----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/58096/#review174445 -----------------------------------------------------------
src/master/http.cpp Line 406 (original), 412-418 (patched) <https://reviews.apache.org/r/58096/#comment247620> More compact and readable if you do: ```c++ if (approveViewFrameworkInfo(frameworkApprover, framework->info)) { writer->element(frameworkId.value()); } ``` src/master/http.cpp Lines 422 (patched) <https://reviews.apache.org/r/58096/#comment247619> I think this comment should be in the previous patch. - Alexander Rojas On May 8, 2017, 9:56 a.m., Jay Guo wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/58096/ > ----------------------------------------------------------- > > (Updated May 8, 2017, 9:56 a.m.) > > > Review request for mesos, Adam B, Alexander Rojas, and Benjamin Mahler. > > > Bugs: MESOS-7260 > https://issues.apache.org/jira/browse/MESOS-7260 > > > Repository: mesos > > > Description > ------- > > While /roles displays a list of frameworksIds that register with > a role, it did NOT filter them based on VIEW_FRAMEWORK ACL, which > impose a security risk. This patch fixed this issue by taking a > frameworksApprover in `Master::Http::roles()` which is used to > filter framework IDs. > > > Diffs > ----- > > src/master/http.cpp e2590a17044ac019b24a24629428d4ec8adc0c31 > > > Diff: https://reviews.apache.org/r/58096/diff/5/ > > > Testing > ------- > > see next patch in the chain. > > > Thanks, > > Jay Guo > >