On 1/16/26 13:15, Marcelo Fernandes wrote:
Those operations do different things, sure.
But from a roles/privilege framework perspective, why would you want to give
certain users the DELETE privilege whereas others you want to give them
only the TRUNCATE privilege?
Are we saying to a user that "You need a different level of privilege because
you are about to cause a MVCC-unsafe operation?".
The thing I see as difference worthy of separation is:
"CASCADE
Automatically truncate all tables that have foreign-key references
to any of the named tables, or to any tables added to the group due to
CASCADE.
"
Now the same end result can be done with:
delete from some_table:
where the FK's pointing at some_table have ON CASCADE DELETE. The
difference being a DBA has the option of creating the FKs with ON
CASCADE NO ACTION which would throw an error. In other words you can
prevent an unconstrained DELETE on some_table from removing all the
child records. With TRUNCATE ... CASCADE, you cannot, the potential for
harm is greater.
Or is the privilege framework simply ruling "Do different things, have
different permissions"?
Marcelo.
--
Adrian Klaver
[email protected]
