Jacob, seems you are on the right track however my understanding is that only the user that was auth'd has their permissions/roles/creds cached.
Also. Cassandra will query at QUORUM for the "cassandra" user, and at LOCAL_ONE for *all* other users. This is the same for creating users/roles.
