#include <http.hpp>
Public Member Functions | |
| Try< bool > | approved (const Option< ObjectApprover::Object > &object) const noexceptoverride |
This method returns whether access to the specified object is authorized or not, or Error. More... | |
 Public Member Functions inherited from mesos::ObjectApprover | |
| virtual | ~ObjectApprover ()=default |
Member Function Documentation
|
inlineoverridevirtualnoexcept |
This method returns whether access to the specified object is authorized or not, or Error.
The Error is returned in case of:
- transient authorization failures
- authorizer or underlying systems being in invalid state
- the
Objectprovided by Mesos is invalid
Note that this method is not idempotent; the result might change due to modifications of internal state of ObjectApprover performed by the authorizer to keep ObjectApprover valid.
For example, if the authorizer is backed by an external IAM, from which it fetches permissions, changing permissions for the authorization Subject in the IAM might result in the response changing from false to true for the same Object. Also, in this example, failure to keep permissions up-to-date due to malfunctions of the IAM/network will be reported as an Error being returned by this method until the permissions are updated successfully.
NOTE: As this method can be used synchronously by actors, it is essential that its implementation does not block. Specifically, calling blocking libprocess functions from this method can cause deadlock!
Implements mesos::ObjectApprover.
The documentation for this class was generated from the following file:
- src/common/http.hpp
