[ https://issues.apache.org/jira/browse/MESOS-7260?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Benjamin Mahler updated MESOS-7260: ----------------------------------- Shepherd: Adam B To confirm, [~arojas] and [~adam-mesos] can you guys review / shepherd this? > Authorization for `/role` endpoint should take both VIEW_ROLES and > VIEW_FRAMEWORKS into account. > ------------------------------------------------------------------------------------------------ > > Key: MESOS-7260 > URL: https://issues.apache.org/jira/browse/MESOS-7260 > Project: Mesos > Issue Type: Bug > Components: HTTP API, master > Reporter: Jay Guo > Assignee: Jay Guo > > Consider following case: both {{framework1}} and {{framework2}} subscribe to > {{roleX}}, {{principal}} is allowed to view {{roleX}} and {{framework1}}, but > *NOT* {{framework2}}, therefore, {{/role}} endpoint should only contain > {{framework1}}, but not both frameworks. -- This message was sent by Atlassian JIRA (v6.3.15#6346)