[
https://issues.apache.org/jira/browse/CASSANDRA-8957?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14364084#comment-14364084
]
sankalp kohli commented on CASSANDRA-8957:
------------------------------------------
[~iamaleksey]
Can we create a new permission for truncate. CASSANDRA-8303 will be available
in 3.0 and we need something in 2.0 and 2.1.
> Move TRUNCATE from MODIFY to DROP permission group
> ----------------------------------------------------
>
> Key: CASSANDRA-8957
> URL: https://issues.apache.org/jira/browse/CASSANDRA-8957
> Project: Cassandra
> Issue Type: Improvement
> Reporter: Vishy Kasar
>
> Cassandra currently has 6 permissions:
> ALTER: required for ALTER KEYSPCE, ALTER TABLE, CREATE INDEX, DROP
> INDEX
> AUTHORIZE: required for GRANT, REVOKE
> CREATE: required for CREATE KEYSPACE, CREATE TABLE
> DROP: required for DROP KEYSPACE, DROP TABLE
> MODIFY: required for INSERT, DELETE, UPDATE, TRUNCATE
> SELECT: required for SELECT
> It seems incorrect to lump TRUNCATE with INSERT, DELETE, UPDATE. Every normal
> user typically does INSERT, DELETE, UPDATE. However a normal user does not
> need TRUNCATE. We want to prevent normal user accidentally truncating their
> tables in production. It is better to group TRUNCATE with other destructive
> operations such as DROP KEYSPACE, DROP TABLE.
> Proposal: Move TRUNCATE from MODIFY to DROP permission group
> Proposed 6 permissions looks like this:
> ALTER: required for ALTER KEYSPCE, ALTER TABLE, CREATE INDEX, DROP
> INDEX
> AUTHORIZE: required for GRANT, REVOKE
> CREATE: required for CREATE KEYSPACE, CREATE TABLE
> DROP: required for DROP KEYSPACE, DROP TABLE, TRUNCATE
> MODIFY: required for INSERT, DELETE, UPDATE
> SELECT: required for SELECT
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
