mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Greg Mann <g...@mesosphere.io>
Subject Re: Review Request 59525: Added filtering of `/slaves` endpoint and `GET_AGENTS` API call.
Date Sun, 11 Jun 2017 05:27:12 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/59525/#review177555
-----------------------------------------------------------




src/master/http.cpp
Lines 399 (patched)
<https://reviews.apache.org/r/59525/#comment251246>

    s/JSON::ObjectWriter *writer/JSON::ObjectWriter* writer/



src/master/http.cpp
Lines 402 (patched)
<https://reviews.apache.org/r/59525/#comment251236>

    s/in a/in an/



src/master/http.cpp
Lines 403 (patched)
<https://reviews.apache.org/r/59525/#comment251235>

    s/agregated/aggregated/



src/master/http.cpp
Lines 2333 (patched)
<https://reviews.apache.org/r/59525/#comment251247>

    Indented too far.



src/master/http.cpp
Line 2385 (original), 2415 (patched)
<https://reviews.apache.org/r/59525/#comment251249>

    What about tests for these?



src/master/http.cpp
Lines 3217-3219 (original), 3288-3290 (patched)
<https://reviews.apache.org/r/59525/#comment251248>

    Related question: should we be filtering the framework information according to the VIEW_ROLE
ACL as well? The VIEW_FRAMEWORKS action sets the FrameworkInfo member, so it's possible for
an authorizer to filter by role using an ACL for that action alone, but the local authorizer
currently only filters frameworks by username.


- Greg Mann


On June 9, 2017, 10:04 a.m., Alexander Rojas wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/59525/
> -----------------------------------------------------------
> 
> (Updated June 9, 2017, 10:04 a.m.)
> 
> 
> Review request for mesos, Adam B, Greg Mann, and Till Toenshoff.
> 
> 
> Bugs: MESOS-7416
>     https://issues.apache.org/jira/browse/MESOS-7416
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> Adds support of the `VIEW_ROLE` ACL to the results generated by the
> `/slaves` as well as the `GET_AGENTS` API v1 call. This means that
> calls to this endpoint (API call) will hide roles that the user making
> the request is not authorized to see.
> 
> 
> Diffs
> -----
> 
>   src/master/http.cpp 1dcfe6ef00b0e3984deb79a511e665f638661323 
>   src/master/master.hpp e8ddddf273256b14cde1cac390163f948241757f 
> 
> 
> Diff: https://reviews.apache.org/r/59525/diff/3/
> 
> 
> Testing
> -------
> 
> make check
> 
> 
> Thanks,
> 
> Alexander Rojas
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message