[
https://issues.apache.org/jira/browse/CASSANDRA-7683?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14084556#comment-14084556
]
Aleksey Yeschenko commented on CASSANDRA-7683:
----------------------------------------------
Well, authorization is here to tell if a user has enough permissions to execute
that particular statement. And, arguably, whether or not the table exists, if
one doesn't have CREATE rights on the keyspace, they shouldn't be able to try
execute the statement. IF NOT EXISTS is absolutely orthogonal here.
> Always allow CREATE TABLE IF NOT EXISTS if it exists
> ----------------------------------------------------
>
> Key: CASSANDRA-7683
> URL: https://issues.apache.org/jira/browse/CASSANDRA-7683
> Project: Cassandra
> Issue Type: Wish
> Components: Core
> Reporter: Jens Rantil
> Priority: Minor
>
> Background: I have a table that I'd like to make sure exists when I boot up
> my application. To make the life easier for our developers I execute an
> `ALTER TABLE IF EXISTS`.
> In production I am using user based authorization and for security reasons
> regular production users are not allowed to CREATE TABLEs.
> Problem: When a user without CREATE permission executes `ALTER TABLE IF
> EXISTS` for a table that already exists, the command fails telling me the
> user is not allowed to execute `CREATE TABLE`. It feels kinda ridiculous that
> this fails when I'm not actually creating the table.
> Proposal: That the permission check only should be done if the table is only
> actually to be created.
> Workaround: Right now, I have a boolean that checks if in production and in
> that case don't try to create the table. Another approach would be to
> manually check if the table exists.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
