Philip Thompson created CASSANDRA-8213: ------------------------------------------
Summary: Grant Permission fails if permission had been revoked previously Key: CASSANDRA-8213 URL: https://issues.apache.org/jira/browse/CASSANDRA-8213 Project: Cassandra Issue Type: Bug Reporter: Philip Thompson Fix For: 2.1.2 The dtest auth_test.py:TestAuth.alter_cf_auth_test is failing. {code} cassandra.execute("GRANT ALTER ON ks.cf TO cathy") cathy.execute("ALTER TABLE ks.cf ADD val int") cassandra.execute("REVOKE ALTER ON ks.cf FROM cathy") self.assertUnauthorized("User cathy has no ALTER permission on <table ks.cf> or any of its parents", cathy, "CREATE INDEX ON ks.cf(val)") cassandra.execute("GRANT ALTER ON ks.cf TO cathy") cathy.execute("CREATE INDEX ON ks.cf(val)") {code} In this section of code, the user cathy is granted "ALTER" permissions on 'ks.cf', then they are revoked, then granted again. Monitoring system_auth.permissions during this section of code show that the permission is added with the initial grant, and revoked properly, but the table remains empty after the second grant. When the cathy user attempts to create an index, the following exception is thrown: {code} Unauthorized: code=2100 [Unauthorized] message="User cathy has no ALTER permission on <table ks.cf> or any of its parents" {code} -- This message was sent by Atlassian JIRA (v6.3.4#6332)