You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mesos.apache.org by me...@apache.org on 2016/03/30 22:52:27 UTC

[2/2] mesos git commit: Made the Action enum optional to support upgrades (MESOS-5031).

Made the Action enum optional to support upgrades (MESOS-5031).

This fix makes the Action enum in Authorization optional to support
upgrades. See MESOS-4997 for details.

Review: https://reviews.apache.org/r/45342/


Project: http://git-wip-us.apache.org/repos/asf/mesos/repo
Commit: http://git-wip-us.apache.org/repos/asf/mesos/commit/5a4680d1
Tree: http://git-wip-us.apache.org/repos/asf/mesos/tree/5a4680d1
Diff: http://git-wip-us.apache.org/repos/asf/mesos/diff/5a4680d1

Branch: refs/heads/master
Commit: 5a4680d1b9abda1bbcfea497ffe95af16dd71387
Parents: c6d6182
Author: Yong Tang <yo...@outlook.com>
Authored: Wed Mar 30 04:22:29 2016 -0700
Committer: Adam B <ad...@mesosphere.io>
Committed: Wed Mar 30 13:49:40 2016 -0700

----------------------------------------------------------------------
 include/mesos/authorizer/authorizer.proto | 13 +++++++++++--
 src/authorizer/local/authorizer.cpp       |  5 +++++
 2 files changed, 16 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/mesos/blob/5a4680d1/include/mesos/authorizer/authorizer.proto
----------------------------------------------------------------------
diff --git a/include/mesos/authorizer/authorizer.proto b/include/mesos/authorizer/authorizer.proto
index 944a493..40d93ea 100644
--- a/include/mesos/authorizer/authorizer.proto
+++ b/include/mesos/authorizer/authorizer.proto
@@ -42,6 +42,12 @@ message Object {
 
 // List of authorizable actions supported in Mesos.
 enum Action {
+  // This must be the first enum value in this list, to
+  // ensure that if 'type' is not set, the default value
+  // is UNKNOWN. This enables enum values to be added
+  // in a backwards-compatible way. See: MESOS-4997.
+  UNKNOWN = 0;
+
   REGISTER_FRAMEWORK_WITH_ROLE = 1;
   RUN_TASK_WITH_USER = 2;
   TEARDOWN_FRAMEWORK_WITH_PRINCIPAL = 3;
@@ -59,6 +65,9 @@ enum Action {
 // as "Can `subject` perform `action` with `object`?".
 message Request {
   required Subject subject = 1;
-  required Action action = 2;
+
+  // Enum fields should be optional, see: MESOS-4997.
+  optional Action action = 2;
+
   required Object object = 3;
-}
\ No newline at end of file
+}

http://git-wip-us.apache.org/repos/asf/mesos/blob/5a4680d1/src/authorizer/local/authorizer.cpp
----------------------------------------------------------------------
diff --git a/src/authorizer/local/authorizer.cpp b/src/authorizer/local/authorizer.cpp
index 0f0d927..c744a16 100644
--- a/src/authorizer/local/authorizer.cpp
+++ b/src/authorizer/local/authorizer.cpp
@@ -201,6 +201,11 @@ public:
 
         return authorized(request, acls_);
         break;
+      default:
+        LOG(WARNING) << "Authorization request for action '" << request.action()
+                     << "' is not defined and therefore not authorized";
+        return false;
+        break;
     }
     UNREACHABLE();
   }