Re: Review Request 59525: Added filtering of `/slaves` endpoint and `GET_AGENTS` API call.

Sat, 10 Jun 2017 22:27:48 -0700 

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/59525/#review177555
-----------------------------------------------------------




src/master/http.cpp
Lines 399 (patched)
<https://reviews.apache.org/r/59525/#comment251246>

    s/JSON::ObjectWriter *writer/JSON::ObjectWriter* writer/



src/master/http.cpp
Lines 402 (patched)
<https://reviews.apache.org/r/59525/#comment251236>

    s/in a/in an/



src/master/http.cpp
Lines 403 (patched)
<https://reviews.apache.org/r/59525/#comment251235>

    s/agregated/aggregated/



src/master/http.cpp
Lines 2333 (patched)
<https://reviews.apache.org/r/59525/#comment251247>

    Indented too far.



src/master/http.cpp
Line 2385 (original), 2415 (patched)
<https://reviews.apache.org/r/59525/#comment251249>

    What about tests for these?



src/master/http.cpp
Lines 3217-3219 (original), 3288-3290 (patched)
<https://reviews.apache.org/r/59525/#comment251248>

    Related question: should we be filtering the framework information 
according to the VIEW_ROLE ACL as well? The VIEW_FRAMEWORKS action sets the 
FrameworkInfo member, so it's possible for an authorizer to filter by role 
using an ACL for that action alone, but the local authorizer currently only 
filters frameworks by username.


- Greg Mann


On June 9, 2017, 10:04 a.m., Alexander Rojas wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/59525/
> -----------------------------------------------------------
> 
> (Updated June 9, 2017, 10:04 a.m.)
> 
> 
> Review request for mesos, Adam B, Greg Mann, and Till Toenshoff.
> 
> 
> Bugs: MESOS-7416
>     https://issues.apache.org/jira/browse/MESOS-7416
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> Adds support of the `VIEW_ROLE` ACL to the results generated by the
> `/slaves` as well as the `GET_AGENTS` API v1 call. This means that
> calls to this endpoint (API call) will hide roles that the user making
> the request is not authorized to see.
> 
> 
> Diffs
> -----
> 
>   src/master/http.cpp 1dcfe6ef00b0e3984deb79a511e665f638661323 
>   src/master/master.hpp e8ddddf273256b14cde1cac390163f948241757f 
> 
> 
> Diff: https://reviews.apache.org/r/59525/diff/3/
> 
> 
> Testing
> -------
> 
> make check
> 
> 
> Thanks,
> 
> Alexander Rojas
> 
>

Reply via email to