> Bugs: MESOS-4452
>     https://issues.apache.org/jira/browse/MESOS-4452
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> Updated authorization documentation.
> 
> Added information about the distinction between roles and principals, as well as a real-world authorization example.
> 
> 
> Diffs
> -----
> 
>   docs/authorization.md dbbfd60cb35cbb67e47b6a468d4f4ab824981e5d 
> 
> Diff: https://reviews.apache.org/r/43199/diff/
> 
> 
> Testing
> -------
> 
> Viewed in the mesos website container: https://github.com/mesosphere/mesos-website-container
> 
> 
> Thanks,
> 
> Greg Mann
> 
>

Re: Review Request 43199: Updated authorization documentation.

Posted by Neil Conway <ne...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43199/#review118446
-----------------------------------------------------------


Fix it, then Ship it!





docs/authorization.md (line 76)
<https://reviews.apache.org/r/43199/#comment179675>

    "Unix"
    
    s/user groups/groups/
    
    First two sentences are a little fluffy to me; I would cut them. We don't actually say what a principal _is_, either. Can we have a sentence like, "A principal identifies an entity that interacts with Mesos."



docs/authorization.md (line 116)
<https://reviews.apache.org/r/43199/#comment179678>

    Maybe we should say "operating system user" instead of just "user"?


- Neil Conway


On Feb. 9, 2016, 7:35 p.m., Greg Mann wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/43199/
> -----------------------------------------------------------
> 
> (Updated Feb. 9, 2016, 7:35 p.m.)
> 
> 
> Review request for mesos, Neil Conway and Vinod Kone.
> 
> 
> Bugs: MESOS-4452
>     https://issues.apache.org/jira/browse/MESOS-4452
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> Updated authorization documentation.
> 
> Added information about the distinction between roles and principals, as well as a real-world authorization example.
> 
> 
> Diffs
> -----
> 
>   docs/authorization.md dbbfd60cb35cbb67e47b6a468d4f4ab824981e5d 
> 
> Diff: https://reviews.apache.org/r/43199/diff/
> 
> 
> Testing
> -------
> 
> Viewed in the mesos website container: https://github.com/mesosphere/mesos-website-container
> 
> 
> Thanks,
> 
> Greg Mann
> 
>

Re: Review Request 43199: Updated authorization documentation.

Posted by Greg Mann <gr...@mesosphere.io>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43199/
-----------------------------------------------------------

(Updated Feb. 11, 2016, 1:31 a.m.)


Review request for mesos, Neil Conway and Vinod Kone.


Bugs: MESOS-4452
    https://issues.apache.org/jira/browse/MESOS-4452


Repository: mesos


Description
-------

Updated authorization documentation.

Added information about the distinction between roles and principals, as well as a real-world authorization example.


Diffs (updated)
-----

  docs/authorization.md dbbfd60cb35cbb67e47b6a468d4f4ab824981e5d 

Diff: https://reviews.apache.org/r/43199/diff/


Testing
-------

Viewed in the mesos website container: https://github.com/mesosphere/mesos-website-container


Thanks,

Greg Mann

Re: Review Request 43199: Updated authorization documentation.

Posted by Greg Mann <gr...@mesosphere.io>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43199/
-----------------------------------------------------------

(Updated Feb. 11, 2016, 1:26 a.m.)


Review request for mesos, Neil Conway and Vinod Kone.


Bugs: MESOS-4452
    https://issues.apache.org/jira/browse/MESOS-4452


Repository: mesos


Description
-------

Updated authorization documentation.

Added information about the distinction between roles and principals, as well as a real-world authorization example.


Diffs (updated)
-----

  docs/authorization.md dbbfd60cb35cbb67e47b6a468d4f4ab824981e5d 

Diff: https://reviews.apache.org/r/43199/diff/


Testing
-------

Viewed in the mesos website container: https://github.com/mesosphere/mesos-website-container


Thanks,

Greg Mann

Re: Review Request 43199: Updated authorization documentation.

Posted by Guangya Liu <gy...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43199/#review118583
-----------------------------------------------------------


Ship it!




Ship It!

- Guangya Liu


On 二月 10, 2016, 12:32 a.m., Greg Mann wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/43199/
> -----------------------------------------------------------
> 
> (Updated 二月 10, 2016, 12:32 a.m.)
> 
> 
> Review request for mesos, Neil Conway and Vinod Kone.
> 
> 
> Bugs: MESOS-4452
>     https://issues.apache.org/jira/browse/MESOS-4452
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> Updated authorization documentation.
> 
> Added information about the distinction between roles and principals, as well as a real-world authorization example.
> 
> 
> Diffs
> -----
> 
>   docs/authorization.md dbbfd60cb35cbb67e47b6a468d4f4ab824981e5d 
> 
> Diff: https://reviews.apache.org/r/43199/diff/
> 
> 
> Testing
> -------
> 
> Viewed in the mesos website container: https://github.com/mesosphere/mesos-website-container
> 
> 
> Thanks,
> 
> Greg Mann
> 
>

Re: Review Request 43199: Updated authorization documentation.

Posted by Greg Mann <gr...@mesosphere.io>.

> On Feb. 10, 2016, 8:06 a.m., Adam B wrote:
> > docs/authorization.md, line 89
> > <https://reviews.apache.org/r/43199/diff/7/?file=1239109#file1239109line89>
> >
> >     "operating system user" still isn't quite right to me, especially in light of the abstraction of a "datacenter operating system", in which case this is not the "dcos user", but the linux(/windows) user on the local machine where the task is actually run. I'd prefer something more like the "agent machine's operating system userid", but that's so long. I was thinking "agent linux user" but I suppose it could be a windows user. "Agent local userid"?

I went with "agent operating system user" :-)

Good enough?


- Greg


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43199/#review118611
-----------------------------------------------------------


On Feb. 11, 2016, 1:26 a.m., Greg Mann wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/43199/
> -----------------------------------------------------------
> 
> (Updated Feb. 11, 2016, 1:26 a.m.)
> 
> 
> Review request for mesos, Neil Conway and Vinod Kone.
> 
> 
> Bugs: MESOS-4452
>     https://issues.apache.org/jira/browse/MESOS-4452
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> Updated authorization documentation.
> 
> Added information about the distinction between roles and principals, as well as a real-world authorization example.
> 
> 
> Diffs
> -----
> 
>   docs/authorization.md dbbfd60cb35cbb67e47b6a468d4f4ab824981e5d 
> 
> Diff: https://reviews.apache.org/r/43199/diff/
> 
> 
> Testing
> -------
> 
> Viewed in the mesos website container: https://github.com/mesosphere/mesos-website-container
> 
> 
> Thanks,
> 
> Greg Mann
> 
>

Re: Review Request 43199: Updated authorization documentation.

Posted by Greg Mann <gr...@mesosphere.io>.

> On Feb. 10, 2016, 8:06 a.m., Adam B wrote:
> > docs/authorization.md, line 189
> > <https://reviews.apache.org/r/43199/diff/7/?file=1239109#file1239109line189>
> >
> >     Does this mean that no other principal can register a framework at all? Or can they still register a framework with role '*'?

Even `*` is disallowed. I changed the text to clarify this.


- Greg


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43199/#review118611
-----------------------------------------------------------


On Feb. 11, 2016, 1:31 a.m., Greg Mann wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/43199/
> -----------------------------------------------------------
> 
> (Updated Feb. 11, 2016, 1:31 a.m.)
> 
> 
> Review request for mesos, Neil Conway and Vinod Kone.
> 
> 
> Bugs: MESOS-4452
>     https://issues.apache.org/jira/browse/MESOS-4452
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> Updated authorization documentation.
> 
> Added information about the distinction between roles and principals, as well as a real-world authorization example.
> 
> 
> Diffs
> -----
> 
>   docs/authorization.md dbbfd60cb35cbb67e47b6a468d4f4ab824981e5d 
> 
> Diff: https://reviews.apache.org/r/43199/diff/
> 
> 
> Testing
> -------
> 
> Viewed in the mesos website container: https://github.com/mesosphere/mesos-website-container
> 
> 
> Thanks,
> 
> Greg Mann
> 
>

Re: Review Request 43199: Updated authorization documentation.

Posted by Adam B <ad...@mesosphere.io>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43199/#review118611
-----------------------------------------------------------


Fix it, then Ship it!




Just a few clarification questions, but it looks good to me.


docs/authorization.md (line 83)
<https://reviews.apache.org/r/43199/#comment179893>

    I was surprised by this new part of the scenario, since you introduce the original only as a "scenario in which the accounting department launches a framework".
    Please introduce it as an extension of the previous scenario and start a new bullet list.
    Or say "scenario in which the accounting department launches a framework and then tries to destroy a persistent volume"



docs/authorization.md (line 89)
<https://reviews.apache.org/r/43199/#comment179896>

    "operating system user" still isn't quite right to me, especially in light of the abstraction of a "datacenter operating system", in which case this is not the "dcos user", but the linux(/windows) user on the local machine where the task is actually run. I'd prefer something more like the "agent machine's operating system userid", but that's so long. I was thinking "agent linux user" but I suppose it could be a windows user. "Agent local userid"?



docs/authorization.md (line 185)
<https://reviews.apache.org/r/43199/#comment179897>

    Does this mean that no other principal can register a framework at all? Or can they still register a framework with role '*'?



docs/authorization.md (lines 220 - 221)
<https://reviews.apache.org/r/43199/#comment179898>

    Would be kinda nice if the permissive bit could apply per-action instead of only globally. Amirite?



docs/authorization.md (line 233)
<https://reviews.apache.org/r/43199/#comment179899>

    What about unauthenticated frameworks that don't have principals?


- Adam B


On Feb. 9, 2016, 4:32 p.m., Greg Mann wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/43199/
> -----------------------------------------------------------
> 
> (Updated Feb. 9, 2016, 4:32 p.m.)
> 
> 
> Review request for mesos, Neil Conway and Vinod Kone.
> 
> 
> Bugs: MESOS-4452
>     https://issues.apache.org/jira/browse/MESOS-4452
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> Updated authorization documentation.
> 
> Added information about the distinction between roles and principals, as well as a real-world authorization example.
> 
> 
> Diffs
> -----
> 
>   docs/authorization.md dbbfd60cb35cbb67e47b6a468d4f4ab824981e5d 
> 
> Diff: https://reviews.apache.org/r/43199/diff/
> 
> 
> Testing
> -------
> 
> Viewed in the mesos website container: https://github.com/mesosphere/mesos-website-container
> 
> 
> Thanks,
> 
> Greg Mann
> 
>

Re: Review Request 43199: Updated authorization documentation.

Posted by Greg Mann <gr...@mesosphere.io>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43199/
-----------------------------------------------------------

(Updated Feb. 10, 2016, 12:32 a.m.)


Review request for mesos, Neil Conway and Vinod Kone.


Bugs: MESOS-4452
    https://issues.apache.org/jira/browse/MESOS-4452


Repository: mesos


Description
-------

Updated authorization documentation.

Added information about the distinction between roles and principals, as well as a real-world authorization example.


Diffs (updated)
-----

  docs/authorization.md dbbfd60cb35cbb67e47b6a468d4f4ab824981e5d 

Diff: https://reviews.apache.org/r/43199/diff/


Testing
-------

Viewed in the mesos website container: https://github.com/mesosphere/mesos-website-container


Thanks,

Greg Mann

Re: Review Request 43199: Updated authorization documentation.

Posted by Greg Mann <gr...@mesosphere.io>.

> On Feb. 9, 2016, 11:27 p.m., Neil Conway wrote:
> > docs/authorization.md, line 78
> > <https://reviews.apache.org/r/43199/diff/6/?file=1239052#file1239052line78>
> >
> >     I don't think a "framework is used to represent various individuals or groups". A framework is just a piece of software. I'd just say "principals" here.

This was a typo; intended for it to read "principals and roles might be used..."


- Greg


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43199/#review118499
-----------------------------------------------------------


On Feb. 10, 2016, 12:32 a.m., Greg Mann wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/43199/
> -----------------------------------------------------------
> 
> (Updated Feb. 10, 2016, 12:32 a.m.)
> 
> 
> Review request for mesos, Neil Conway and Vinod Kone.
> 
> 
> Bugs: MESOS-4452
>     https://issues.apache.org/jira/browse/MESOS-4452
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> Updated authorization documentation.
> 
> Added information about the distinction between roles and principals, as well as a real-world authorization example.
> 
> 
> Diffs
> -----
> 
>   docs/authorization.md dbbfd60cb35cbb67e47b6a468d4f4ab824981e5d 
> 
> Diff: https://reviews.apache.org/r/43199/diff/
> 
> 
> Testing
> -------
> 
> Viewed in the mesos website container: https://github.com/mesosphere/mesos-website-container
> 
> 
> Thanks,
> 
> Greg Mann
> 
>

Re: Review Request 43199: Updated authorization documentation.

Posted by Neil Conway <ne...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43199/#review118499
-----------------------------------------------------------




docs/authorization.md (line 78)
<https://reviews.apache.org/r/43199/#comment179752>

    I don't think a "framework is used to represent various individuals or groups". A framework is just a piece of software. I'd just say "principals" here.


- Neil Conway


On Feb. 9, 2016, 11:19 p.m., Greg Mann wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/43199/
> -----------------------------------------------------------
> 
> (Updated Feb. 9, 2016, 11:19 p.m.)
> 
> 
> Review request for mesos, Neil Conway and Vinod Kone.
> 
> 
> Bugs: MESOS-4452
>     https://issues.apache.org/jira/browse/MESOS-4452
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> Updated authorization documentation.
> 
> Added information about the distinction between roles and principals, as well as a real-world authorization example.
> 
> 
> Diffs
> -----
> 
>   docs/authorization.md dbbfd60cb35cbb67e47b6a468d4f4ab824981e5d 
> 
> Diff: https://reviews.apache.org/r/43199/diff/
> 
> 
> Testing
> -------
> 
> Viewed in the mesos website container: https://github.com/mesosphere/mesos-website-container
> 
> 
> Thanks,
> 
> Greg Mann
> 
>

Re: Review Request 43199: Updated authorization documentation.

Posted by Greg Mann <gr...@mesosphere.io>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43199/
-----------------------------------------------------------

(Updated Feb. 9, 2016, 11:19 p.m.)


Review request for mesos, Neil Conway and Vinod Kone.


Bugs: MESOS-4452
    https://issues.apache.org/jira/browse/MESOS-4452


Repository: mesos


Description
-------

Updated authorization documentation.

Added information about the distinction between roles and principals, as well as a real-world authorization example.


Diffs (updated)
-----

  docs/authorization.md dbbfd60cb35cbb67e47b6a468d4f4ab824981e5d 

Diff: https://reviews.apache.org/r/43199/diff/


Testing
-------

Viewed in the mesos website container: https://github.com/mesosphere/mesos-website-container


Thanks,

Greg Mann

Re: Review Request 43199: Updated authorization documentation.

Posted by Greg Mann <gr...@mesosphere.io>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43199/
-----------------------------------------------------------

(Updated Feb. 9, 2016, 7:35 p.m.)


Review request for mesos, Neil Conway and Vinod Kone.


Bugs: MESOS-4452
    https://issues.apache.org/jira/browse/MESOS-4452


Repository: mesos


Description
-------

Updated authorization documentation.

Added information about the distinction between roles and principals, as well as a real-world authorization example.


Diffs (updated)
-----

  docs/authorization.md dbbfd60cb35cbb67e47b6a468d4f4ab824981e5d 

Diff: https://reviews.apache.org/r/43199/diff/


Testing
-------

Viewed in the mesos website container: https://github.com/mesosphere/mesos-website-container


Thanks,

Greg Mann

Re: Review Request 43199: Updated authorization documentation.

Posted by Greg Mann <gr...@mesosphere.io>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43199/
-----------------------------------------------------------

(Updated Feb. 8, 2016, 6:40 p.m.)


Review request for mesos, Neil Conway and Vinod Kone.


Changes
-------

Added more ACL examples, and altered the existing ACL examples to be more practical.


Bugs: MESOS-4452
    https://issues.apache.org/jira/browse/MESOS-4452


Repository: mesos


Description
-------

Updated authorization documentation.

Added information about the distinction between roles and principals, as well as a real-world authorization example.


Diffs (updated)
-----

  docs/authorization.md dbbfd60cb35cbb67e47b6a468d4f4ab824981e5d 

Diff: https://reviews.apache.org/r/43199/diff/


Testing
-------

Viewed in the mesos website container: https://github.com/mesosphere/mesos-website-container


Thanks,

Greg Mann

Re: Review Request 43199: Updated authorization documentation.

Posted by Greg Mann <gr...@mesosphere.io>.

> On Feb. 6, 2016, 8:02 a.m., Guangya Liu wrote:
> > docs/authorization.md, line 50
> > <https://reviews.apache.org/r/43199/diff/3/?file=1236976#file1236976line50>
> >
> >     Do u want to add an example for quota_principals?

Good idea! I added examples for quota. Also, after reading through the existing examples, I edited some of them to be a bit more practical; there were a couple that I didn't think made much sense in practice.


- Greg


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43199/#review118140
-----------------------------------------------------------


On Feb. 8, 2016, 6:40 p.m., Greg Mann wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/43199/
> -----------------------------------------------------------
> 
> (Updated Feb. 8, 2016, 6:40 p.m.)
> 
> 
> Review request for mesos, Neil Conway and Vinod Kone.
> 
> 
> Bugs: MESOS-4452
>     https://issues.apache.org/jira/browse/MESOS-4452
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> Updated authorization documentation.
> 
> Added information about the distinction between roles and principals, as well as a real-world authorization example.
> 
> 
> Diffs
> -----
> 
>   docs/authorization.md dbbfd60cb35cbb67e47b6a468d4f4ab824981e5d 
> 
> Diff: https://reviews.apache.org/r/43199/diff/
> 
> 
> Testing
> -------
> 
> Viewed in the mesos website container: https://github.com/mesosphere/mesos-website-container
> 
> 
> Thanks,
> 
> Greg Mann
> 
>

Re: Review Request 43199: Updated authorization documentation.

Posted by Guangya Liu <gy...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43199/#review118140
-----------------------------------------------------------




docs/authorization.md (line 50)
<https://reviews.apache.org/r/43199/#comment179391>

    Do u want to add an example for quota_principals?



docs/authorization.md (line 76)
<https://reviews.apache.org/r/43199/#comment179390>

    Can you please add a link here for ACL? https://github.com/apache/mesos/blob/master/docs/authorization.md


- Guangya Liu


On 二月 6, 2016, 2:40 a.m., Greg Mann wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/43199/
> -----------------------------------------------------------
> 
> (Updated 二月 6, 2016, 2:40 a.m.)
> 
> 
> Review request for mesos, Neil Conway and Vinod Kone.
> 
> 
> Bugs: MESOS-4452
>     https://issues.apache.org/jira/browse/MESOS-4452
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> Updated authorization documentation.
> 
> Added information about the distinction between roles and principals, as well as a real-world authorization example.
> 
> 
> Diffs
> -----
> 
>   docs/authorization.md dbbfd60cb35cbb67e47b6a468d4f4ab824981e5d 
> 
> Diff: https://reviews.apache.org/r/43199/diff/
> 
> 
> Testing
> -------
> 
> Viewed in the mesos website container: https://github.com/mesosphere/mesos-website-container
> 
> 
> Thanks,
> 
> Greg Mann
> 
>

Re: Review Request 43199: Updated authorization documentation.

Posted by Greg Mann <gr...@mesosphere.io>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43199/
-----------------------------------------------------------

(Updated Feb. 6, 2016, 2:40 a.m.)


Review request for mesos, Neil Conway and Vinod Kone.


Changes
-------

Addressed comments.


Bugs: MESOS-4452
    https://issues.apache.org/jira/browse/MESOS-4452


Repository: mesos


Description
-------

Updated authorization documentation.

Added information about the distinction between roles and principals, as well as a real-world authorization example.


Diffs (updated)
-----

  docs/authorization.md dbbfd60cb35cbb67e47b6a468d4f4ab824981e5d 

Diff: https://reviews.apache.org/r/43199/diff/


Testing
-------

Viewed in the mesos website container: https://github.com/mesosphere/mesos-website-container


Thanks,

Greg Mann

Re: Review Request 43199: Updated authorization documentation.

Posted by Greg Mann <gr...@mesosphere.io>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43199/
-----------------------------------------------------------

(Updated Feb. 4, 2016, 7:54 p.m.)


Review request for mesos, Neil Conway and Vinod Kone.


Bugs: MESOS-4452
    https://issues.apache.org/jira/browse/MESOS-4452


Repository: mesos


Description
-------

Updated authorization documentation.

Added information about the distinction between roles and principals, as well as a real-world authorization example.


Diffs (updated)
-----

  docs/authorization.md dbbfd60cb35cbb67e47b6a468d4f4ab824981e5d 

Diff: https://reviews.apache.org/r/43199/diff/


Testing
-------

Viewed in the mesos website container: https://github.com/mesosphere/mesos-website-container


Thanks,

Greg Mann

Re: Review Request 43199: Updated authorization documentation.

Posted by Greg Mann <gr...@mesosphere.io>.

> On Feb. 4, 2016, 7:43 p.m., Neil Conway wrote:
> > docs/authorization.md, line 223
> > <https://reviews.apache.org/r/43199/diff/1/?file=1232300#file1232300line223>
> >
> >     s/framework/principal/ , I'd think.

Fixed this here, and elsewhere.


- Greg


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43199/#review117865
-----------------------------------------------------------


On Feb. 6, 2016, 2:40 a.m., Greg Mann wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/43199/
> -----------------------------------------------------------
> 
> (Updated Feb. 6, 2016, 2:40 a.m.)
> 
> 
> Review request for mesos, Neil Conway and Vinod Kone.
> 
> 
> Bugs: MESOS-4452
>     https://issues.apache.org/jira/browse/MESOS-4452
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> Updated authorization documentation.
> 
> Added information about the distinction between roles and principals, as well as a real-world authorization example.
> 
> 
> Diffs
> -----
> 
>   docs/authorization.md dbbfd60cb35cbb67e47b6a468d4f4ab824981e5d 
> 
> Diff: https://reviews.apache.org/r/43199/diff/
> 
> 
> Testing
> -------
> 
> Viewed in the mesos website container: https://github.com/mesosphere/mesos-website-container
> 
> 
> Thanks,
> 
> Greg Mann
> 
>

Re: Review Request 43199: Updated authorization documentation.

Posted by Neil Conway <ne...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43199/#review117865
-----------------------------------------------------------




docs/authorization.md (line 78)
<https://reviews.apache.org/r/43199/#comment179118>

    "roughly correspond" => "typically correspond"
    
    Overall, I would phrase this paragraph to be a little less prescriptive: roles and principals are just tools, and they are mapped to real-world concepts in different ways by different organizations.



docs/authorization.md (line 223)
<https://reviews.apache.org/r/43199/#comment179125>

    s/framework/principal/ , I'd think.


- Neil Conway


On Feb. 4, 2016, 7:01 p.m., Greg Mann wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/43199/
> -----------------------------------------------------------
> 
> (Updated Feb. 4, 2016, 7:01 p.m.)
> 
> 
> Review request for mesos, Neil Conway and Vinod Kone.
> 
> 
> Bugs: MESOS-4452
>     https://issues.apache.org/jira/browse/MESOS-4452
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> Updated authorization documentation.
> 
> Added information about the distinction between roles and principals, as well as a real-world authorization example.
> 
> 
> Diffs
> -----
> 
>   docs/authorization.md dbbfd60cb35cbb67e47b6a468d4f4ab824981e5d 
> 
> Diff: https://reviews.apache.org/r/43199/diff/
> 
> 
> Testing
> -------
> 
> Viewed in the mesos website container: https://github.com/mesosphere/mesos-website-container
> 
> 
> Thanks,
> 
> Greg Mann
> 
>