-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/33411/#review81076
-----------------------------------------------------------



src/main/java/org/apache/aurora/scheduler/http/api/security/ApiSecurityModule.java
<https://reviews.apache.org/r/33411/#comment131302>

    Is this used anywhere now?



src/main/java/org/apache/aurora/scheduler/http/api/security/ApiSecurityModule.java
<https://reviews.apache.org/r/33411/#comment131305>

    Same here.



src/main/java/org/apache/aurora/scheduler/spi/Permissions.java
<https://reviews.apache.org/r/33411/#comment131309>

    s/org.apache.aurora.scheduler.spi.Permissions//



src/main/java/org/apache/aurora/scheduler/spi/Permissions.java
<https://reviews.apache.org/r/33411/#comment131306>

    Can we just use Domain.values() and save on creating the EnumSet?



src/main/java/org/apache/aurora/scheduler/spi/Permissions.java
<https://reviews.apache.org/r/33411/#comment131307>

    Fits on one line?



src/test/java/org/apache/aurora/scheduler/http/api/security/ShiroAuthorizingInterceptorTest.java
<https://reviews.apache.org/r/33411/#comment131308>

    Any reason not to skip the indirection and use THRIFT_AURORA_ADMIN directly?


- Joshua Cohen


On April 21, 2015, 9:37 p.m., Kevin Sweeney wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/33411/
> -----------------------------------------------------------
> 
> (Updated April 21, 2015, 9:37 p.m.)
> 
> 
> Review request for Aurora, Joshua Cohen and Bill Farner.
> 
> 
> Repository: aurora
> 
> 
> Description
> -------
> 
> Working on an implementation of a Shiro Realm to replace the old 
> CapabilityValidator I realized we're missing some information with the new 
> API. This patch allows a Realm implementation to optionally introspect a 
> permission check for Aurora-specific information about exactly what's being 
> attempted, while maintaining compatibility with Shiro realms that don't know 
> anything about Aurora, such as the included IniRealm.
> 
> To do this I've added a new SPI package, and documented 
> backwards-compatibility considerations with it. The idea is that a third 
> party can write an Aurora-aware Shiro Realm module against a stable ABI and 
> gets one release to update it if we want to make changes to it.
> 
> 
> Diffs
> -----
> 
>   config/findbugs/excludeFilter.xml 0bff71c33dff8c92fdf5e841c04ee1460c50937b 
>   
> src/main/java/org/apache/aurora/scheduler/http/api/security/ApiSecurityModule.java
>  0265e2a1e4cad3f569501521f1bf25d7caa9da44 
>   
> src/main/java/org/apache/aurora/scheduler/http/api/security/ShiroAuthorizingInterceptor.java
>  7a124cccad2e02e7c4f16c3c7fc8bd662bcb5360 
>   
> src/main/java/org/apache/aurora/scheduler/http/api/security/ShiroAuthorizingParamInterceptor.java
>  fde6c84e297d35b3e10f12a95e12dfb7ab1b477f 
>   src/main/java/org/apache/aurora/scheduler/spi/Permissions.java PRE-CREATION 
>   src/main/java/org/apache/aurora/scheduler/spi/package-info.java 
> PRE-CREATION 
>   
> src/test/java/org/apache/aurora/scheduler/http/api/security/ShiroAuthorizingInterceptorTest.java
>  16f2da5207ce2a3f866fa3a51c02c11d1b58a439 
>   
> src/test/java/org/apache/aurora/scheduler/http/api/security/ShiroAuthorizingParamInterceptorTest.java
>  781cf5add1555187757a0254a96f201bc74a1e27 
> 
> Diff: https://reviews.apache.org/r/33411/diff/
> 
> 
> Testing
> -------
> 
> ./gradlew -Pq build
> 
> 
> Thanks,
> 
> Kevin Sweeney
> 
>

Reply via email to