> On Jan. 28, 2019, 11:12 a.m., Benjamin Bannier wrote: > > It looks like this patch does clean up semantics around unset role values. > > Looking at e.g., the authz for `UNRESERVE`, when previously a resource was > > unreserved (neither `reservations` nor `role`), we would authorize a > > reserve against an empty role. I am not sure we change behavior observable > > to authorizers here. If we do, that's fine and makes sense, but should > > probably be called out.
I believe I haven't changed any behavior observable to authorizers. Taking `UNRESERVE` as an example, when previously a resource was unreserved, the code path looks into `resource.role()`, which would return `*`: https://github.com/apache/mesos/blob/ba87be3fa0e3d5efeb8cac9aea5d6de4c1027772/include/mesos/mesos.proto#L1233. - Chun-Hung ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/69588/#review212376 ----------------------------------------------------------- On Dec. 19, 2018, 11:20 p.m., Chun-Hung Hsiao wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/69588/ > ----------------------------------------------------------- > > (Updated Dec. 19, 2018, 11:20 p.m.) > > > Review request for mesos, Benjamin Bannier, Benjamin Mahler, Michael Park, > and Till Toenshoff. > > > Repository: mesos > > > Description > ------- > > Since the master now upgrades resources to the post-reservation-refinement > format before authorization (see MESOS-7735), the authorization logic in the > master becomes outdated. This patch cleans it up. > > > Diffs > ----- > > src/master/master.cpp b4faf2b077a0288ba36195b7a21402932489d316 > > > Diff: https://reviews.apache.org/r/69588/diff/2/ > > > Testing > ------- > > sudo make check > > > Thanks, > > Chun-Hung Hsiao > >
