Updated endpoint docs for 1.0.0-rc3.
diff --git a/docs/endpoints/files/browse.json.md b/docs/endpoints/files/browse.json.md
index 55ee41b..6b21e50 100644
--- a/docs/endpoints/files/browse.json.md
+++ b/docs/endpoints/files/browse.json.md
@@ -24,7 +24,7 @@
enabled.
### AUTHORIZATION ###
-Browsing files requires that the request principal is
+Browsing files requires that the request principal is
authorized to do so for the target virtual file path.
Authorizers may categorize different virtual paths into
diff --git a/docs/endpoints/files/browse.md b/docs/endpoints/files/browse.md
index de8632e..0fa204a 100644
--- a/docs/endpoints/files/browse.md
+++ b/docs/endpoints/files/browse.md
@@ -24,7 +24,7 @@
enabled.
### AUTHORIZATION ###
-Browsing files requires that the request principal is
+Browsing files requires that the request principal is
authorized to do so for the target virtual file path.
Authorizers may categorize different virtual paths into
diff --git a/docs/endpoints/files/debug.json.md b/docs/endpoints/files/debug.json.md
index a4dc0de..2806a58 100644
--- a/docs/endpoints/files/debug.json.md
+++ b/docs/endpoints/files/debug.json.md
@@ -17,4 +17,8 @@
### AUTHENTICATION ###
This endpoint requires authentication iff HTTP authentication is
-enabled.
\ No newline at end of file
+enabled.
+
+### AUTHORIZATION ###
+The request principal should be authorized to query this endpoint.
+See the authorization documentation for details.
\ No newline at end of file
diff --git a/docs/endpoints/files/debug.md b/docs/endpoints/files/debug.md
index 9361ffe..3338066 100644
--- a/docs/endpoints/files/debug.md
+++ b/docs/endpoints/files/debug.md
@@ -17,4 +17,8 @@
### AUTHENTICATION ###
This endpoint requires authentication iff HTTP authentication is
-enabled.
\ No newline at end of file
+enabled.
+
+### AUTHORIZATION ###
+The request principal should be authorized to query this endpoint.
+See the authorization documentation for details.
\ No newline at end of file
diff --git a/docs/endpoints/files/download.json.md b/docs/endpoints/files/download.json.md
index 88dd72c..31d442a 100644
--- a/docs/endpoints/files/download.json.md
+++ b/docs/endpoints/files/download.json.md
@@ -24,7 +24,7 @@
enabled.
### AUTHORIZATION ###
-Downloading files requires that the request principal is
+Downloading files requires that the request principal is
authorized to do so for the target virtual file path.
Authorizers may categorize different virtual paths into
diff --git a/docs/endpoints/files/download.md b/docs/endpoints/files/download.md
index 3a38760..202d015 100644
--- a/docs/endpoints/files/download.md
+++ b/docs/endpoints/files/download.md
@@ -24,7 +24,7 @@
enabled.
### AUTHORIZATION ###
-Downloading files requires that the request principal is
+Downloading files requires that the request principal is
authorized to do so for the target virtual file path.
Authorizers may categorize different virtual paths into
diff --git a/docs/endpoints/files/read.json.md b/docs/endpoints/files/read.json.md
index 6697ab1..64f348e 100644
--- a/docs/endpoints/files/read.json.md
+++ b/docs/endpoints/files/read.json.md
@@ -25,7 +25,7 @@
enabled.
### AUTHORIZATION ###
-Reading files requires that the request principal is
+Reading files requires that the request principal is
authorized to do so for the target virtual file path.
Authorizers may categorize different virtual paths into
diff --git a/docs/endpoints/files/read.md b/docs/endpoints/files/read.md
index 21ea6d8..ef95c80 100644
--- a/docs/endpoints/files/read.md
+++ b/docs/endpoints/files/read.md
@@ -25,7 +25,7 @@
enabled.
### AUTHORIZATION ###
-Reading files requires that the request principal is
+Reading files requires that the request principal is
authorized to do so for the target virtual file path.
Authorizers may categorize different virtual paths into
diff --git a/docs/endpoints/master/api/v1.md b/docs/endpoints/master/api/v1.md
index 19c6142..45aebd8 100644
--- a/docs/endpoints/master/api/v1.md
+++ b/docs/endpoints/master/api/v1.md
@@ -21,4 +21,11 @@
### AUTHENTICATION ###
This endpoint requires authentication iff HTTP authentication is
-enabled.
\ No newline at end of file
+enabled.
+
+### AUTHORIZATION ###
+The information returned by this endpoint for certain calls
+might be filtered based on the user accessing it.
+For example a user might only see the subset of frameworks,
+tasks, and executors they are allowed to view.
+See the authorization documentation for details.
\ No newline at end of file
diff --git a/docs/endpoints/master/api/v1/scheduler.md b/docs/endpoints/master/api/v1/scheduler.md
index 39cd457..4c6caf5 100644
--- a/docs/endpoints/master/api/v1/scheduler.md
+++ b/docs/endpoints/master/api/v1/scheduler.md
@@ -21,4 +21,9 @@
### AUTHENTICATION ###
This endpoint requires authentication iff HTTP authentication is
-enabled.
\ No newline at end of file
+enabled.
+
+### AUTHORIZATION ###
+The returned frameworks information might be filtered based on the
+users authorization.
+See the authorization documentation for details.
\ No newline at end of file
diff --git a/docs/endpoints/master/create-volumes.md b/docs/endpoints/master/create-volumes.md
index f6ec938..83f85ac 100644
--- a/docs/endpoints/master/create-volumes.md
+++ b/docs/endpoints/master/create-volumes.md
@@ -29,4 +29,10 @@
### AUTHENTICATION ###
This endpoint requires authentication iff HTTP authentication is
-enabled.
\ No newline at end of file
+enabled.
+
+### AUTHORIZATION ###
+Using this endpoint to create persistent volumes requires that
+the current principal is authorized to create volumes for the
+specific role.
+See the authorization documentation for details.
\ No newline at end of file
diff --git a/docs/endpoints/master/destroy-volumes.md b/docs/endpoints/master/destroy-volumes.md
index 054e816..778f797 100644
--- a/docs/endpoints/master/destroy-volumes.md
+++ b/docs/endpoints/master/destroy-volumes.md
@@ -29,4 +29,10 @@
### AUTHENTICATION ###
This endpoint requires authentication iff HTTP authentication is
-enabled.
\ No newline at end of file
+enabled.
+
+### AUTHORIZATION ###
+Using this endpoint to destroy persistent volumes requires that
+the current principal is authorized to destroy volumes created
+by the principal who created the volume.
+See the authorization documentation for details.
\ No newline at end of file
diff --git a/docs/endpoints/master/flags.md b/docs/endpoints/master/flags.md
index 850b6f8..6b3de41 100644
--- a/docs/endpoints/master/flags.md
+++ b/docs/endpoints/master/flags.md
@@ -17,5 +17,5 @@
### AUTHORIZATION ###
Querying this endpoint requires that the current principal
-is authorized to query the path.
+is authorized to view all flags.
See the authorization documentation for details.
\ No newline at end of file
diff --git a/docs/endpoints/master/frameworks.md b/docs/endpoints/master/frameworks.md
index 1aed723..afb583e 100644
--- a/docs/endpoints/master/frameworks.md
+++ b/docs/endpoints/master/frameworks.md
@@ -21,4 +21,8 @@
### AUTHENTICATION ###
This endpoint requires authentication iff HTTP authentication is
-enabled.
\ No newline at end of file
+enabled.
+
+### AUTHORIZATION ###
+This endpoint might be filtered based on the user accessing it.
+See the authorization documentation for details.
\ No newline at end of file
diff --git a/docs/endpoints/master/reserve.md b/docs/endpoints/master/reserve.md
index 9bb04ed..71cc1a9 100644
--- a/docs/endpoints/master/reserve.md
+++ b/docs/endpoints/master/reserve.md
@@ -29,4 +29,10 @@
### AUTHENTICATION ###
This endpoint requires authentication iff HTTP authentication is
-enabled.
\ No newline at end of file
+enabled.
+
+### AUTHORIZATION ###
+Using this endpoint to reserve resources requires that the
+current principal is authorized to reserve resources for the
+specific role.
+See the authorization documentation for details.
\ No newline at end of file
diff --git a/docs/endpoints/master/state-summary.md b/docs/endpoints/master/state-summary.md
index 4eb517e..2986d05 100644
--- a/docs/endpoints/master/state-summary.md
+++ b/docs/endpoints/master/state-summary.md
@@ -20,8 +20,16 @@
found.
This endpoint gives a summary of the state of all tasks and
registered frameworks in the cluster as a JSON object.
+The information shown might be filtered based on the user
+accessing the endpoint.
### AUTHENTICATION ###
This endpoint requires authentication iff HTTP authentication is
-enabled.
\ No newline at end of file
+enabled.
+
+### AUTHORIZATION ###
+This endpoint might be filtered based on the user accessing it.
+For example a user might only see the subset of frameworks
+they are allowed to view.
+See the authorization documentation for details.
\ No newline at end of file
diff --git a/docs/endpoints/master/state.json.md b/docs/endpoints/master/state.json.md
index c5852bd..8466f7d 100644
--- a/docs/endpoints/master/state.json.md
+++ b/docs/endpoints/master/state.json.md
@@ -19,6 +19,8 @@
found.
This endpoint shows information about the frameworks, tasks,
executors and agents running in the cluster as a JSON object.
+The information shown might be filtered based on the user
+accessing the endpoint.
Example (**Note**: this is not exhaustive):
@@ -50,7 +52,7 @@
"work_dir" : "/var/lib/mesos",
"http_authenticators" : "basic",
"authorizers" : "local",
- "slave_reregister_timeout" : "10mins",
+ "agent_reregister_timeout" : "10mins",
"logging_level" : "INFO",
"help" : "false",
"root_submissions" : "true",
@@ -75,7 +77,7 @@
"authenticate_http" : "false",
"port" : "5050",
"zk_session_timeout" : "10secs",
- "recovery_slave_removal_limit" : "100%",
+ "recovery_agent_removal_limit" : "100%",
"webui_dir" : "/path/to/mesos/build/../src/webui",
"cluster" : "mycluster",
"leader" : "master@127.0.0.1:5050",
@@ -93,4 +95,10 @@
### AUTHENTICATION ###
This endpoint requires authentication iff HTTP authentication is
-enabled.
\ No newline at end of file
+enabled.
+
+### AUTHORIZATION ###
+This endpoint might be filtered based on the user accessing it.
+For example a user might only see the subset of frameworks,
+tasks, and executors they are allowed to view.
+See the authorization documentation for details.
\ No newline at end of file
diff --git a/docs/endpoints/master/state.md b/docs/endpoints/master/state.md
index 8e0650f..eba9b39 100644
--- a/docs/endpoints/master/state.md
+++ b/docs/endpoints/master/state.md
@@ -19,6 +19,8 @@
found.
This endpoint shows information about the frameworks, tasks,
executors and agents running in the cluster as a JSON object.
+The information shown might be filtered based on the user
+accessing the endpoint.
Example (**Note**: this is not exhaustive):
@@ -50,7 +52,7 @@
"work_dir" : "/var/lib/mesos",
"http_authenticators" : "basic",
"authorizers" : "local",
- "slave_reregister_timeout" : "10mins",
+ "agent_reregister_timeout" : "10mins",
"logging_level" : "INFO",
"help" : "false",
"root_submissions" : "true",
@@ -75,7 +77,7 @@
"authenticate_http" : "false",
"port" : "5050",
"zk_session_timeout" : "10secs",
- "recovery_slave_removal_limit" : "100%",
+ "recovery_agent_removal_limit" : "100%",
"webui_dir" : "/path/to/mesos/build/../src/webui",
"cluster" : "mycluster",
"leader" : "master@127.0.0.1:5050",
@@ -93,4 +95,10 @@
### AUTHENTICATION ###
This endpoint requires authentication iff HTTP authentication is
-enabled.
\ No newline at end of file
+enabled.
+
+### AUTHORIZATION ###
+This endpoint might be filtered based on the user accessing it.
+For example a user might only see the subset of frameworks,
+tasks, and executors they are allowed to view.
+See the authorization documentation for details.
\ No newline at end of file
diff --git a/docs/endpoints/master/tasks.json.md b/docs/endpoints/master/tasks.json.md
index 5d2c0e6..d276f27 100644
--- a/docs/endpoints/master/tasks.json.md
+++ b/docs/endpoints/master/tasks.json.md
@@ -18,6 +18,8 @@
Returns 503 SERVICE_UNAVAILABLE if the leading master cannot be
found.
Lists known tasks.
+The information shown might be filtered based on the user
+accessing the endpoint.
Query parameters:
@@ -28,4 +30,10 @@
### AUTHENTICATION ###
This endpoint requires authentication iff HTTP authentication is
-enabled.
\ No newline at end of file
+enabled.
+
+### AUTHORIZATION ###
+This endpoint might be filtered based on the user accessing it.
+For example a user might only see the subset of tasks they are
+allowed to view.
+See the authorization documentation for details.
\ No newline at end of file
diff --git a/docs/endpoints/master/tasks.md b/docs/endpoints/master/tasks.md
index c7df686..64ce46c 100644
--- a/docs/endpoints/master/tasks.md
+++ b/docs/endpoints/master/tasks.md
@@ -18,6 +18,8 @@
Returns 503 SERVICE_UNAVAILABLE if the leading master cannot be
found.
Lists known tasks.
+The information shown might be filtered based on the user
+accessing the endpoint.
Query parameters:
@@ -28,4 +30,10 @@
### AUTHENTICATION ###
This endpoint requires authentication iff HTTP authentication is
-enabled.
\ No newline at end of file
+enabled.
+
+### AUTHORIZATION ###
+This endpoint might be filtered based on the user accessing it.
+For example a user might only see the subset of tasks they are
+allowed to view.
+See the authorization documentation for details.
\ No newline at end of file
diff --git a/docs/endpoints/master/teardown.md b/docs/endpoints/master/teardown.md
index 4c14f59..3ab4824 100644
--- a/docs/endpoints/master/teardown.md
+++ b/docs/endpoints/master/teardown.md
@@ -23,4 +23,10 @@
### AUTHENTICATION ###
This endpoint requires authentication iff HTTP authentication is
-enabled.
\ No newline at end of file
+enabled.
+
+### AUTHORIZATION ###
+Using this endpoint to teardown frameworks requires that the
+current principal is authorized to teardown frameworks created
+by the principal who created the framework.
+See the authorization documentation for details.
\ No newline at end of file
diff --git a/docs/endpoints/master/unreserve.md b/docs/endpoints/master/unreserve.md
index 5cce428..f064239 100644
--- a/docs/endpoints/master/unreserve.md
+++ b/docs/endpoints/master/unreserve.md
@@ -29,4 +29,10 @@
### AUTHENTICATION ###
This endpoint requires authentication iff HTTP authentication is
-enabled.
\ No newline at end of file
+enabled.
+
+### AUTHORIZATION ###
+Using this endpoint to unreserve resources requires that the
+current principal is authorized to unreserve resources created
+by the principal who reserved the resources.
+See the authorization documentation for details.
\ No newline at end of file
diff --git a/docs/endpoints/slave/api/v1.md b/docs/endpoints/slave/api/v1.md
index c867d79..b394f7f 100644
--- a/docs/endpoints/slave/api/v1.md
+++ b/docs/endpoints/slave/api/v1.md
@@ -16,4 +16,5 @@
### AUTHENTICATION ###
-This endpoint does not require authentication.
\ No newline at end of file
+This endpoint requires authentication iff HTTP authentication is
+enabled.
\ No newline at end of file
diff --git a/docs/endpoints/slave/flags.md b/docs/endpoints/slave/flags.md
index 3ea38c1..4a8a036 100644
--- a/docs/endpoints/slave/flags.md
+++ b/docs/endpoints/slave/flags.md
@@ -16,5 +16,5 @@
enabled.
### AUTHORIZATION ###
-The request principal should be authorized to query this endpoint.
+The request principal should be authorized to view all flags.
See the authorization documentation for details.
\ No newline at end of file
diff --git a/docs/endpoints/slave/state.json.md b/docs/endpoints/slave/state.json.md
index ac85369..0f82c19 100644
--- a/docs/endpoints/slave/state.json.md
+++ b/docs/endpoints/slave/state.json.md
@@ -14,6 +14,8 @@
### DESCRIPTION ###
This endpoint shows information about the frameworks, executors
and the agent's master as a JSON object.
+The information shown might be filtered based on the user
+accessing the endpoint.
Example (**Note**: this is not exhaustive):
@@ -102,4 +104,10 @@
### AUTHENTICATION ###
This endpoint requires authentication iff HTTP authentication is
-enabled.
\ No newline at end of file
+enabled.
+
+### AUTHORIZATION ###
+This endpoint might be filtered based on the user accessing it.
+For example a user might only see the subset of frameworks,
+tasks, and executors they are allowed to view.
+See the authorization documentation for details.
\ No newline at end of file
diff --git a/docs/endpoints/slave/state.md b/docs/endpoints/slave/state.md
index c7b61d7..b34459e 100644
--- a/docs/endpoints/slave/state.md
+++ b/docs/endpoints/slave/state.md
@@ -14,6 +14,8 @@
### DESCRIPTION ###
This endpoint shows information about the frameworks, executors
and the agent's master as a JSON object.
+The information shown might be filtered based on the user
+accessing the endpoint.
Example (**Note**: this is not exhaustive):
@@ -102,4 +104,10 @@
### AUTHENTICATION ###
This endpoint requires authentication iff HTTP authentication is
-enabled.
\ No newline at end of file
+enabled.
+
+### AUTHORIZATION ###
+This endpoint might be filtered based on the user accessing it.
+For example a user might only see the subset of frameworks,
+tasks, and executors they are allowed to view.
+See the authorization documentation for details.
\ No newline at end of file
