cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aleksey Yeschenko (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CASSANDRA-10022) Add INSERT permission
Date Sun, 09 Aug 2015 11:15:45 GMT

    [ https://issues.apache.org/jira/browse/CASSANDRA-10022?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14679097#comment-14679097
] 

Aleksey Yeschenko commented on CASSANDRA-10022:
-----------------------------------------------

The logical conclusion would be to add {{DELETE}} permission for {{DELETE IF EXISTS}} and
an {{UPDATE}} permission that would only allow modifying data that is already there, and you
would still have {{MODIFY}} that allows to do all of the above (we have a single permissions
because Cassandra makes no distinction meaningful distinction between INSERT, UPDATE, and
DELETE queries - in many cases you can use them interchangeably - especially UPDATE and INSERT).
I don't see a way to make it non-confusing.

LWT updates are not a security mechanism - it's a tool to use for a small subset of your writes
when there is absolutely no way to use regular writes (think new user account creation).

> Add INSERT permission
> ---------------------
>
>                 Key: CASSANDRA-10022
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-10022
>             Project: Cassandra
>          Issue Type: Improvement
>          Components: Core
>            Reporter: Vovodroid
>
> Hi,
> currently there is MODIFY permission in C*. It would be nice to add specific INSERT permission,
that would act as 'IF NOT EXIST' option specified.
> Imagine distributed application (e.g. mobile), that each its instance should add something
to table, but shouldn't be able to alter/delete existing data.
> Regards.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message