As you might have noticed we started adding Authorization to Mesos endpoints such as /quota or persistent volume related endpoints. There are a number of endpoints where the binary decision allowed/forbidden used for these endpoints is not sufficient. One example is the /state endpoint: There are cases where users should see a subset of the entire state (e.g., all the frameworks they started). Hence we propose "Authorization based endpoint filtering": https://docs.google.com/document/d/1M27S7OTSfJ8afZCklOz00g_wcVrL32i9Lyl6g22GWeY
Looking forwards to your feedback!
