You are viewing a plain text version of this content. The canonical link for it is here.

Posted to reviews@mesos.apache.org by Benjamin Bannier <be...@mesosphere.io> on 2017/02/01 16:48:55 UTC

Review Request 56178: Enabled the authorizer to work with MULTI_ROLE frameworks.

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/56178/
-----------------------------------------------------------

Review request for mesos, Alexander Rojas and Benjamin Mahler.


Bugs: MESOS-7022
    https://issues.apache.org/jira/browse/MESOS-7022


Repository: mesos


Description
-------

This updates the local authorizer so that MULTI_ROLE frameworks can be
authorized.

For non-MULTI_ROLE frameworks we continue to support use of the
deprecated 'value' field in the authorization request's 'Object';
however for MULTI_ROLE frameworks the 'value' field will not be set,
and authorizers still relying on it should be updated to instead use
the object's 'framework_info' field to extract roles to authorize
against from.


Diffs
-----

  src/authorizer/local/authorizer.cpp b98e1fcdf2ee5ec1f6ac0be6f8accdefaa390a09 
  src/master/master.cpp 284566ca72bd5c6bd581db9b65d404f86aa7bf61 

Diff: https://reviews.apache.org/r/56178/diff/


Testing
-------

Tested on various configurations in internal CI.


Thanks,

Benjamin Bannier