> On March 13, 2015, 7:59 p.m., Joshua Cohen wrote: > > src/main/java/org/apache/aurora/scheduler/http/api/security/ApiSecurityModule.java, > > line 95 > > <https://reviews.apache.org/r/32055/diff/1/?file=894545#file894545line95> > > > > I thought it's generally preferable when installing user-supplied > > modules to do so within a private module to sandbox the module? > > Kevin Sweeney wrote: > it is, but then multibinders don't work: > https://groups.google.com/forum/#!topic/google-guice/h70a9pwD6_g
Nod, I saw the multibinding but wasn't clear why it was needed now and not in the previous version (answer: previous version also used multibinding, but it was hidden within the bindRealm call). Can you add a comment explaining why you're not doing this in a private module? > On March 13, 2015, 7:59 p.m., Joshua Cohen wrote: > > src/main/java/org/apache/aurora/scheduler/http/api/security/ModuleParser.java, > > line 15 > > <https://reviews.apache.org/r/32055/diff/1/?file=894547#file894547line15> > > > > Do we need this? Can we just use an arg like... Arg<? extends Class<? > > extends Module>> and rely on the existing ClassParser to give us the type, > > then just call newInstance() on that? > > Kevin Sweeney wrote: > basically this boilerplate will appear everywhere we do this - seems > reasonable to standardize on a parser to make the error messages nice. makes > unit tests easier as well as we can pass instances of module (usually AICs) > instead of a class object. Sounds reasonable! - Joshua ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/32055/#review76410 ----------------------------------------------------------- On March 13, 2015, 8:26 p.m., Kevin Sweeney wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/32055/ > ----------------------------------------------------------- > > (Updated March 13, 2015, 8:26 p.m.) > > > Review request for Aurora, Joshua Cohen and Bill Farner. > > > Bugs: AURORA-809 > https://issues.apache.org/jira/browse/AURORA-809 > > > Repository: aurora > > > Description > ------- > > Add a flag to configure Shiro at runtime. > > > Diffs > ----- > > > src/main/java/org/apache/aurora/scheduler/http/api/security/ApiSecurityModule.java > 1c3ea24d8d4751f62e1bea260f8823f039e56e10 > > src/main/java/org/apache/aurora/scheduler/http/api/security/IniShiroRealmModule.java > PRE-CREATION > > src/main/java/org/apache/aurora/scheduler/http/api/security/ModuleParser.java > PRE-CREATION > > src/test/java/org/apache/aurora/scheduler/http/api/security/ApiSecurityIT.java > 2876b1f0595fc05fe76718a69ae280b4ce7d7178 > > src/test/java/org/apache/aurora/scheduler/http/api/security/ModuleParserTest.java > PRE-CREATION > > Diff: https://reviews.apache.org/r/32055/diff/ > > > Testing > ------- > > ./gradlew -Pq build > > > Thanks, > > Kevin Sweeney > >
