maxim-chn opened a new pull request, #2121: URL: https://github.com/apache/cassandra/pull/2121
A fix for [List command output not correct for super user, after grant command ([CASSANDRA-18018](https://issues.apache.org/jira/browse/CASSANDRA-18018)). A short example of the new functionality. (1) Let's create a new SUPERUSER role, `joe`. ``` maxim@b51f5bc1452d:~$ ./cassandra-dev/bin/cqlsh -ucassandra Password: Connected to Test Cluster at 127.0.0.1:9042 [cqlsh 6.1.0 | Cassandra 4.1-beta2-SNAPSHOT | CQL spec 3.4.6 | Native protocol v5] Use HELP for help. cassandra@cqlsh> CREATE ROLE IF NOT EXISTS joe WITH SUPERUSER = true AND LOGIN = true AND PASSWORD = 'super'; ``` (2) Let's list all permissions for the new role. ``` cassandra@cqlsh> LIST ALL PERMISSIONS OF joe; role | username | resource | permission ------+----------+-----------------+------------ joe | joe | <all keyspaces> | CREATE joe | joe | <all keyspaces> | ALTER joe | joe | <all keyspaces> | DROP joe | joe | <all keyspaces> | SELECT joe | joe | <all keyspaces> | MODIFY joe | joe | <all keyspaces> | AUTHORIZE joe | joe | <all functions> | CREATE joe | joe | <all functions> | ALTER joe | joe | <all functions> | DROP joe | joe | <all functions> | AUTHORIZE joe | joe | <all functions> | EXECUTE joe | joe | <all mbeans> | SELECT joe | joe | <all mbeans> | MODIFY joe | joe | <all mbeans> | AUTHORIZE joe | joe | <all mbeans> | DESCRIBE joe | joe | <all mbeans> | EXECUTE joe | joe | <all roles> | CREATE joe | joe | <all roles> | ALTER joe | joe | <all roles> | DROP joe | joe | <all roles> | AUTHORIZE joe | joe | <all roles> | DESCRIBE (21 rows) ``` As you can see, there is no need to grant any permission explicitly. SUPERUSER role always has all the relevant permissions on all the resources in accordance with the SUPERUSER role definition. patch by Maxim Chanturiay; reviewed by <Reviewers> for CASSANDRA-18018 The [Cassandra Jira](https://issues.apache.org/jira/projects/CASSANDRA/issues/) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
