-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/46613/
-----------------------------------------------------------

(Updated May 6, 2016, 8:28 p.m.)


Review request for mesos, Adam B, Alexander Rojas, and Michael Park.


Summary (updated)
-----------------

Introduced filtering relevant actions and acls.


Bugs: MESOS-5169
    https://issues.apache.org/jira/browse/MESOS-5169


Repository: mesos


Description (updated)
-------

In order to allow for framework and task level filtering we introduce
the following authorizer actions:
* VIEW_FRAMEWORK_WITH_INFO
* VIEW_TASK_WITH_EXECUTOR_INFO = 13;
* VIEW_TASK_WITH_COMMAND_INFO = 14;
* VIEW_TASK_WITH_TASK = 15;

Note that we need different actions for authorizing a tasks
based on the object being authorized.

We also introduce the following acls for the local authorizer:
* ViewFrameworks  (giving access to frameworks running in
    a given role)
* ViewTasks view_tasks (giving access to Tasks run under a
    specific OS user)


Diffs (updated)
-----

  docs/authorization.md 0db5c345b3239814b3b9d2e8a87601ff69d0f869 
  include/mesos/authorizer/acls.proto 9adae8c2a2e1b2ee4b9068ea50fcebb0544f2e5d 
  include/mesos/authorizer/authorizer.proto 
32492a59ad95df3bb673ec42321518f86c11af59 
  src/authorizer/local/authorizer.cpp e59c11269670a7ed72b780913971b421ee17f33f 

Diff: https://reviews.apache.org/r/46613/diff/


Testing
-------

make check (OSX)


Thanks,

Joerg Schad

Reply via email to