[
https://issues.apache.org/jira/browse/CASSANDRA-6304?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Aleksey Yeschenko resolved CASSANDRA-6304.
------------------------------------------
Resolution: Not A Problem
Now that CASSANDRA-6438 made the types keyspace-scoped, this issue is no longer
relevant.
> Better handling of authorization for User Types
> -----------------------------------------------
>
> Key: CASSANDRA-6304
> URL: https://issues.apache.org/jira/browse/CASSANDRA-6304
> Project: Cassandra
> Issue Type: New Feature
> Reporter: Aleksey Yeschenko
> Assignee: Aleksey Yeschenko
> Fix For: 2.1
>
>
> Currently, we require CREATE/ALTER/DROP on ALL KEYSPACES, which is a bit
> excessive, and not entirely correct (but is the best we can do atm).
> We should:
> 1. create a new IResource implementation for user types (TypeResource)
> 2. extend CQL3 GRANT/REVOKE to allow CREATE/ALTER/DROP on (ALL TYPES|TYPE
> <name>)
> 3. require CREATE/ALTER/DROP permissions instead of requiring all keyspace
> access
> We could (should?) optionally require ALTER permission on the columnfamilies
> affected by ALTER TYPE. Not sure about this?
> We also don't currently allow dropping a type that's in use by a CF. So
> someone might start using a type in the cf, and the 'owner' of the type would
> not be able to drop it. So we should either add some kind of USE permission
> for types, or make it possible to drop a type that's currently in use.
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
