You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cassandra.apache.org by "Aleksey Yeschenko (JIRA)" <ji...@apache.org> on 2015/03/12 02:29:38 UTC

[jira] [Resolved] (CASSANDRA-8082) Consider re-introducing TRUNCATE permission

     [ https://issues.apache.org/jira/browse/CASSANDRA-8082?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Aleksey Yeschenko resolved CASSANDRA-8082.
------------------------------------------
    Resolution: Duplicate

> Consider re-introducing TRUNCATE permission
> -------------------------------------------
>
>                 Key: CASSANDRA-8082
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-8082
>             Project: Cassandra
>          Issue Type: New Feature
>            Reporter: Johnny Miller
>            Priority: Minor
>
> We should consider re-introducing a separate `TRUNCATE` permission.
> Truncate operation would require both `MODIFY` and `TRUNCATE` to run.
> I'm not entirely sold on this change, as we do create snapshots before truncating, so fat-fingers aren't catastrophic, but am open to the idea.
> Original description:
> {quote}
> Currently CQL permissions are grouped as:
> ALL	- All statements
> ALTER - ALTER KEYSPACE, ALTER TABLE, CREATE INDEX, DROP INDEX
> AUTHORIZE - GRANT, REVOKE
> CREATE - CREATE KEYSPACE, CREATE TABLE
> DROP - DROP KEYSPACE, DROP TABLE
> MODIFY - INSERT, DELETE, UPDATE, TRUNCATE
> SELECT -SELECT
> The MODIFY permission is too wide. There are plenty scenarios where a user should not be to DELETE and TRUNCATE a table but should be able to INSERT and UPDATE. 
> It would be great if Cassandra could either support defining permissions dynamically or have additional finer grained MODIFY related permissions.
> {quote}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)