Validated `Credential` messages earlier in the HTTP endpoints. Review: https://reviews.apache.org/r/39100
Project: http://git-wip-us.apache.org/repos/asf/mesos/repo Commit: http://git-wip-us.apache.org/repos/asf/mesos/commit/df2a1fd1 Tree: http://git-wip-us.apache.org/repos/asf/mesos/tree/df2a1fd1 Diff: http://git-wip-us.apache.org/repos/asf/mesos/diff/df2a1fd1 Branch: refs/heads/master Commit: df2a1fd1d917549118087c66dd3b2f700a12e714 Parents: a9148f6 Author: Isabel Jimenez <[email protected]> Authored: Mon Oct 12 19:33:01 2015 +0200 Committer: Michael Park <[email protected]> Committed: Mon Oct 12 19:33:02 2015 +0200 ---------------------------------------------------------------------- src/master/http.cpp | 31 +++++++++++++++---------------- 1 file changed, 15 insertions(+), 16 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/mesos/blob/df2a1fd1/src/master/http.cpp ---------------------------------------------------------------------- diff --git a/src/master/http.cpp b/src/master/http.cpp index 4b9f9ed..76954ac 100644 --- a/src/master/http.cpp +++ b/src/master/http.cpp @@ -686,6 +686,11 @@ Future<Response> Master::Http::reserve(const Request& request) const return BadRequest("Expecting POST"); } + Result<Credential> credential = authenticate(request); + if (credential.isError()) { + return Unauthorized("Mesos master", credential.error()); + } + // Parse the query string in the request body. Try<hashmap<string, string>> decode = process::http::query::decode(request.body); @@ -730,11 +735,6 @@ Future<Response> Master::Http::reserve(const Request& request) const resources += resource.get(); } - Result<Credential> credential = authenticate(request); - if (credential.isError()) { - return Unauthorized("Mesos master", credential.error()); - } - // Create an offer operation. Offer::Operation operation; operation.set_type(Offer::Operation::RESERVE); @@ -1234,6 +1234,11 @@ Future<Response> Master::Http::teardown(const Request& request) const return BadRequest("Expecting POST"); } + Result<Credential> credential = authenticate(request); + if (credential.isError()) { + return Unauthorized("Mesos master", credential.error()); + } + // Parse the query string in the request body (since this is a POST) // in order to determine the framework ID to shutdown. Try<hashmap<string, string>> decode = @@ -1258,12 +1263,6 @@ Future<Response> Master::Http::teardown(const Request& request) const return BadRequest("No framework found with specified ID"); } - Result<Credential> credential = authenticate(request); - - if (credential.isError()) { - return Unauthorized("Mesos master", credential.error()); - } - // Skip authorization if no ACLs were provided to the master. if (master->authorizer.isNone()) { return _teardown(id); @@ -1833,6 +1832,11 @@ Future<Response> Master::Http::unreserve(const Request& request) const return BadRequest("Expecting POST"); } + Result<Credential> credential = authenticate(request); + if (credential.isError()) { + return Unauthorized("Mesos master", credential.error()); + } + // Parse the query string in the request body. Try<hashmap<string, string>> decode = process::http::query::decode(request.body); @@ -1877,11 +1881,6 @@ Future<Response> Master::Http::unreserve(const Request& request) const resources += resource.get(); } - Result<Credential> credential = authenticate(request); - if (credential.isError()) { - return Unauthorized("Mesos master", credential.error()); - } - // Create an offer operation. Offer::Operation operation; operation.set_type(Offer::Operation::UNRESERVE);
