Uploaded image for project: 'Mesos'
  1. Mesos
  2. MESOS-9562

Authorization for DESTROY and UNRESERVE is not symmetrical.

Attach filesAttach ScreenshotAdd voteVotersWatch issueWatchersLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    Description

      For the UNRESERVE case, if the principal was not set, .has_principal() will be false, hence we will not call authorizations.push_back(), and hence we will not create an authz request with this resource as an object. For the DESTROY case, if the principal was not set, a default value "" for string will be used and hence we will create an authz request with this resource as an object.

      We definitely need to make the behaviour consistent. I'm not sure which approach is correct.

      Attachments

        Activity
          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            Unassigned Unassigned
            alexr Alex R
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:

              Slack

                Issue deployment