cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aleksey Yeschenko (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (CASSANDRA-8082) Consider re-introducing TRUNCATE permission
Date Fri, 28 Nov 2014 16:12:13 GMT

     [ https://issues.apache.org/jira/browse/CASSANDRA-8082?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Aleksey Yeschenko updated CASSANDRA-8082:
-----------------------------------------
    Priority: Minor  (was: Major)

> Consider re-introducing TRUNCATE permission
> -------------------------------------------
>
>                 Key: CASSANDRA-8082
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-8082
>             Project: Cassandra
>          Issue Type: New Feature
>            Reporter: Johnny Miller
>            Priority: Minor
>
> We should consider re-introducing a separate `TRUNCATE` permission.
> Truncate operation would require both `MODIFY` and `TRUNCATE` to run.
> I'm not entirely sold on this change, as we do create snapshots before truncating, so
fat-fingers aren't catastrophic, but am open to the idea.
> Original description:
> {quote}
> Currently CQL permissions are grouped as:
> ALL	- All statements
> ALTER - ALTER KEYSPACE, ALTER TABLE, CREATE INDEX, DROP INDEX
> AUTHORIZE - GRANT, REVOKE
> CREATE - CREATE KEYSPACE, CREATE TABLE
> DROP - DROP KEYSPACE, DROP TABLE
> MODIFY - INSERT, DELETE, UPDATE, TRUNCATE
> SELECT -SELECT
> The MODIFY permission is too wide. There are plenty scenarios where a user should not
be to DELETE and TRUNCATE a table but should be able to INSERT and UPDATE. 
> It would be great if Cassandra could either support defining permissions dynamically
or have additional finer grained MODIFY related permissions.
> {quote}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message