Apache Mesos
Public Member Functions | Static Public Member Functions | List of all members
mesos::internal::LocalAuthorizer Class Reference

#include <authorizer.hpp>

Inheritance diagram for mesos::internal::LocalAuthorizer:
mesos::Authorizer

Public Member Functions

 ~LocalAuthorizer () override
 
process::Future< bool > authorized (const authorization::Request &request) override
 Checks with the identity server back end whether request is allowed by the policies of the identity server, i.e. More...
 
process::Future< std::shared_ptr< const ObjectApprover > > getApprover (const Option< authorization::Subject > &subject, const authorization::Action &action) override
 Returns an ObjectApprover which can synchronously check authorization on an object. More...
 
- Public Member Functions inherited from mesos::Authorizer
virtual ~Authorizer ()
 

Static Public Member Functions

static Try< Authorizer * > create (const ACLs &acls)
 
static Try< Authorizer * > create (const Parameters &parameters)
 
- Static Public Member Functions inherited from mesos::Authorizer
static Try< Authorizer * > create (const std::string &name)
 Factory method used to create instances of authorizer which are loaded from the ModuleManager. More...
 
static Try< Authorizer * > create (const ACLs &acls)
 Factory method used to create instances of the default 'local' authorizer. More...
 

Additional Inherited Members

- Protected Member Functions inherited from mesos::Authorizer
 Authorizer ()
 

Constructor & Destructor Documentation

mesos::internal::LocalAuthorizer::~LocalAuthorizer ( )
override

Member Function Documentation

process::Future<bool> mesos::internal::LocalAuthorizer::authorized ( const authorization::Request &  request)
overridevirtual

Checks with the identity server back end whether request is allowed by the policies of the identity server, i.e.

request.subject can perform request.action with request.object. For details on how the request is built and what its parts are, refer to "authorizer.proto".

Parameters
requestauthorization::Request instance packing all the parameters needed to verify whether a subject can perform a given action with an object.
Returns
true if the action is allowed, the future is set to true, otherwise false. A failed future indicates a problem processing the request, and it might be retried in the future.

Implements mesos::Authorizer.

static Try<Authorizer*> mesos::internal::LocalAuthorizer::create ( const ACLs &  acls)
static
static Try<Authorizer*> mesos::internal::LocalAuthorizer::create ( const Parameters &  parameters)
static
process::Future<std::shared_ptr<const ObjectApprover> > mesos::internal::LocalAuthorizer::getApprover ( const Option< authorization::Subject > &  subject,
const authorization::Action &  action 
)
overridevirtual

Returns an ObjectApprover which can synchronously check authorization on an object.

The returned ObjectApprover is valid throuhout its whole lifetime or the lifetime of the authorizer, whichever is smaller.

Calls to approved(...) method can return different values depending on the internal state maintained by the authorizer (which can change due to the need to keep ObjectApprover up-to-date).

Parameters
subjectauthorization::Subject subject for which the ObjectApprover should be created.
actionauthorization::Action action for which the ObjectApprover should be created.
Returns
An ObjectApprover for the given subject and action.

Implements mesos::Authorizer.


The documentation for this class was generated from the following file: