[
https://issues.apache.org/jira/browse/MESOS-9562?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Gavin updated MESOS-9562:
-------------------------
Comment: was deleted
(was: www.rtat.net)
> Authorization for DESTROY and UNRESERVE is not symmetrical.
> -----------------------------------------------------------
>
> Key: MESOS-9562
> URL: https://issues.apache.org/jira/browse/MESOS-9562
> Project: Mesos
> Issue Type: Improvement
> Components: master, scheduler api
> Affects Versions: 1.7.1
> Reporter: Alexander Rukletsov
> Priority: Major
> Labels: integration, mesosphere, tech-debt
>
> For [the {{UNRESERVE}}
> case|https://github.com/apache/mesos/blob/5d3ed364c6d1307d88e6b950ae0eef423c426673/src/master/master.cpp#L3661-L3677],
> if the principal was not set, {{.has_principal()}} will be {{false}}, hence
> we will not call {{authorizations.push_back()}}, and hence we will not create
> an authz request with this resource as an object. For [the {{DESTROY}}
> case|https://github.com/apache/mesos/blob/5d3ed364c6d1307d88e6b950ae0eef423c426673/src/master/master.cpp#L3772-L3773],
> if the principal was not set, a default value {{""}} for string will be used
> and hence we will create an authz request with this resource as an object.
> We definitely need to make the behaviour consistent. I'm not sure which
> approach is correct.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
