#include <authorizer.hpp>
mesos::internal::LocalAuthorizer::~LocalAuthorizer |
( |
| ) |
|
|
override |
process::Future<bool> mesos::internal::LocalAuthorizer::authorized |
( |
const authorization::Request & |
request | ) |
|
|
overridevirtual |
Checks with the identity server back end whether request
is allowed by the policies of the identity server, i.e.
request.subject
can perform request.action
with request.object
. For details on how the request is built and what its parts are, refer to "authorizer.proto".
- Parameters
-
request | authorization::Request instance packing all the parameters needed to verify whether a subject can perform a given action with an object. |
- Returns
true
if the action is allowed, the future is set to true
, otherwise false
. A failed future indicates a problem processing the request, and it might be retried in the future.
Implements mesos::Authorizer.
static Try<Authorizer*> mesos::internal::LocalAuthorizer::create |
( |
const ACLs & |
acls | ) |
|
|
static |
static Try<Authorizer*> mesos::internal::LocalAuthorizer::create |
( |
const Parameters & |
parameters | ) |
|
|
static |
process::Future<std::shared_ptr<const ObjectApprover> > mesos::internal::LocalAuthorizer::getApprover |
( |
const Option< authorization::Subject > & |
subject, |
|
|
const authorization::Action & |
action |
|
) |
| |
|
overridevirtual |
Returns an ObjectApprover
which can synchronously check authorization on an object.
The returned ObjectApprover
is valid throuhout its whole lifetime or the lifetime of the authorizer, whichever is smaller.
Calls to approved(...)
method can return different values depending on the internal state maintained by the authorizer (which can change due to the need to keep ObjectApprover
up-to-date).
- Parameters
-
subject | authorization::Subject subject for which the ObjectApprover should be created. |
action | authorization::Action action for which the ObjectApprover should be created. |
- Returns
- An
ObjectApprover
for the given subject
and action
.
Implements mesos::Authorizer.
The documentation for this class was generated from the following file: