bschoening commented on code in PR #4112: URL: https://github.com/apache/cassandra/pull/4112#discussion_r2621550216
########## doc/modules/cassandra/pages/developing/cql/security.adoc: ########## @@ -346,6 +346,59 @@ include::cassandra:example$BNF/list_users_statement.bnf[] Note that this statement is equivalent to xref:security.adoc#list-roles-statement[`LIST ROLES], but only roles with the `LOGIN` privilege are included in the output. +[[databaseIdentity]] +=== Database Identities + +[[AddIdentityStmt]] +==== ADD IDENTITY + +_Syntax:_ + +[source,bnf] +::= ADD IDENTITY [ IF NOT EXISTS ] id_name TO ROLE role_name + +_Sample:_ + +[source,sql] +ADD IDENTITY 'id1' TO ROLE 'role1'; + +Only a user with privileges to add roles can add identities + +Role names & Identity names should be quoted if they contain non-alphanumeric characters. + +[[addIdentityConditional]] +===== Adding an identity conditionally + +Attempting to add an existing identity results in an invalid query +condition unless the `IF NOT EXISTS` option is used. If the option is +used and the identity exists, the statement is a no-op. + +[source,sql] +ADD IDENTITY [ IF NOT EXISTS ] 'id1' TO ROLE 'role1'; + +[[dropIdentityStmt]] +==== DROP IDENTITY + +_Syntax:_ + +[source,bnf] +::= DROP IDENTITY [ IF EXISTS ] + +_Sample:_ + +[source,sql] +---- +DROP IDENTITY 'testIdentity'; +DROP IDENTITY IF EXISTS 'testIdentity'; +---- + +Only a user with privileges to drop roles can remove identities + +Attempting to drop an Identity which does not exist results in an invalid Review Comment: fixed -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
