You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mesos.apache.org by me...@apache.org on 2016/03/30 22:52:27 UTC
[2/2] mesos git commit: Made the Action enum optional to support
upgrades (MESOS-5031).
Made the Action enum optional to support upgrades (MESOS-5031).
This fix makes the Action enum in Authorization optional to support
upgrades. See MESOS-4997 for details.
Review: https://reviews.apache.org/r/45342/
Project: http://git-wip-us.apache.org/repos/asf/mesos/repo
Commit: http://git-wip-us.apache.org/repos/asf/mesos/commit/5a4680d1
Tree: http://git-wip-us.apache.org/repos/asf/mesos/tree/5a4680d1
Diff: http://git-wip-us.apache.org/repos/asf/mesos/diff/5a4680d1
Branch: refs/heads/master
Commit: 5a4680d1b9abda1bbcfea497ffe95af16dd71387
Parents: c6d6182
Author: Yong Tang <yo...@outlook.com>
Authored: Wed Mar 30 04:22:29 2016 -0700
Committer: Adam B <ad...@mesosphere.io>
Committed: Wed Mar 30 13:49:40 2016 -0700
----------------------------------------------------------------------
include/mesos/authorizer/authorizer.proto | 13 +++++++++++--
src/authorizer/local/authorizer.cpp | 5 +++++
2 files changed, 16 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/mesos/blob/5a4680d1/include/mesos/authorizer/authorizer.proto
----------------------------------------------------------------------
diff --git a/include/mesos/authorizer/authorizer.proto b/include/mesos/authorizer/authorizer.proto
index 944a493..40d93ea 100644
--- a/include/mesos/authorizer/authorizer.proto
+++ b/include/mesos/authorizer/authorizer.proto
@@ -42,6 +42,12 @@ message Object {
// List of authorizable actions supported in Mesos.
enum Action {
+ // This must be the first enum value in this list, to
+ // ensure that if 'type' is not set, the default value
+ // is UNKNOWN. This enables enum values to be added
+ // in a backwards-compatible way. See: MESOS-4997.
+ UNKNOWN = 0;
+
REGISTER_FRAMEWORK_WITH_ROLE = 1;
RUN_TASK_WITH_USER = 2;
TEARDOWN_FRAMEWORK_WITH_PRINCIPAL = 3;
@@ -59,6 +65,9 @@ enum Action {
// as "Can `subject` perform `action` with `object`?".
message Request {
required Subject subject = 1;
- required Action action = 2;
+
+ // Enum fields should be optional, see: MESOS-4997.
+ optional Action action = 2;
+
required Object object = 3;
-}
\ No newline at end of file
+}
http://git-wip-us.apache.org/repos/asf/mesos/blob/5a4680d1/src/authorizer/local/authorizer.cpp
----------------------------------------------------------------------
diff --git a/src/authorizer/local/authorizer.cpp b/src/authorizer/local/authorizer.cpp
index 0f0d927..c744a16 100644
--- a/src/authorizer/local/authorizer.cpp
+++ b/src/authorizer/local/authorizer.cpp
@@ -201,6 +201,11 @@ public:
return authorized(request, acls_);
break;
+ default:
+ LOG(WARNING) << "Authorization request for action '" << request.action()
+ << "' is not defined and therefore not authorized";
+ return false;
+ break;
}
UNREACHABLE();
}