| 2604 | |
| 2605 | |
| 2606 | Future<Response> Master::Http::roles( |
| 2607 | const Request& request, |
| 2608 | const Option<Principal>& principal) const |
| 2609 | { |
| 2610 | // TODO(greggomann): Remove this check once the `Principal` type is used in |
| 2611 | // `ReservationInfo`, `DiskInfo`, and within the master's `principals` map. |
| 2612 | // See MESOS-7202. |
| 2613 | if (principal.isSome() && principal->value.isNone()) { |
| 2614 | return Forbidden( |
| 2615 | "The request's authenticated principal contains claims, but no value " |
| 2616 | "string. The master currently requires that principals have a value"); |
| 2617 | } |
| 2618 | |
| 2619 | // When current master is not the leader, redirect to the leading master. |
| 2620 | if (!master->elected()) { |
| 2621 | return redirect(request); |
| 2622 | } |
| 2623 | |
| 2624 | return ObjectApprovers::create(master->authorizer, principal, {VIEW_ROLE}) |
| 2625 | .then(defer(master->self(), |
| 2626 | [this, request, principal](const Owned<ObjectApprovers>& approvers) { |
| 2627 | return deferBatchedRequest( |
| 2628 | &Master::ReadOnlyHandler::roles, |
| 2629 | principal, |
| 2630 | ContentType::JSON, |
| 2631 | request.url.query, |
| 2632 | approvers); |
| 2633 | })); |
| 2634 | } |
| 2635 | |
| 2636 | |
| 2637 | Future<Response> Master::Http::listFiles( |