[
https://issues.apache.org/jira/browse/MESOS-8126?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16217127#comment-16217127
]
Greg Mann commented on MESOS-8126:
----------------------------------
Agreed - I think breaking the authorization code out of {{createAgentResponse}}
would clean things up.
If we use a helper which modifies the {{GetAgents::Agent}} in-place, like we do
in {{convertResourceFormat}}, then we could avoid extra copies as a result of
the refactor.
> Consider decoupling the authorization logic from response creation.
> -------------------------------------------------------------------
>
> Key: MESOS-8126
> URL: https://issues.apache.org/jira/browse/MESOS-8126
> Project: Mesos
> Issue Type: Task
> Reporter: Michael Park
>
> Currently the {{createAgentResponse}} function performs some authorization,
> given an optional {{rolesAcceptor}}. {{_getAgents}} function uses this helper
> *with* a {{rolesAcceptor}}. {{createAgentAdded}} on the other hand uses the
> helper *without* a {{rolesAcceptor}} and is passed to
> {{Master::Subscriber::send}}
> for authorization post-hoc.
> From first glance, it seemed like there were 2 authorizations being done for
> no
> reason, and it seems like it could be beneficial to actually pull the
> authorization
> logic out of the response creation logic, rather than coupling them and
> by-passing
> authorization when we want a *custom* authorization logic.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
