subject:"Re\: Review Request 52600\: Enable multiple field based authorization in the authorizer interface."

Re: Review Request 52600: Enable multiple field based authorization in the authorizer interface.

2016-11-15 Thread Adam B



> On Nov. 15, 2016, 6:53 p.m., Adam B wrote:
> > Looks great! Just a couple of nits.

Fixing the nits myself and committing.


> On Nov. 15, 2016, 6:53 p.m., Adam B wrote:
> > include/mesos/authorizer/authorizer.proto, lines 68-69
> > 
> >
> > Let's reorder this to put the important information first, and the 
> > deprecation note after.
> > 
> > `REGISTER_FRAMEWORK` sets an object of type `FrameworkInfo`. The 
> > `value` field is no longer used.
> > The `_WITH_ROLE` variant is deprecated and will be removed after Mesos 
> > 1.2's deprecation cycle ends.

Technically `value` is still set until the deprecation cycle ends, so let me 
correct this to:

`REGISTER_FRAMEWORK` will have an object with `FrameworkInfo` set. The 
`_WITH_ROLE` alias is deprecated and will be removed after Mesos 1.2's 
deprecation cycle ends. The `value` field will continue to be set until that 
time.


- Adam


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/52600/#review156015
---


On Nov. 7, 2016, 7:29 a.m., Alexander Rojas wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/52600/
> ---
> 
> (Updated Nov. 7, 2016, 7:29 a.m.)
> 
> 
> Review request for mesos, Adam B, Kapil Arya, and Till Toenshoff.
> 
> 
> Bugs: MESOS-6401
> https://issues.apache.org/jira/browse/MESOS-6401
> 
> 
> Repository: mesos
> 
> 
> Description
> ---
> 
> Updates the authorizer interfaces and well as the local authorizer,
> such that all actions which were limited to use a _role_ or a
> _principal_ as an object, are able to use whole protobuf messages
> as objects. This change enables more sofisticated authorization
> mechanisms.
> 
> 
> Diffs
> -
> 
>   include/mesos/authorizer/authorizer.hpp 
> cb365c7d8d088f2810bde11b72dc20843a18fa51 
>   include/mesos/authorizer/authorizer.proto 
> b6a9f142eecbdfd59210872a92e3126f04de334c 
>   src/authorizer/local/authorizer.cpp 
> f1dff65d973fc84f4171f68fd0391a2343a96965 
> 
> Diff: https://reviews.apache.org/r/52600/diff/
> 
> 
> Testing
> ---
> 
> tests in the last patch of the chain.
> 
> 
> Thanks,
> 
> Alexander Rojas
> 
>

Re: Review Request 52600: Enable multiple field based authorization in the authorizer interface.

2016-11-15 Thread Adam B



> On Nov. 15, 2016, 6:53 p.m., Adam B wrote:
> > src/authorizer/local/authorizer.cpp, lines 231-233
> > 
> >
> > Ooh, only 2 left using 'value'. I wonder if we can ever get rid of it 
> > completely, maybe add explicit "role" and "path" fields to replace it.

Not necessary for this patchset. Just thinking out loud.


> On Nov. 15, 2016, 6:53 p.m., Adam B wrote:
> > src/authorizer/local/authorizer.cpp, line 238
> > 
> >
> > Should these have a chance at ANY if object->value is NULL?

They didn't before, so I'm assuming that's still fine. Value will always be set.


- Adam


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/52600/#review156015
---


On Nov. 7, 2016, 7:29 a.m., Alexander Rojas wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/52600/
> ---
> 
> (Updated Nov. 7, 2016, 7:29 a.m.)
> 
> 
> Review request for mesos, Adam B, Kapil Arya, and Till Toenshoff.
> 
> 
> Bugs: MESOS-6401
> https://issues.apache.org/jira/browse/MESOS-6401
> 
> 
> Repository: mesos
> 
> 
> Description
> ---
> 
> Updates the authorizer interfaces and well as the local authorizer,
> such that all actions which were limited to use a _role_ or a
> _principal_ as an object, are able to use whole protobuf messages
> as objects. This change enables more sofisticated authorization
> mechanisms.
> 
> 
> Diffs
> -
> 
>   include/mesos/authorizer/authorizer.hpp 
> cb365c7d8d088f2810bde11b72dc20843a18fa51 
>   include/mesos/authorizer/authorizer.proto 
> b6a9f142eecbdfd59210872a92e3126f04de334c 
>   src/authorizer/local/authorizer.cpp 
> f1dff65d973fc84f4171f68fd0391a2343a96965 
> 
> Diff: https://reviews.apache.org/r/52600/diff/
> 
> 
> Testing
> ---
> 
> tests in the last patch of the chain.
> 
> 
> Thanks,
> 
> Alexander Rojas
> 
>

Re: Review Request 52600: Enable multiple field based authorization in the authorizer interface.

2016-11-15 Thread Adam B


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/52600/#review156015
---


Fix it, then Ship it!




Looks great! Just a couple of nits.


include/mesos/authorizer/authorizer.proto (lines 68 - 69)


Let's reorder this to put the important information first, and the 
deprecation note after.

`REGISTER_FRAMEWORK` sets an object of type `FrameworkInfo`. The `value` 
field is no longer used.
The `_WITH_ROLE` variant is deprecated and will be removed after Mesos 
1.2's deprecation cycle ends.



src/authorizer/local/authorizer.cpp (lines 224 - 225)


Ooh, only 2 left using 'value'. I wonder if we can ever get rid of it 
completely, maybe add explicit "role" and "path" fields to replace it.



src/authorizer/local/authorizer.cpp (line 230)


Should these have a chance at ANY if object->value is NULL?



src/authorizer/local/authorizer.cpp (line 305)


nit: newline before the breaks, for consistency



src/authorizer/local/authorizer.cpp (line 316)


nit: newline before the breaks, for consistency



src/authorizer/local/authorizer.cpp (line 332)


nit: newline before the breaks, for consistency


- Adam B


On Nov. 7, 2016, 7:29 a.m., Alexander Rojas wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/52600/
> ---
> 
> (Updated Nov. 7, 2016, 7:29 a.m.)
> 
> 
> Review request for mesos, Adam B, Kapil Arya, and Till Toenshoff.
> 
> 
> Bugs: MESOS-6401
> https://issues.apache.org/jira/browse/MESOS-6401
> 
> 
> Repository: mesos
> 
> 
> Description
> ---
> 
> Updates the authorizer interfaces and well as the local authorizer,
> such that all actions which were limited to use a _role_ or a
> _principal_ as an object, are able to use whole protobuf messages
> as objects. This change enables more sofisticated authorization
> mechanisms.
> 
> 
> Diffs
> -
> 
>   include/mesos/authorizer/authorizer.hpp 
> cb365c7d8d088f2810bde11b72dc20843a18fa51 
>   include/mesos/authorizer/authorizer.proto 
> b6a9f142eecbdfd59210872a92e3126f04de334c 
>   src/authorizer/local/authorizer.cpp 
> f1dff65d973fc84f4171f68fd0391a2343a96965 
> 
> Diff: https://reviews.apache.org/r/52600/diff/
> 
> 
> Testing
> ---
> 
> tests in the last patch of the chain.
> 
> 
> Thanks,
> 
> Alexander Rojas
> 
>

Re: Review Request 52600: Enable multiple field based authorization in the authorizer interface.

2016-11-07 Thread Alexander Rojas


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/52600/
---

(Updated Nov. 7, 2016, 4:29 p.m.)


Review request for mesos, Adam B, Kapil Arya, and Till Toenshoff.


Changes
---

Rebasing


Bugs: MESOS-6401
https://issues.apache.org/jira/browse/MESOS-6401


Repository: mesos


Description (updated)
---

Updates the authorizer interfaces and well as the local authorizer,
such that all actions which were limited to use a _role_ or a
_principal_ as an object, are able to use whole protobuf messages
as objects. This change enables more sofisticated authorization
mechanisms.


Diffs (updated)
-

  include/mesos/authorizer/authorizer.hpp 
cb365c7d8d088f2810bde11b72dc20843a18fa51 
  include/mesos/authorizer/authorizer.proto 
b6a9f142eecbdfd59210872a92e3126f04de334c 
  src/authorizer/local/authorizer.cpp f1dff65d973fc84f4171f68fd0391a2343a96965 

Diff: https://reviews.apache.org/r/52600/diff/


Testing
---

tests in the last patch of the chain.


Thanks,

Alexander Rojas

Re: Review Request 52600: Enable multiple field based authorization in the authorizer interface.

2016-10-27 Thread Alexander Rojas


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/52600/
---

(Updated Oct. 28, 2016, 6:08 a.m.)


Review request for mesos, Adam B, Kapil Arya, and Till Toenshoff.


Bugs: MESOS-6401
https://issues.apache.org/jira/browse/MESOS-6401


Repository: mesos


Description
---

Updates the authorizer interfaces and well as the local authorizer,
such that all actions which were limited to use a _role_ or a
_principal_ as an object, are able to use whole protobuf messages
as objects. This change enables more sophisticated authorization
mechanisms.


Diffs (updated)
-

  include/mesos/authorizer/authorizer.hpp 
cb365c7d8d088f2810bde11b72dc20843a18fa51 
  include/mesos/authorizer/authorizer.proto 
b6a9f142eecbdfd59210872a92e3126f04de334c 
  src/authorizer/local/authorizer.cpp f1dff65d973fc84f4171f68fd0391a2343a96965 

Diff: https://reviews.apache.org/r/52600/diff/


Testing
---

tests in the last patch of the chain.


Thanks,

Alexander Rojas

Re: Review Request 52600: Enable multiple field based authorization in the authorizer interface.

2016-10-25 Thread Adam B


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/52600/#review153781
---



Looks good except for the DestroyVolume principal. Close to shippable.


include/mesos/authorizer/authorizer.proto (line 68)


s/vaue/value/



include/mesos/authorizer/authorizer.proto (line 69)


"It" is ambiguous after talking about the other variant. How about 
"REGISTER_FRAMEWORK sets an object..."



src/authorizer/local/authorizer.cpp (line 275)


Is the reservation principal guaranteed to be the same principal that 
created the volume? What about `resource->disk->persistence->principal`?


- Adam B


On Oct. 24, 2016, 1:31 a.m., Alexander Rojas wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/52600/
> ---
> 
> (Updated Oct. 24, 2016, 1:31 a.m.)
> 
> 
> Review request for mesos, Adam B, Kapil Arya, and Till Toenshoff.
> 
> 
> Bugs: MESOS-6401
> https://issues.apache.org/jira/browse/MESOS-6401
> 
> 
> Repository: mesos
> 
> 
> Description
> ---
> 
> Updates the authorizer interfaces and well as the local authorizer,
> such that all actions which were limited to use a _role_ or a
> _principal_ as an object, are able to use whole protobuf messages
> as objects. This change enables more sophisticated authorization
> mechanisms.
> 
> 
> Diffs
> -
> 
>   include/mesos/authorizer/authorizer.hpp 
> cb365c7d8d088f2810bde11b72dc20843a18fa51 
>   include/mesos/authorizer/authorizer.proto 
> b6a9f142eecbdfd59210872a92e3126f04de334c 
>   src/authorizer/local/authorizer.cpp 
> f1dff65d973fc84f4171f68fd0391a2343a96965 
> 
> Diff: https://reviews.apache.org/r/52600/diff/
> 
> 
> Testing
> ---
> 
> tests in the last patch of the chain.
> 
> 
> Thanks,
> 
> Alexander Rojas
> 
>

Re: Review Request 52600: Enable multiple field based authorization in the authorizer interface.

2016-10-24 Thread Alexander Rojas


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/52600/
---

(Updated Oct. 24, 2016, 10:31 a.m.)


Review request for mesos, Adam B, Kapil Arya, and Till Toenshoff.


Bugs: MESOS-6401
https://issues.apache.org/jira/browse/MESOS-6401


Repository: mesos


Description (updated)
---

Updates the authorizer interfaces and well as the local authorizer,
such that all actions which were limited to use a _role_ or a
_principal_ as an object, are able to use whole protobuf messages
as objects. This change enables more sophisticated authorization
mechanisms.


Diffs
-

  include/mesos/authorizer/authorizer.hpp 
cb365c7d8d088f2810bde11b72dc20843a18fa51 
  include/mesos/authorizer/authorizer.proto 
b6a9f142eecbdfd59210872a92e3126f04de334c 
  src/authorizer/local/authorizer.cpp f1dff65d973fc84f4171f68fd0391a2343a96965 

Diff: https://reviews.apache.org/r/52600/diff/


Testing
---

tests in the last patch of the chain.


Thanks,

Alexander Rojas

Re: Review Request 52600: Enable multiple field based authorization in the authorizer interface.

2016-10-20 Thread Alexander Rojas


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/52600/
---

(Updated Oct. 20, 2016, 3:45 p.m.)


Review request for mesos, Adam B, Kapil Arya, and Till Toenshoff.


Bugs: MESOS-6401
https://issues.apache.org/jira/browse/MESOS-6401


Repository: mesos


Description (updated)
---

Updates the authorizer interfaces and well as the local authorizer,
such that all actions which were limited to use a _role_ or a
_principal_ as an object, are able to use whole protobuf messages
as objects. This change enables more sofisticated authorization
mechanisms.


Diffs (updated)
-

  include/mesos/authorizer/authorizer.hpp 
cb365c7d8d088f2810bde11b72dc20843a18fa51 
  include/mesos/authorizer/authorizer.proto 
b6a9f142eecbdfd59210872a92e3126f04de334c 
  src/authorizer/local/authorizer.cpp f1dff65d973fc84f4171f68fd0391a2343a96965 

Diff: https://reviews.apache.org/r/52600/diff/


Testing (updated)
---

tests in the last patch of the chain.


Thanks,

Alexander Rojas

Re: Review Request 52600: Enable multiple field based authorization in the authorizer interface.

2016-10-19 Thread Mesos ReviewBot


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/52600/#review153281
---



Patch looks great!

Reviews applied: [52600]

Passed command: export OS='ubuntu:14.04' BUILDTOOL='autotools' COMPILER='gcc' 
CONFIGURATION='--verbose' ENVIRONMENT='GLOG_v=1 MESOS_VERBOSE=1'; 
./support/docker_build.sh

- Mesos ReviewBot


On Oct. 19, 2016, 8:50 a.m., Alexander Rojas wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/52600/
> ---
> 
> (Updated Oct. 19, 2016, 8:50 a.m.)
> 
> 
> Review request for mesos, Adam B, Kapil Arya, and Till Toenshoff.
> 
> 
> Bugs: MESOS-6401
> https://issues.apache.org/jira/browse/MESOS-6401
> 
> 
> Repository: mesos
> 
> 
> Description
> ---
> 
> Standarize the way in which authorization is perfomed by enabling
> all actions suffixed with `_WITH_ROLE` and `_WITH_PRINCIPAL` to
> perform authorization using whole protobuf messages instead of
> forcing a single field from the message.
> 
> While this change is still in the deprecation cycle, the original
> value is also set.
> 
> 
> Diffs
> -
> 
>   include/mesos/authorizer/authorizer.hpp 
> cb365c7d8d088f2810bde11b72dc20843a18fa51 
>   include/mesos/authorizer/authorizer.proto 
> b6a9f142eecbdfd59210872a92e3126f04de334c 
>   src/authorizer/local/authorizer.cpp 
> f1dff65d973fc84f4171f68fd0391a2343a96965 
>   src/master/http.cpp bb9c87327dfe2161a6f1fd4cded72aa9a5ffaf66 
>   src/master/master.hpp 881f0d6127c4d6a7fccb1677fb3129310777f737 
>   src/master/master.cpp 3c6b18ead44cd5f2978093f5415e974cfcbfa714 
>   src/master/quota_handler.cpp d87d6c6266ba596c4e6bd36124f5a360428fe171 
>   src/master/weights_handler.cpp c240fb2980a7e957136d11ddd3f43ee4761a07dc 
>   src/tests/authorization_tests.cpp 5d7e17b67821357b8cb538798acc883945c8f8fd 
> 
> Diff: https://reviews.apache.org/r/52600/diff/
> 
> 
> Testing
> ---
> 
> make check
> 
> 
> Thanks,
> 
> Alexander Rojas
> 
>

Re: Review Request 52600: Enable multiple field based authorization in the authorizer interface.

2016-10-19 Thread Alexander Rojas



> On Oct. 19, 2016, 12:22 a.m., Till Toenshoff wrote:
> > Seems you got a lot more within this review than planned :)

I didn't notice the rebase problems would happen if one only updates the 
metadata :/


- Alexander


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/52600/#review153194
---


On Oct. 19, 2016, 10:50 a.m., Alexander Rojas wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/52600/
> ---
> 
> (Updated Oct. 19, 2016, 10:50 a.m.)
> 
> 
> Review request for mesos, Adam B, Kapil Arya, and Till Toenshoff.
> 
> 
> Bugs: MESOS-6401
> https://issues.apache.org/jira/browse/MESOS-6401
> 
> 
> Repository: mesos
> 
> 
> Description
> ---
> 
> Standarize the way in which authorization is perfomed by enabling
> all actions suffixed with `_WITH_ROLE` and `_WITH_PRINCIPAL` to
> perform authorization using whole protobuf messages instead of
> forcing a single field from the message.
> 
> While this change is still in the deprecation cycle, the original
> value is also set.
> 
> 
> Diffs
> -
> 
>   include/mesos/authorizer/authorizer.hpp 
> cb365c7d8d088f2810bde11b72dc20843a18fa51 
>   include/mesos/authorizer/authorizer.proto 
> b6a9f142eecbdfd59210872a92e3126f04de334c 
>   src/authorizer/local/authorizer.cpp 
> f1dff65d973fc84f4171f68fd0391a2343a96965 
>   src/master/http.cpp bb9c87327dfe2161a6f1fd4cded72aa9a5ffaf66 
>   src/master/master.hpp 881f0d6127c4d6a7fccb1677fb3129310777f737 
>   src/master/master.cpp 3c6b18ead44cd5f2978093f5415e974cfcbfa714 
>   src/master/quota_handler.cpp d87d6c6266ba596c4e6bd36124f5a360428fe171 
>   src/master/weights_handler.cpp c240fb2980a7e957136d11ddd3f43ee4761a07dc 
>   src/tests/authorization_tests.cpp 5d7e17b67821357b8cb538798acc883945c8f8fd 
> 
> Diff: https://reviews.apache.org/r/52600/diff/
> 
> 
> Testing
> ---
> 
> make check
> 
> 
> Thanks,
> 
> Alexander Rojas
> 
>

Re: Review Request 52600: Enable multiple field based authorization in the authorizer interface.

2016-10-19 Thread Alexander Rojas


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/52600/
---

(Updated Oct. 19, 2016, 10:50 a.m.)


Review request for mesos, Adam B, Kapil Arya, and Till Toenshoff.


Bugs: MESOS-6401
https://issues.apache.org/jira/browse/MESOS-6401


Repository: mesos


Description
---

Standarize the way in which authorization is perfomed by enabling
all actions suffixed with `_WITH_ROLE` and `_WITH_PRINCIPAL` to
perform authorization using whole protobuf messages instead of
forcing a single field from the message.

While this change is still in the deprecation cycle, the original
value is also set.


Diffs (updated)
-

  include/mesos/authorizer/authorizer.hpp 
cb365c7d8d088f2810bde11b72dc20843a18fa51 
  include/mesos/authorizer/authorizer.proto 
b6a9f142eecbdfd59210872a92e3126f04de334c 
  src/authorizer/local/authorizer.cpp f1dff65d973fc84f4171f68fd0391a2343a96965 
  src/master/http.cpp bb9c87327dfe2161a6f1fd4cded72aa9a5ffaf66 
  src/master/master.hpp 881f0d6127c4d6a7fccb1677fb3129310777f737 
  src/master/master.cpp 3c6b18ead44cd5f2978093f5415e974cfcbfa714 
  src/master/quota_handler.cpp d87d6c6266ba596c4e6bd36124f5a360428fe171 
  src/master/weights_handler.cpp c240fb2980a7e957136d11ddd3f43ee4761a07dc 
  src/tests/authorization_tests.cpp 5d7e17b67821357b8cb538798acc883945c8f8fd 

Diff: https://reviews.apache.org/r/52600/diff/


Testing
---

make check


Thanks,

Alexander Rojas

Re: Review Request 52600: Enable multiple field based authorization in the authorizer interface.

2016-10-18 Thread Till Toenshoff


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/52600/#review153194
---



Seems you got a lot more within this review than planned :)

- Till Toenshoff


On Oct. 17, 2016, 10:12 a.m., Alexander Rojas wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/52600/
> ---
> 
> (Updated Oct. 17, 2016, 10:12 a.m.)
> 
> 
> Review request for mesos, Adam B, Kapil Arya, and Till Toenshoff.
> 
> 
> Bugs: MESOS-6401
> https://issues.apache.org/jira/browse/MESOS-6401
> 
> 
> Repository: mesos
> 
> 
> Description
> ---
> 
> Standarize the way in which authorization is perfomed by enabling
> all actions suffixed with `_WITH_ROLE` and `_WITH_PRINCIPAL` to
> perform authorization using whole protobuf messages instead of
> forcing a single field from the message.
> 
> While this change is still in the deprecation cycle, the original
> value is also set.
> 
> 
> Diffs
> -
> 
>   3rdparty/libprocess/Makefile.am 71319891a451bd1d565210dcce2fb61fc69e1f61 
>   3rdparty/libprocess/configure.ac 1644035d7fe1a45c798b13dbfb3c66f74466f2a2 
>   3rdparty/libprocess/include/process/deferred.hpp 
> ee902a6c8de48f17f7401ee7b3814d92eabd65f8 
>   3rdparty/libprocess/src/openssl.cpp 
> 8e4e0490a84c46e8f4842cf567f55a3c988ad445 
>   3rdparty/libprocess/src/process.cpp 
> 18a8e206f6f297157d246a94f374311be67cd782 
>   3rdparty/libprocess/src/tests/CMakeLists.txt 
> 66597fd3021bc7c3c53cb0f38416edc85ace5a9b 
>   3rdparty/libprocess/src/tests/future_tests.cpp 
> 7c411c7be1849119fe0b070622dbe4488fa11b7a 
>   3rdparty/libprocess/src/tests/http_tests.cpp 
> 533104c93dd1eaf67bf3752163d2e0cad090078d 
>   3rdparty/libprocess/src/tests/limiter_tests.cpp 
> b80b1da214f97b50aa7b61b79bbf683fd01116aa 
>   3rdparty/libprocess/src/tests/metrics_tests.cpp 
> d7fdb06060b273e16be27a263b5ee268842aa25c 
>   3rdparty/libprocess/src/tests/process_tests.cpp 
> a4af54aa78c162bc0ecbe2f25796d8c9b12e0f31 
>   3rdparty/libprocess/src/tests/reap_tests.cpp 
> 30518dee6c2fb904a607c7a457a5ec7366aab818 
>   3rdparty/libprocess/src/tests/subprocess_tests.cpp 
> 483ac1c5540d54921de1c1488ccb5e63b17ac481 
>   3rdparty/libprocess/src/tests/time_tests.cpp 
> 08ddb56f1789f400b8cd072c53e885c759f13ddc 
>   3rdparty/stout/Makefile.am 4e10ae25a6c8a2d01d7b98b04ccf06a216611938 
>   3rdparty/stout/README.md 693e3a3e76300f7fa6c6f6518497edf44cc9f6a2 
>   3rdparty/stout/configure.ac cbb0fdb0e1584ace7bbd6bf496f0f55b9846ce0b 
>   3rdparty/stout/include/Makefile.am 1eb9c146d3eebacaea32e0f724d145f0c1dd676f 
>   3rdparty/stout/include/stout/flags/flags.hpp 
> 794a598169684c8474184b47de533498f3b234e0 
>   3rdparty/stout/include/stout/gtest.hpp 
> b2f75b6c706df9de68edbac86a1e2dec32a574ed 
>   3rdparty/stout/include/stout/mac.hpp 
> 7ed5f38ae4f93e267406254cb2acff201faffe45 
>   3rdparty/stout/include/stout/os.hpp 
> 96e8621b198a3ec4cce78e0a6ff5f271eda05ff1 
>   3rdparty/stout/include/stout/os/linux.hpp 
> bf12e0b0577810c64cc8276ff0d987524327ffcd 
>   3rdparty/stout/include/stout/os/posix/killtree.hpp 
> f47f0d85f88bf69b5a9ae74e32d4f41c9f4a985a 
>   3rdparty/stout/include/stout/os/posix/shell.hpp 
> 70a9184e85ba322f1cd4ce5d12b963cd4b3ad500 
>   3rdparty/stout/include/stout/os/raw/environment.hpp 
> b3e82ac8071b41748aeb098b7d5fcc210a1d3c43 
>   3rdparty/stout/include/stout/os/wait.hpp 
> 5f6483c0d754dd1c1f5fdcfc542a0cc05c0a8df5 
>   3rdparty/stout/include/stout/os/windows/rmdir.hpp 
> 4437484c068e9ef046e0be14683c97db447f2da1 
>   3rdparty/stout/include/stout/os/windows/shell.hpp 
> 17e3d564564abebf1d558b7a7a277aef3c87e5ae 
>   3rdparty/stout/include/stout/windows/os.hpp 
> 7ca0b5dc9793369ea142684e3614e8f33cac64b6 
>   3rdparty/stout/tests/CMakeLists.txt 
> e52aa62479a345bbcee70047109ebd80b8f9813d 
>   3rdparty/stout/tests/flags_tests.cpp 
> 201b16a6c040e32f8a14fa7a2520c86997c363ad 
>   3rdparty/stout/tests/ip_tests.cpp b5a206fe5fdcdadaa383698f505d87ddb2c6806d 
>   3rdparty/stout/tests/mac_tests.cpp d4560e75ae4e03d1765c599298e88842381690b9 
>   3rdparty/stout/tests/os/process_tests.cpp 
> 4cb3b5fab389492bdc1258a27e821e60aef19dc8 
>   3rdparty/stout/tests/os/rmdir_tests.cpp 
> 9aa4059d589e84f3c377163b1d6d2a278d4130b6 
>   3rdparty/stout/tests/os_tests.cpp 0b7ee0723b6a608d6f110fa8ac16e0fd7b75ddea 
>   CHANGELOG 2e0da96d055c7a4c228726c628d94f3414b2be86 
>   configure.ac 015255ec1876a51b9eb2cf488b375af90f73c722 
>   docs/app-framework-development-guide.md 
> de92c7570cd0d0ac8639ce50a79e5158844ac53c 
>   docs/configuration.md c83a58eb6884c8d8c37880a745e04cf0b789ebdc 
>   docs/contributors.yaml aa49acd188fada6659626d6cb9224c0dfc671f0f 
>   docs/design-docs.md 7fafd09c7178559fedfa037faee0debfc29a927c 
>   docs/docker-containerizer.md bab84dc2b0ce104b3ec59aaf0ef800b418a6517c 
>   docs/

Re: Review Request 52600: Enable multiple field based authorization in the authorizer interface.

2016-10-17 Thread Mesos ReviewBot


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/52600/#review152847
---



Patch looks great!

Reviews applied: [52600]

Passed command: export OS='ubuntu:14.04' BUILDTOOL='autotools' COMPILER='gcc' 
CONFIGURATION='--verbose' ENVIRONMENT='GLOG_v=1 MESOS_VERBOSE=1'; 
./support/docker_build.sh

- Mesos ReviewBot


On Oct. 17, 2016, 10:12 a.m., Alexander Rojas wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/52600/
> ---
> 
> (Updated Oct. 17, 2016, 10:12 a.m.)
> 
> 
> Review request for mesos, Adam B, Kapil Arya, and Till Toenshoff.
> 
> 
> Bugs: MESOS-6401
> https://issues.apache.org/jira/browse/MESOS-6401
> 
> 
> Repository: mesos
> 
> 
> Description
> ---
> 
> Standarize the way in which authorization is perfomed by enabling
> all actions suffixed with `_WITH_ROLE` and `_WITH_PRINCIPAL` to
> perform authorization using whole protobuf messages instead of
> forcing a single field from the message.
> 
> While this change is still in the deprecation cycle, the original
> value is also set.
> 
> 
> Diffs
> -
> 
>   3rdparty/libprocess/Makefile.am 71319891a451bd1d565210dcce2fb61fc69e1f61 
>   3rdparty/libprocess/configure.ac 1644035d7fe1a45c798b13dbfb3c66f74466f2a2 
>   3rdparty/libprocess/include/process/deferred.hpp 
> ee902a6c8de48f17f7401ee7b3814d92eabd65f8 
>   3rdparty/libprocess/src/openssl.cpp 
> 8e4e0490a84c46e8f4842cf567f55a3c988ad445 
>   3rdparty/libprocess/src/process.cpp 
> 18a8e206f6f297157d246a94f374311be67cd782 
>   3rdparty/libprocess/src/tests/CMakeLists.txt 
> 66597fd3021bc7c3c53cb0f38416edc85ace5a9b 
>   3rdparty/libprocess/src/tests/future_tests.cpp 
> 7c411c7be1849119fe0b070622dbe4488fa11b7a 
>   3rdparty/libprocess/src/tests/http_tests.cpp 
> 533104c93dd1eaf67bf3752163d2e0cad090078d 
>   3rdparty/libprocess/src/tests/limiter_tests.cpp 
> b80b1da214f97b50aa7b61b79bbf683fd01116aa 
>   3rdparty/libprocess/src/tests/metrics_tests.cpp 
> d7fdb06060b273e16be27a263b5ee268842aa25c 
>   3rdparty/libprocess/src/tests/process_tests.cpp 
> a4af54aa78c162bc0ecbe2f25796d8c9b12e0f31 
>   3rdparty/libprocess/src/tests/reap_tests.cpp 
> 30518dee6c2fb904a607c7a457a5ec7366aab818 
>   3rdparty/libprocess/src/tests/subprocess_tests.cpp 
> 483ac1c5540d54921de1c1488ccb5e63b17ac481 
>   3rdparty/libprocess/src/tests/time_tests.cpp 
> 08ddb56f1789f400b8cd072c53e885c759f13ddc 
>   3rdparty/stout/Makefile.am 4e10ae25a6c8a2d01d7b98b04ccf06a216611938 
>   3rdparty/stout/README.md 693e3a3e76300f7fa6c6f6518497edf44cc9f6a2 
>   3rdparty/stout/configure.ac cbb0fdb0e1584ace7bbd6bf496f0f55b9846ce0b 
>   3rdparty/stout/include/Makefile.am 1eb9c146d3eebacaea32e0f724d145f0c1dd676f 
>   3rdparty/stout/include/stout/flags/flags.hpp 
> 794a598169684c8474184b47de533498f3b234e0 
>   3rdparty/stout/include/stout/gtest.hpp 
> b2f75b6c706df9de68edbac86a1e2dec32a574ed 
>   3rdparty/stout/include/stout/mac.hpp 
> 7ed5f38ae4f93e267406254cb2acff201faffe45 
>   3rdparty/stout/include/stout/os.hpp 
> 96e8621b198a3ec4cce78e0a6ff5f271eda05ff1 
>   3rdparty/stout/include/stout/os/linux.hpp 
> bf12e0b0577810c64cc8276ff0d987524327ffcd 
>   3rdparty/stout/include/stout/os/posix/killtree.hpp 
> f47f0d85f88bf69b5a9ae74e32d4f41c9f4a985a 
>   3rdparty/stout/include/stout/os/posix/shell.hpp 
> 70a9184e85ba322f1cd4ce5d12b963cd4b3ad500 
>   3rdparty/stout/include/stout/os/raw/environment.hpp 
> b3e82ac8071b41748aeb098b7d5fcc210a1d3c43 
>   3rdparty/stout/include/stout/os/wait.hpp 
> 5f6483c0d754dd1c1f5fdcfc542a0cc05c0a8df5 
>   3rdparty/stout/include/stout/os/windows/rmdir.hpp 
> 4437484c068e9ef046e0be14683c97db447f2da1 
>   3rdparty/stout/include/stout/os/windows/shell.hpp 
> 17e3d564564abebf1d558b7a7a277aef3c87e5ae 
>   3rdparty/stout/include/stout/windows/os.hpp 
> 7ca0b5dc9793369ea142684e3614e8f33cac64b6 
>   3rdparty/stout/tests/CMakeLists.txt 
> e52aa62479a345bbcee70047109ebd80b8f9813d 
>   3rdparty/stout/tests/flags_tests.cpp 
> 201b16a6c040e32f8a14fa7a2520c86997c363ad 
>   3rdparty/stout/tests/ip_tests.cpp b5a206fe5fdcdadaa383698f505d87ddb2c6806d 
>   3rdparty/stout/tests/mac_tests.cpp d4560e75ae4e03d1765c599298e88842381690b9 
>   3rdparty/stout/tests/os/process_tests.cpp 
> 4cb3b5fab389492bdc1258a27e821e60aef19dc8 
>   3rdparty/stout/tests/os/rmdir_tests.cpp 
> 9aa4059d589e84f3c377163b1d6d2a278d4130b6 
>   3rdparty/stout/tests/os_tests.cpp 0b7ee0723b6a608d6f110fa8ac16e0fd7b75ddea 
>   CHANGELOG 2e0da96d055c7a4c228726c628d94f3414b2be86 
>   configure.ac 015255ec1876a51b9eb2cf488b375af90f73c722 
>   docs/app-framework-development-guide.md 
> de92c7570cd0d0ac8639ce50a79e5158844ac53c 
>   docs/configuration.md c83a58eb6884c8d8c37880a745e04cf0b789ebdc 
>   docs/contributors.yaml aa49acd188fada6659626d6cb9224c0df

Re: Review Request 52600: Enable multiple field based authorization in the authorizer interface.

2016-10-17 Thread Alexander Rojas


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/52600/
---

(Updated Oct. 17, 2016, 12:12 p.m.)


Review request for mesos, Adam B, Kapil Arya, and Till Toenshoff.


Bugs: MESOS-6401
https://issues.apache.org/jira/browse/MESOS-6401


Repository: mesos


Description (updated)
---

Standarize the way in which authorization is perfomed by enabling
all actions suffixed with `_WITH_ROLE` and `_WITH_PRINCIPAL` to
perform authorization using whole protobuf messages instead of
forcing a single field from the message.

While this change is still in the deprecation cycle, the original
value is also set.


Diffs
-

  3rdparty/libprocess/Makefile.am 71319891a451bd1d565210dcce2fb61fc69e1f61 
  3rdparty/libprocess/configure.ac 1644035d7fe1a45c798b13dbfb3c66f74466f2a2 
  3rdparty/libprocess/include/process/deferred.hpp 
ee902a6c8de48f17f7401ee7b3814d92eabd65f8 
  3rdparty/libprocess/src/openssl.cpp 8e4e0490a84c46e8f4842cf567f55a3c988ad445 
  3rdparty/libprocess/src/process.cpp 18a8e206f6f297157d246a94f374311be67cd782 
  3rdparty/libprocess/src/tests/CMakeLists.txt 
66597fd3021bc7c3c53cb0f38416edc85ace5a9b 
  3rdparty/libprocess/src/tests/future_tests.cpp 
7c411c7be1849119fe0b070622dbe4488fa11b7a 
  3rdparty/libprocess/src/tests/http_tests.cpp 
533104c93dd1eaf67bf3752163d2e0cad090078d 
  3rdparty/libprocess/src/tests/limiter_tests.cpp 
b80b1da214f97b50aa7b61b79bbf683fd01116aa 
  3rdparty/libprocess/src/tests/metrics_tests.cpp 
d7fdb06060b273e16be27a263b5ee268842aa25c 
  3rdparty/libprocess/src/tests/process_tests.cpp 
a4af54aa78c162bc0ecbe2f25796d8c9b12e0f31 
  3rdparty/libprocess/src/tests/reap_tests.cpp 
30518dee6c2fb904a607c7a457a5ec7366aab818 
  3rdparty/libprocess/src/tests/subprocess_tests.cpp 
483ac1c5540d54921de1c1488ccb5e63b17ac481 
  3rdparty/libprocess/src/tests/time_tests.cpp 
08ddb56f1789f400b8cd072c53e885c759f13ddc 
  3rdparty/stout/Makefile.am 4e10ae25a6c8a2d01d7b98b04ccf06a216611938 
  3rdparty/stout/README.md 693e3a3e76300f7fa6c6f6518497edf44cc9f6a2 
  3rdparty/stout/configure.ac cbb0fdb0e1584ace7bbd6bf496f0f55b9846ce0b 
  3rdparty/stout/include/Makefile.am 1eb9c146d3eebacaea32e0f724d145f0c1dd676f 
  3rdparty/stout/include/stout/flags/flags.hpp 
794a598169684c8474184b47de533498f3b234e0 
  3rdparty/stout/include/stout/gtest.hpp 
b2f75b6c706df9de68edbac86a1e2dec32a574ed 
  3rdparty/stout/include/stout/mac.hpp 7ed5f38ae4f93e267406254cb2acff201faffe45 
  3rdparty/stout/include/stout/os.hpp 96e8621b198a3ec4cce78e0a6ff5f271eda05ff1 
  3rdparty/stout/include/stout/os/linux.hpp 
bf12e0b0577810c64cc8276ff0d987524327ffcd 
  3rdparty/stout/include/stout/os/posix/killtree.hpp 
f47f0d85f88bf69b5a9ae74e32d4f41c9f4a985a 
  3rdparty/stout/include/stout/os/posix/shell.hpp 
70a9184e85ba322f1cd4ce5d12b963cd4b3ad500 
  3rdparty/stout/include/stout/os/raw/environment.hpp 
b3e82ac8071b41748aeb098b7d5fcc210a1d3c43 
  3rdparty/stout/include/stout/os/wait.hpp 
5f6483c0d754dd1c1f5fdcfc542a0cc05c0a8df5 
  3rdparty/stout/include/stout/os/windows/rmdir.hpp 
4437484c068e9ef046e0be14683c97db447f2da1 
  3rdparty/stout/include/stout/os/windows/shell.hpp 
17e3d564564abebf1d558b7a7a277aef3c87e5ae 
  3rdparty/stout/include/stout/windows/os.hpp 
7ca0b5dc9793369ea142684e3614e8f33cac64b6 
  3rdparty/stout/tests/CMakeLists.txt e52aa62479a345bbcee70047109ebd80b8f9813d 
  3rdparty/stout/tests/flags_tests.cpp 201b16a6c040e32f8a14fa7a2520c86997c363ad 
  3rdparty/stout/tests/ip_tests.cpp b5a206fe5fdcdadaa383698f505d87ddb2c6806d 
  3rdparty/stout/tests/mac_tests.cpp d4560e75ae4e03d1765c599298e88842381690b9 
  3rdparty/stout/tests/os/process_tests.cpp 
4cb3b5fab389492bdc1258a27e821e60aef19dc8 
  3rdparty/stout/tests/os/rmdir_tests.cpp 
9aa4059d589e84f3c377163b1d6d2a278d4130b6 
  3rdparty/stout/tests/os_tests.cpp 0b7ee0723b6a608d6f110fa8ac16e0fd7b75ddea 
  CHANGELOG 2e0da96d055c7a4c228726c628d94f3414b2be86 
  configure.ac 015255ec1876a51b9eb2cf488b375af90f73c722 
  docs/app-framework-development-guide.md 
de92c7570cd0d0ac8639ce50a79e5158844ac53c 
  docs/configuration.md c83a58eb6884c8d8c37880a745e04cf0b789ebdc 
  docs/contributors.yaml aa49acd188fada6659626d6cb9224c0dfc671f0f 
  docs/design-docs.md 7fafd09c7178559fedfa037faee0debfc29a927c 
  docs/docker-containerizer.md bab84dc2b0ce104b3ec59aaf0ef800b418a6517c 
  docs/executor-http-api.md a3b8d6f7cff4f182c8fb77dc216d82eca1d30e7c 
  docs/home.md 1c6b191bd194a9100ce1ad4bf5aff62a20ed8f41 
  docs/oversubscription.md ec7194638003d90a1a7a6eab722fb6ea9ff56732 
  docs/scheduler-http-api.md 958cfc52496b1585564e019f9ce8b06a623f2d5c 
  docs/shared-resources.md 29e43389c530f816118a32dcd7c2f1b82b0af431 
  docs/upgrades.md 8e45fdbb485829930f9b918d1d6f24893228e873 
  include/mesos/authorizer/authorizer.hpp 
cb365c7d8d088f2810bde11b72dc20843a18fa51 
  include/mesos/authorizer/authorizer.proto 
b6a9f142eecbdfd59210872a92e3126f04de334c 
  include/mesos/

Re: Review Request 52600: Enable multiple field based authorization in the authorizer interface.

2016-10-17 Thread Alexander Rojas


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/52600/
---

(Updated Oct. 17, 2016, 12:10 p.m.)


Review request for mesos, Adam B, Kapil Arya, and Till Toenshoff.


Bugs: MESOS-6401
https://issues.apache.org/jira/browse/MESOS-6401


Repository: mesos


Description (updated)
---

Standarize the way in which authorization is perfomed by enabling
all actions suffixed with `_WITH_ROLE` and `_WITH_PRINCIPAL` to
perform authorization using whole protobuf messages instead of
forcing a single field from the message.

While this change is still in the deprecation cycle, the original
value is also set.


Diffs (updated)
-

  3rdparty/libprocess/Makefile.am 71319891a451bd1d565210dcce2fb61fc69e1f61 
  3rdparty/libprocess/configure.ac 1644035d7fe1a45c798b13dbfb3c66f74466f2a2 
  3rdparty/libprocess/include/process/deferred.hpp 
ee902a6c8de48f17f7401ee7b3814d92eabd65f8 
  3rdparty/libprocess/src/openssl.cpp 8e4e0490a84c46e8f4842cf567f55a3c988ad445 
  3rdparty/libprocess/src/process.cpp 18a8e206f6f297157d246a94f374311be67cd782 
  3rdparty/libprocess/src/tests/CMakeLists.txt 
66597fd3021bc7c3c53cb0f38416edc85ace5a9b 
  3rdparty/libprocess/src/tests/future_tests.cpp 
7c411c7be1849119fe0b070622dbe4488fa11b7a 
  3rdparty/libprocess/src/tests/http_tests.cpp 
533104c93dd1eaf67bf3752163d2e0cad090078d 
  3rdparty/libprocess/src/tests/limiter_tests.cpp 
b80b1da214f97b50aa7b61b79bbf683fd01116aa 
  3rdparty/libprocess/src/tests/metrics_tests.cpp 
d7fdb06060b273e16be27a263b5ee268842aa25c 
  3rdparty/libprocess/src/tests/process_tests.cpp 
a4af54aa78c162bc0ecbe2f25796d8c9b12e0f31 
  3rdparty/libprocess/src/tests/reap_tests.cpp 
30518dee6c2fb904a607c7a457a5ec7366aab818 
  3rdparty/libprocess/src/tests/subprocess_tests.cpp 
483ac1c5540d54921de1c1488ccb5e63b17ac481 
  3rdparty/libprocess/src/tests/time_tests.cpp 
08ddb56f1789f400b8cd072c53e885c759f13ddc 
  3rdparty/stout/Makefile.am 4e10ae25a6c8a2d01d7b98b04ccf06a216611938 
  3rdparty/stout/README.md 693e3a3e76300f7fa6c6f6518497edf44cc9f6a2 
  3rdparty/stout/configure.ac cbb0fdb0e1584ace7bbd6bf496f0f55b9846ce0b 
  3rdparty/stout/include/Makefile.am 1eb9c146d3eebacaea32e0f724d145f0c1dd676f 
  3rdparty/stout/include/stout/flags/flags.hpp 
794a598169684c8474184b47de533498f3b234e0 
  3rdparty/stout/include/stout/gtest.hpp 
b2f75b6c706df9de68edbac86a1e2dec32a574ed 
  3rdparty/stout/include/stout/mac.hpp 7ed5f38ae4f93e267406254cb2acff201faffe45 
  3rdparty/stout/include/stout/os.hpp 96e8621b198a3ec4cce78e0a6ff5f271eda05ff1 
  3rdparty/stout/include/stout/os/linux.hpp 
bf12e0b0577810c64cc8276ff0d987524327ffcd 
  3rdparty/stout/include/stout/os/posix/killtree.hpp 
f47f0d85f88bf69b5a9ae74e32d4f41c9f4a985a 
  3rdparty/stout/include/stout/os/posix/shell.hpp 
70a9184e85ba322f1cd4ce5d12b963cd4b3ad500 
  3rdparty/stout/include/stout/os/raw/environment.hpp 
b3e82ac8071b41748aeb098b7d5fcc210a1d3c43 
  3rdparty/stout/include/stout/os/wait.hpp 
5f6483c0d754dd1c1f5fdcfc542a0cc05c0a8df5 
  3rdparty/stout/include/stout/os/windows/rmdir.hpp 
4437484c068e9ef046e0be14683c97db447f2da1 
  3rdparty/stout/include/stout/os/windows/shell.hpp 
17e3d564564abebf1d558b7a7a277aef3c87e5ae 
  3rdparty/stout/include/stout/windows/os.hpp 
7ca0b5dc9793369ea142684e3614e8f33cac64b6 
  3rdparty/stout/tests/CMakeLists.txt e52aa62479a345bbcee70047109ebd80b8f9813d 
  3rdparty/stout/tests/flags_tests.cpp 201b16a6c040e32f8a14fa7a2520c86997c363ad 
  3rdparty/stout/tests/ip_tests.cpp b5a206fe5fdcdadaa383698f505d87ddb2c6806d 
  3rdparty/stout/tests/mac_tests.cpp d4560e75ae4e03d1765c599298e88842381690b9 
  3rdparty/stout/tests/os/process_tests.cpp 
4cb3b5fab389492bdc1258a27e821e60aef19dc8 
  3rdparty/stout/tests/os/rmdir_tests.cpp 
9aa4059d589e84f3c377163b1d6d2a278d4130b6 
  3rdparty/stout/tests/os_tests.cpp 0b7ee0723b6a608d6f110fa8ac16e0fd7b75ddea 
  CHANGELOG 2e0da96d055c7a4c228726c628d94f3414b2be86 
  configure.ac 015255ec1876a51b9eb2cf488b375af90f73c722 
  docs/app-framework-development-guide.md 
de92c7570cd0d0ac8639ce50a79e5158844ac53c 
  docs/configuration.md c83a58eb6884c8d8c37880a745e04cf0b789ebdc 
  docs/contributors.yaml aa49acd188fada6659626d6cb9224c0dfc671f0f 
  docs/design-docs.md 7fafd09c7178559fedfa037faee0debfc29a927c 
  docs/docker-containerizer.md bab84dc2b0ce104b3ec59aaf0ef800b418a6517c 
  docs/executor-http-api.md a3b8d6f7cff4f182c8fb77dc216d82eca1d30e7c 
  docs/home.md 1c6b191bd194a9100ce1ad4bf5aff62a20ed8f41 
  docs/oversubscription.md ec7194638003d90a1a7a6eab722fb6ea9ff56732 
  docs/scheduler-http-api.md 958cfc52496b1585564e019f9ce8b06a623f2d5c 
  docs/shared-resources.md 29e43389c530f816118a32dcd7c2f1b82b0af431 
  docs/upgrades.md 8e45fdbb485829930f9b918d1d6f24893228e873 
  include/mesos/authorizer/authorizer.hpp 
cb365c7d8d088f2810bde11b72dc20843a18fa51 
  include/mesos/authorizer/authorizer.proto 
b6a9f142eecbdfd59210872a92e3126f04de334c 
  incl

Re: Review Request 52600: Enable multiple field based authorization in the authorizer interface.

2016-10-17 Thread Alexander Rojas


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/52600/
---

(Updated Oct. 17, 2016, 10:14 a.m.)


Review request for mesos, Adam B, Kapil Arya, and Till Toenshoff.


Repository: mesos


Description
---

Standarize the way in which authorization is perfomed by enabling
all actions suffixed with `_WITH_ROLE` and `_WITH_PRINCIPAL` to
perform authorization using whole protobuf messages instead of
forcing a single field from the message.

While this change is still in the deprecation cycle, the original
value is also set.


Diffs
-

  include/mesos/authorizer/authorizer.hpp 
cb365c7d8d088f2810bde11b72dc20843a18fa51 
  include/mesos/authorizer/authorizer.proto 
b6a9f142eecbdfd59210872a92e3126f04de334c 
  src/authorizer/local/authorizer.cpp f1dff65d973fc84f4171f68fd0391a2343a96965 
  src/master/http.cpp 402b5fdfc33bee5a0f407c7426fc1145f274d35e 
  src/master/master.hpp 43518b9bf1bfaa54e26acc7f2e70c4161c667a84 
  src/master/master.cpp 02a2fb29bdd8484fc90e5cb033ac29b49a141860 
  src/master/quota_handler.cpp d87d6c6266ba596c4e6bd36124f5a360428fe171 
  src/master/weights_handler.cpp c240fb2980a7e957136d11ddd3f43ee4761a07dc 
  src/tests/authorization_tests.cpp 5d7e17b67821357b8cb538798acc883945c8f8fd 

Diff: https://reviews.apache.org/r/52600/diff/


Testing
---

make check


Thanks,

Alexander Rojas

Re: Review Request 52600: Enable multiple field based authorization in the authorizer interface.

Re: Review Request 52600: Enable multiple field based authorization in the authorizer interface.

Re: Review Request 52600: Enable multiple field based authorization in the authorizer interface.

Re: Review Request 52600: Enable multiple field based authorization in the authorizer interface.

Re: Review Request 52600: Enable multiple field based authorization in the authorizer interface.

Re: Review Request 52600: Enable multiple field based authorization in the authorizer interface.

Re: Review Request 52600: Enable multiple field based authorization in the authorizer interface.

Re: Review Request 52600: Enable multiple field based authorization in the authorizer interface.

Re: Review Request 52600: Enable multiple field based authorization in the authorizer interface.

Re: Review Request 52600: Enable multiple field based authorization in the authorizer interface.

Re: Review Request 52600: Enable multiple field based authorization in the authorizer interface.

Re: Review Request 52600: Enable multiple field based authorization in the authorizer interface.

Re: Review Request 52600: Enable multiple field based authorization in the authorizer interface.

Re: Review Request 52600: Enable multiple field based authorization in the authorizer interface.

Re: Review Request 52600: Enable multiple field based authorization in the authorizer interface.

Re: Review Request 52600: Enable multiple field based authorization in the authorizer interface.

16 matches

Site Navigation

Mail list logo

Footer information