[
https://issues.apache.org/jira/browse/CASSANDRA-7653?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14273733#comment-14273733
]
Sam Tunnicliffe commented on CASSANDRA-7653:
--------------------------------------------
Pushed a further commit which adds a redundant "user" column to the resultset
returned from LIST PERMISSIONS queries. Also, re-introduced ListUsersStatement
to preserve the current output of those queries. To be consistent with CREATE
USER being an alias for CREATE ROLE with the LOGIN option, LIST USERS will
filter roles without that option.
Updateds to test_auth in dtests:
https://github.com/beobal/cassandra-dtest/tree/7653
> Add role based access control to Cassandra
> ------------------------------------------
>
> Key: CASSANDRA-7653
> URL: https://issues.apache.org/jira/browse/CASSANDRA-7653
> Project: Cassandra
> Issue Type: New Feature
> Components: Core
> Reporter: Mike Adamson
> Assignee: Sam Tunnicliffe
> Fix For: 3.0
>
> Attachments: 7653.patch, CQLSmokeTest.java, cql_smoke_test.py
>
>
> The current authentication model supports granting permissions to individual
> users. While this is OK for small or medium organizations wanting to
> implement authorization, it does not work well in large organizations because
> of the overhead of having to maintain the permissions for each user.
> Introducing roles into the authentication model would allow sets of
> permissions to be controlled in one place as a role and then the role granted
> to users. Roles should also be able to be granted to other roles to allow
> hierarchical sets of permissions to be built up.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
