You are viewing a plain text version of this content. The canonical link for it is here.
Posted to reviews@mesos.apache.org by Benjamin Bannier <be...@mesosphere.io> on 2017/02/01 16:48:55 UTC
Review Request 56178: Enabled the authorizer to work with MULTI_ROLE
frameworks.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/56178/
-----------------------------------------------------------
Review request for mesos, Alexander Rojas and Benjamin Mahler.
Bugs: MESOS-7022
https://issues.apache.org/jira/browse/MESOS-7022
Repository: mesos
Description
-------
This updates the local authorizer so that MULTI_ROLE frameworks can be
authorized.
For non-MULTI_ROLE frameworks we continue to support use of the
deprecated 'value' field in the authorization request's 'Object';
however for MULTI_ROLE frameworks the 'value' field will not be set,
and authorizers still relying on it should be updated to instead use
the object's 'framework_info' field to extract roles to authorize
against from.
Diffs
-----
src/authorizer/local/authorizer.cpp b98e1fcdf2ee5ec1f6ac0be6f8accdefaa390a09
src/master/master.cpp 284566ca72bd5c6bd581db9b65d404f86aa7bf61
Diff: https://reviews.apache.org/r/56178/diff/
Testing
-------
Tested on various configurations in internal CI.
Thanks,
Benjamin Bannier