cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "sankalp kohli (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CASSANDRA-8957) Move TRUNCATE from MODIFY to DROP permission group
Date Tue, 17 Mar 2015 00:00:48 GMT

    [ https://issues.apache.org/jira/browse/CASSANDRA-8957?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14364245#comment-14364245
] 

sankalp kohli commented on CASSANDRA-8957:
------------------------------------------

Fair enough

> Move TRUNCATE from MODIFY to  DROP permission group 
> ----------------------------------------------------
>
>                 Key: CASSANDRA-8957
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-8957
>             Project: Cassandra
>          Issue Type: Improvement
>            Reporter: Vishy Kasar
>
> Cassandra currently has 6 permissions:
>           ALTER: required for ALTER KEYSPCE, ALTER TABLE, CREATE INDEX, DROP INDEX
>           AUTHORIZE: required for GRANT, REVOKE
>           CREATE: required for CREATE KEYSPACE, CREATE TABLE
>           DROP: required for DROP KEYSPACE, DROP TABLE
>           MODIFY: required for INSERT, DELETE, UPDATE, TRUNCATE
>           SELECT: required for SELECT
> It seems incorrect to lump TRUNCATE with INSERT, DELETE, UPDATE. Every normal user typically
does INSERT, DELETE, UPDATE. However a normal user does not need TRUNCATE. We want to prevent
normal user accidentally truncating their tables in production. It is better to group TRUNCATE
with other destructive operations such as DROP KEYSPACE, DROP TABLE.
> Proposal: Move TRUNCATE from MODIFY to  DROP permission group 
> Proposed 6 permissions looks like this:
>           ALTER: required for ALTER KEYSPCE, ALTER TABLE, CREATE INDEX, DROP INDEX
>           AUTHORIZE: required for GRANT, REVOKE
>           CREATE: required for CREATE KEYSPACE, CREATE TABLE
>           DROP: required for DROP KEYSPACE, DROP TABLE, TRUNCATE
>           MODIFY: required for INSERT, DELETE, UPDATE
>           SELECT: required for SELECT



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message