cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aleksey Yeschenko (JIRA)" <j...@apache.org>
Subject [jira] [Resolved] (CASSANDRA-8082) Consider re-introducing TRUNCATE permission
Date Thu, 12 Mar 2015 01:29:38 GMT

     [ https://issues.apache.org/jira/browse/CASSANDRA-8082?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Aleksey Yeschenko resolved CASSANDRA-8082.
------------------------------------------
    Resolution: Duplicate

> Consider re-introducing TRUNCATE permission
> -------------------------------------------
>
>                 Key: CASSANDRA-8082
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-8082
>             Project: Cassandra
>          Issue Type: New Feature
>            Reporter: Johnny Miller
>            Priority: Minor
>
> We should consider re-introducing a separate `TRUNCATE` permission.
> Truncate operation would require both `MODIFY` and `TRUNCATE` to run.
> I'm not entirely sold on this change, as we do create snapshots before truncating, so
fat-fingers aren't catastrophic, but am open to the idea.
> Original description:
> {quote}
> Currently CQL permissions are grouped as:
> ALL	- All statements
> ALTER - ALTER KEYSPACE, ALTER TABLE, CREATE INDEX, DROP INDEX
> AUTHORIZE - GRANT, REVOKE
> CREATE - CREATE KEYSPACE, CREATE TABLE
> DROP - DROP KEYSPACE, DROP TABLE
> MODIFY - INSERT, DELETE, UPDATE, TRUNCATE
> SELECT -SELECT
> The MODIFY permission is too wide. There are plenty scenarios where a user should not
be to DELETE and TRUNCATE a table but should be able to INSERT and UPDATE. 
> It would be great if Cassandra could either support defining permissions dynamically
or have additional finer grained MODIFY related permissions.
> {quote}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message