Alexander Rojas created MESOS-6401:

             Summary: Authorizer interface should behave more uniform
                 Key: MESOS-6401
             Project: Mesos
          Issue Type: Bug
            Reporter: Alexander Rojas
            Assignee: Alexander Rojas

As currently implemented, the Authorizer interface distinguish between two 
types of authorizations, those suffixed with either {{_WITH_PRINCIPAL}} and 
{{_WITH_ROLE}} and almost all other actions. While the former expect a single 
value to perform authorization, the latter allow for multiple fields based on 
whole protobuf messages.

Since protobuf messages are associated with almost all authorization actions 
(exceptions are {{VIEW_ROLES}} and {{GET_ENDPOINT_WITH_PATH}}, it makes sense 
to standardize the way authorization is performed by using protobuf messages 
for all actions that have one available.

This will also help module writers which desire to create complex rules when an 
action can be performed.

This message was sent by Atlassian JIRA

Reply via email to