----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/58253/#review171327 -----------------------------------------------------------
include/mesos/authorizer/authorizer.proto Lines 57 (patched) <https://reviews.apache.org/r/58253/#comment244233> I was thinking that instead of having one field `container_id`, why not having a map of claims, then you can verify that each claim made by the subject matches the claims in the object whithout needing to know the supported claims in advance. Limiting the fields is what lead to the whole redising of the object in the first place, from a `string value` to suport the info objects. - Alexander Rojas On April 7, 2017, 5:33 a.m., Greg Mann wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/58253/ > ----------------------------------------------------------- > > (Updated April 7, 2017, 5:33 a.m.) > > > Review request for mesos, Adam B, Alexander Rojas, Till Toenshoff, and Vinod > Kone. > > > Bugs: MESOS-7014 > https://issues.apache.org/jira/browse/MESOS-7014 > > > Repository: mesos > > > Description > ------- > > This patch adds a new member, `container_id` to the > `ObjectApprover::Object` to facilitate implicit executor > authorization. > > > Diffs > ----- > > include/mesos/authorizer/authorizer.hpp > 75801ccc753a60ce5e5979b6723fd2294ce7ffe5 > include/mesos/authorizer/authorizer.proto > 736f76d552956f2351ffd40fc51d088dff83f8c8 > src/authorizer/local/authorizer.cpp > e241edf4afa48d35dbbbb94d72e8e8690f5bedfc > > > Diff: https://reviews.apache.org/r/58253/diff/1/ > > > Testing > ------- > > Testing details can be found at the end of this chain. > > > Thanks, > > Greg Mann > >
