----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/18730/#review37339 -----------------------------------------------------------
include/mesos/mesos.proto <https://reviews.apache.org/r/18730/#comment68858> How does this play along with 'permissive'? include/mesos/mesos.proto <https://reviews.apache.org/r/18730/#comment68856> I'm confused about how this should read. When I think of ACLs, I think Subject(s) can/cannot Action Object(s), which here would read that these principals are AllocatableTo this Role. However, in protobuf Ser/De, it will read more like role.role = "roleX"; and role.allocatable_to.principals = "foo,bar"; So, the logic reads the reverse (object.action.subject). Is that weird to anybody else? include/mesos/mesos.proto <https://reviews.apache.org/r/18730/#comment68862> What is 'principals' supposed to represent here? Slaves? So that slave1 and slave2 are allocatable_to a particular role (e.g. marketing)? Maybe 'principals' should be named something more explicit. include/mesos/mesos.proto <https://reviews.apache.org/r/18730/#comment68860> Would we ever want to encode multiple roles in the same Role message? If so, perhaps we should instead have "repeated string roles". It's much easier to change from a repeated field to optional/deprecated, but not so with a required field. include/mesos/mesos.proto <https://reviews.apache.org/r/18730/#comment68859> Subject is LaunchableBy Object (principals are launchable_by user), or v.v. user.launchable_by.principals? include/mesos/mesos.proto <https://reviews.apache.org/r/18730/#comment68863> Again, what are the 'principals'? Frameworks? I can understand if we're saying that these frameworks are launchable_by this user. include/mesos/mesos.proto <https://reviews.apache.org/r/18730/#comment68861> Would we ever want to encode multiple users in the same User message? "repeated string users". include/mesos/mesos.proto <https://reviews.apache.org/r/18730/#comment68857> s/no on/no one/ - Adam B On March 14, 2014, 5:45 p.m., Vinod Kone wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/18730/ > ----------------------------------------------------------- > > (Updated March 14, 2014, 5:45 p.m.) > > > Review request for mesos, Adam B, Benjamin Hindman, and Niklas Nielsen. > > > Bugs: MESOS-911 > https://issues.apache.org/jira/browse/MESOS-911 > > > Repository: mesos-git > > > Description > ------- > > See summary. > > > Diffs > ----- > > include/mesos/mesos.proto 37f8a7fcd23d467b1274c46c405b836510afbd49 > src/Makefile.am ce7913be8432290a01fdcdede0fb9b5233745031 > src/authorizer/authorizer.hpp PRE-CREATION > src/tests/authorization_tests.cpp PRE-CREATION > src/tests/master_contender_detector_tests.cpp > 8da7420e18c7a960b566fae13a5975857eb777ee > > Diff: https://reviews.apache.org/r/18730/diff/ > > > Testing > ------- > > make check > > > Thanks, > > Vinod Kone > >
