[
https://issues.apache.org/jira/browse/CASSANDRA-8082?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Aleksey Yeschenko resolved CASSANDRA-8082.
------------------------------------------
Resolution: Not a Problem
The MODIFY permission is like that because there is no true functional
distinction there. INSERT and UPDATE are almost fully equivalent (with the
exception of counters and some internal row marker behavior). DELETE is a
subset of INSERT/UPDATE with nulls (INSERT null or UPDATE SET null do create a
regular tombstone, just like DELETE does). And TRUNCATE can be emulated with a
bunch of DELETEs.
There was an argument about separating TRUNCATE b/c of the fat finger argument.
But we already take snapshots before we TRUNCATE, exactly because of that.
> Support finer grained Modify CQL permissions
> --------------------------------------------
>
> Key: CASSANDRA-8082
> URL: https://issues.apache.org/jira/browse/CASSANDRA-8082
> Project: Cassandra
> Issue Type: New Feature
> Reporter: Johnny Miller
>
> Currently CQL permissions are grouped as:
> ALL - All statements
> ALTER - ALTER KEYSPACE, ALTER TABLE, CREATE INDEX, DROP INDEX
> AUTHORIZE - GRANT, REVOKE
> CREATE - CREATE KEYSPACE, CREATE TABLE
> DROP - DROP KEYSPACE, DROP TABLE
> MODIFY - INSERT, DELETE, UPDATE, TRUNCATE
> SELECT -SELECT
> The MODIFY permission is too wide. There are plenty scenarios where a user
> should not be to DELETE and TRUNCATE a table but should be able to INSERT and
> UPDATE.
> It would be great if Cassandra could either support defining permissions
> dynamically or have additional finer grained MODIFY related permissions.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
