> On June 21, 2018, 3:39 p.m., Chun-Hung Hsiao wrote: > > include/mesos/authorizer/acls.proto > > Lines 534 (patched) > > <https://reviews.apache.org/r/67501/diff/3/?file=2044102#file2044102line534> > > > > The patch looks good overall. But I'd like to raise a discussion about > > the object entity. Why are we planning to use resource providers but not > > roles, like the other offer operations?
It seems to me that `roles` fit better here since the resource only has a provider ID, which is a dynamically generated value, and would be hard for the operator to set it up. Thoughts? - Chun-Hung ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/67501/#review205178 ----------------------------------------------------------- On June 21, 2018, 12:34 p.m., Jan Schlicht wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/67501/ > ----------------------------------------------------------- > > (Updated June 21, 2018, 12:34 p.m.) > > > Review request for mesos, Benjamin Bannier and Chun-Hung Hsiao. > > > Bugs: MESOS-7329 > https://issues.apache.org/jira/browse/MESOS-7329 > > > Repository: mesos > > > Description > ------- > > Framework operations `CREATE_VOLUME`, `DESTROY_VOLUME`, `CREATE_BLOCK`, > `DESTROY_BLOCK` are authorized. Respective ACL actions have been added > to the local authorizer. Currently access can only be given to either > 'ANY' or 'NONE' resource providers. > > > Diffs > ----- > > docs/authorization.md cd8622b9848b7a020c079cc1901e3933fa6eb0c0 > include/mesos/authorizer/acls.proto > e4889939481dabe6c1c2876a54d654f98d00dec8 > include/mesos/authorizer/authorizer.proto > bb1010d7eb97de17807b0a730ce16a4b28bc2aa3 > src/authorizer/local/authorizer.cpp > 61e9ab5ce9f1ce4eee4a3f8502c9b60140efcb7e > src/master/master.hpp 4180341e2c7b16503a4376c501f611bb78ba901c > src/master/master.cpp 4ade16f044f8a4fdafd5afaba4e6a23232f83a5a > src/tests/authorization_tests.cpp f6f77692112d2299f3009fde4468f82bfd934c60 > > > Diff: https://reviews.apache.org/r/67501/diff/3/ > > > Testing > ------- > > make check > > > Thanks, > > Jan Schlicht > >
