Merge branch 'cassandra-2.1' into cassandra-2.2
Project: http://git-wip-us.apache.org/repos/asf/cassandra/repo Commit: http://git-wip-us.apache.org/repos/asf/cassandra/commit/94a68a17 Tree: http://git-wip-us.apache.org/repos/asf/cassandra/tree/94a68a17 Diff: http://git-wip-us.apache.org/repos/asf/cassandra/diff/94a68a17 Branch: refs/heads/cassandra-2.2 Commit: 94a68a17c78f3eb957d155ba30859e53dd544bb8 Parents: 3b85ea7 14a3324 Author: Sam Tunnicliffe <s...@beobal.com> Authored: Mon Jun 1 18:24:40 2015 +0100 Committer: Sam Tunnicliffe <s...@beobal.com> Committed: Mon Jun 1 18:24:40 2015 +0100 ---------------------------------------------------------------------- CHANGES.txt | 1 + doc/cql3/CQL.textile | 441 +++++++++++++++++++++++++++++++++++++++++++++- 2 files changed, 438 insertions(+), 4 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cassandra/blob/94a68a17/CHANGES.txt ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cassandra/blob/94a68a17/doc/cql3/CQL.textile ---------------------------------------------------------------------- diff --cc doc/cql3/CQL.textile index 91d8dd8,ea0aed6..9cf7b23 --- a/doc/cql3/CQL.textile +++ b/doc/cql3/CQL.textile @@@ -1100,6 -928,217 +1100,433 @@@ because Cassandra cannot guarantee tha bc(sample). SELECT firstname, lastname FROM users WHERE birth_year = 1981 AND country = 'FR' ALLOW FILTERING; -h2(#databaseUsers). Database Users ++h2(#databaseRoles). Database Roles ++ ++h3(#createRoleStmt). CREATE ROLE ++ ++__Syntax:__ ++ ++bc(syntax).. ++<create-role-stmt> ::= CREATE ROLE ( IF NOT EXISTS )? <identifier> ( WITH <option> ( AND <option> )* )? ++ ++<option> ::= PASSWORD = <string> ++ | LOGIN = <boolean> ++ | SUPERUSER = <boolean> ++ | OPTIONS = <map_literal> ++p. ++ ++__Sample:__ ++ ++bc(sample). ++CREATE ROLE new_role; ++CREATE ROLE alice WITH PASSWORD = 'password_a' AND LOGIN = true; ++CREATE ROLE bob WITH PASSWORD = 'password_b' AND LOGIN = true AND SUPERUSER = true; ++CREATE ROLE carlos WITH OPTIONS = { 'custom_option1' : 'option1_value', 'custom_option2' : 99 }; ++ ++By default roles do not possess @LOGIN@ privileges or @SUPERUSER@ status. ++ ++"Permissions":#permissions on database resources are granted to roles; types of resources include keyspaces, tables, functions and roles themselves. Roles may be granted to other roles to create hierarchical permissions structures; in these hierarchies, permissions and @SUPERUSER@ status are inherited, but the @LOGIN@ privilege is not. ++ ++If a role has the @LOGIN@ privilege, clients may identify as that role when connecting. For the duration of that connection, the client will acquire any roles and privileges granted to that role. ++ ++Only a client with with the @CREATE@ permission on the database roles resource may issue @CREATE ROLE@ requests (see the "relevant section":#permissions below), unless the client is a @SUPERUSER@. Role management in Cassandra is pluggable and custom implementations may support only a subset of the listed options. ++ ++Role names should be quoted if they contain non-alphanumeric characters. ++ ++h4(#createRolePwd). Setting credentials for internal authentication ++ ++Use the @WITH PASSWORD@ clause to set a password for internal authentication, enclosing the password in single quotation marks. ++If internal authentication has not been set up or the role does not have @LOGIN@ privileges, the @WITH PASSWORD@ clause is not necessary. ++ ++h4(#createRoleConditional). Creating a role conditionally ++ ++Attempting to create an existing role results in an invalid query condition unless the @IF NOT EXISTS@ option is used. If the option is used and the role exists, the statement is a no-op. ++ ++bc(sample). ++CREATE ROLE other_role; ++CREATE ROLE IF NOT EXISTS other_role; ++ ++h3(#alterRoleStmt). ALTER ROLE ++ ++__Syntax:__ ++ ++bc(syntax).. ++<alter-role-stmt> ::= ALTER ROLE <identifier> ( WITH <option> ( AND <option> )* )? ++ ++<option> ::= PASSWORD = <string> ++ | LOGIN = <boolean> ++ | SUPERUSER = <boolean> ++ | OPTIONS = <map_literal> ++p. ++ ++__Sample:__ ++ ++bc(sample). ++ALTER ROLE bob WITH PASSWORD = 'PASSWORD_B' AND SUPERUSER = false; ++ ++Conditions on executing @ALTER ROLE@ statements: ++ ++* A client must have @SUPERUSER@ status to alter the @SUPERUSER@ status of another role ++* A client cannot alter the @SUPERUSER@ status of any role it currently holds ++* A client can only modify certain properties of the role with which it identified at login (e.g. @PASSWORD@) ++* To modify properties of a role, the client must be granted @ALTER@ "permission":#permissions on that role ++ ++ ++h3(#dropRoleStmt). DROP ROLE ++ ++__Syntax:__ ++ ++bc(syntax).. ++<drop-role-stmt> ::= DROP ROLE ( IF EXISTS )? <identifier> ++p. ++ ++__Sample:__ ++ ++bc(sample). ++DROP ROLE alice; ++DROP ROLE IF EXISTS bob; ++ ++ ++@DROP ROLE@ requires the client to have @DROP@ "permission":#permissions on the role in question. In addition, client may not @DROP@ the role with which it identified at login. Finaly, only a client with @SUPERUSER@ status may @DROP@ another @SUPERUSER@ role. ++Attempting to drop a role which does not exist results in an invalid query condition unless the @IF EXISTS@ option is used. If the option is used and the role does not exist the statement is a no-op. ++ ++ ++h3(#grantRoleStmt). GRANT ROLE ++ ++__Syntax:__ ++ ++bc(syntax). ++<grant-role-stmt> ::= GRANT <identifier> TO <identifier> ++ ++ ++__Sample:__ ++ ++bc(sample). ++GRANT report_writer TO alice; ++ ++This statement grants the @report_writer@ role to @alice@. Any permissions granted to @report_writer@ are also acquired by @alice@. ++Roles are modelled as a directed acyclic graph, so circular grants are not permitted. The following examples result in error conditions: ++ ++bc(sample). ++GRANT role_a TO role_b; ++GRANT role_b TO role_a; ++ ++bc(sample). ++GRANT role_a TO role_b; ++GRANT role_b TO role_c; ++GRANT role_c TO role_a; ++ ++ ++h3(#revokeRoleStmt). REVOKE ROLE ++ ++__Syntax:__ ++ ++bc(syntax). ++<revoke-role-stmt> ::= REVOKE <identifier> FROM <identifier> ++ ++__Sample:__ ++ ++bc(sample). ++REVOKE report_writer FROM alice; ++ ++This statement revokes the @report_writer@ role from @alice@. Any permissions that @alice@ has acquired via the @report_writer@ role are also revoked. ++ ++h4(#listRolesStmt). LIST ROLES ++ ++__Syntax:__ ++ ++bc(syntax). ++<list-roles-stmt> ::= LIST ROLES ( OF <identifier> )? ( NORECURSIVE )? ++ ++__Sample:__ ++ ++bc(sample). ++LIST ROLES; ++ ++Return all known roles in the system, this requires @DESCRIBE@ permission on the database roles resource. ++ ++bc(sample). ++LIST ROLES OF @alice@; ++ ++Enumerate all roles granted to @alice@, including those transitively aquired. ++ ++bc(sample). ++LIST ROLES OF @bob@ NORECURSIVE ++ ++List all roles directly granted to @bob@. + + h3(#createUserStmt). CREATE USER + ++Prior to the introduction of roles in Cassandra 2.2, authentication and authorization were based around the concept of a @USER@. For backward compatibility, the legacy syntax has been preserved with @USER@ centric statments becoming synonyms for the @ROLE@ based equivalents. ++ + __Syntax:__ + + bc(syntax).. + <create-user-statement> ::= CREATE USER ( IF NOT EXISTS )? <identifier> ( WITH PASSWORD <string> )? (<option>)? + + <option> ::= SUPERUSER + | NOSUPERUSER + p. + + __Sample:__ + + bc(sample). + CREATE USER alice WITH PASSWORD 'password_a' SUPERUSER; + CREATE USER bob WITH PASSWORD 'password_b' NOSUPERUSER; + -By default users do not possess @SUPERUSER@ status. - -"Permissions":#permissions on database resources (keyspaces and tables) are granted to users. -USer names should be quoted if they contain non-alphanumeric characters. ++@CREATE USER@ is equivalent to @CREATE ROLE@ where the @LOGIN@ option is @true@. So, the following pairs of statements are equivalent: + -h4(#createUserPwd). Setting credentials for internal authentication ++bc(sample).. ++CREATE USER alice WITH PASSWORD 'password_a' SUPERUSER; ++CREATE ROLE alice WITH PASSWORD = 'password_a' AND LOGIN = true AND SUPERUSER = true; + -Use the @WITH PASSWORD@ clause to set a password for internal authentication, enclosing the password in single quotation marks. -If internal authentication has not been set up the @WITH PASSWORD@ clause is not necessary. ++CREATE USER IF EXISTS alice WITH PASSWORD 'password_a' SUPERUSER; ++CREATE ROLE IF EXISTS alice WITH PASSWORD = 'password_a' AND LOGIN = true AND SUPERUSER = true; + -h4(#createUserConditional). Creating a user conditionally ++CREATE USER alice WITH PASSWORD 'password_a' NOSUPERUSER; ++CREATE ROLE alice WITH PASSWORD = 'password_a' AND LOGIN = true AND SUPERUSER = false; + -Attempting to create an existing user results in an invalid query condition unless the @IF NOT EXISTS@ option is used. If the option is used and the user exists, the statement is a no-op. ++CREATE USER alice WITH PASSWORD 'password_a' NOSUPERUSER; ++CREATE ROLE alice WITH PASSWORD = 'password_a' WITH LOGIN = true; + -bc(sample). -CREATE USER carlos; -CREATE USER IF NOT EXISTS carlos; ++CREATE USER alice WITH PASSWORD 'password_a'; ++CREATE ROLE alice WITH PASSWORD = 'password_a' WITH LOGIN = true; ++p. + + h3(#alterUserStmt). ALTER USER + + __Syntax:__ + + bc(syntax).. + <alter-user-statement> ::= ALTER USER <identifier> ( WITH PASSWORD <string> )? ( <option> )? + + <option> ::= SUPERUSER + | NOSUPERUSER + p. + + bc(sample). + ALTER USER alice WITH PASSWORD 'PASSWORD_A'; + ALTER USER bob SUPERUSER; + -@ALTER USER@ requires @SUPERUSER@ status, with two caveats: - -* A user cannot alter its own @SUPERUSER@ status -* A user without @SUPERUSER@ status is permitted to modify a subset of it's own properties (e.g. its @PASSWORD@) - + h3(#dropUserStmt). DROP USER + + __Syntax:__ + + bc(syntax).. + <drop-user-stmt> ::= DROP USER ( IF EXISTS )? <identifier> + p. + + __Sample:__ + + bc(sample). + DROP USER alice; + DROP USER IF EXISTS bob; + -@DROP USER@ requires @SUPERUSER@ status, and users are not permitted to @DROP@ themselves. -Attempting to drop a user which does not exist results in an invalid query condition unless the @IF EXISTS@ option is used. If the option is used and the user does not exist the statement is a no-op. - + h3(#listUsersStmt). LIST USERS + + __Syntax:__ + + bc(syntax). + <list-users-stmt> ::= LIST USERS; + + __Sample:__ + + bc(sample). + LIST USERS; + -Return all known users in the system. ++This statement is equivalent to ++ ++bc(sample). ++LIST ROLES; ++ ++but only roles with the @LOGIN@ privilege are included in the output. ++ + + h2(#dataControl). Data Control + + h3(#permissions). Permissions + -Permissions on resources are granted to users and data resources in Cassandra are organized hierarchically, like so: @ALL KEYSPACES@ -> @KEYSPACE@ -> @TABLE@ ++Permissions on resources are granted to roles; there are several different types of resources in Cassandra and each type is modelled hierarchically: + -Permissions can be granted at any level of the hierarchy and they flow downwards. So granting a permission on a resource higher up the chain automatically grants that same permission on all resources lower down. For example, granting @SELECT@ on a @KEYSPACE@ automatically grants it on all @TABLES@ in that @KEYSPACE@. ++* The hierarchy of Data resources, Keyspaces and Tables has the structure @ALL KEYSPACES@ -> @KEYSPACE@ -> @TABLE@ ++* Function resources have the structure @ALL FUNCTIONS@ -> @KEYSPACE@ -> @FUNCTION@ ++* Resources representing roles have the structure @ALL ROLES@ -> @ROLE@ ++ ++Permissions can be granted at any level of these hierarchies and they flow downwards. So granting a permission on a resource higher up the chain automatically grants that same permission on all resources lower down. For example, granting @SELECT@ on a @KEYSPACE@ automatically grants it on all @TABLES@ in that @KEYSPACE@. Likewise, granting a permission on @ALL FUNCTIONS@ grants it on every defined function, regardless of which keyspace it is scoped in. It is also possible to grant permissions on all functions scoped to a particular keyspace. + + Modifications to permissions are visible to existing client sessions; that is, connections need not be re-established following permissions changes. + + The full set of available permissions is: + * @CREATE@ + * @ALTER@ + * @DROP@ + * @SELECT@ + * @MODIFY@ + * @AUTHORIZE@ ++* @DESCRIBE@ ++* @EXECUTE@ + ++Not all permissions are applicable to every type of resource. For instance, @EXECUTE@ is only relevant in the context of functions; granting @EXECUTE@ on a resource representing a table is nonsensical. Attempting to @GRANT@ a permission on resource to which it cannot be applied results in an error response. The following illustrates which permissions can be granted on which types of resource, and which statements are enabled by that permission. + + |_. permission |_. resource |_. operations | + | @CREATE@ | @ALL KEYSPACES@ |@CREATE KEYSPACE@ ==<br>== @CREATE TABLE@ in any keyspace| + | @CREATE@ | @KEYSPACE@ |@CREATE TABLE@ in specified keyspace| ++| @CREATE@ | @ALL FUNCTIONS@ |@CREATE FUNCTION@ in any keyspace ==<br>== @CREATE AGGREGATE@ in any keyspace| ++| @CREATE@ | @ALL FUNCTIONS IN KEYSPACE@ |@CREATE FUNCTION@ in keyspace ==<br>== @CREATE AGGREGATE@ in keyspace| ++| @CREATE@ | @ALL ROLES@ |@CREATE ROLE@| + | @ALTER@ | @ALL KEYSPACES@ |@ALTER KEYSPACE@ ==<br>== @ALTER TABLE@ in any keyspace| + | @ALTER@ | @KEYSPACE@ |@ALTER KEYSPACE@ ==<br>== @ALTER TABLE@ in keyspace| -| @ALTER@ | @TABLE@ |@ALTER TABLE@ ++| @ALTER@ | @TABLE@ |@ALTER TABLE@| ++| @ALTER@ | @ALL FUNCTIONS@ |@CREATE FUNCTION@ replacing any existing ==<br>== @CREATE AGGREGATE@ replacing any existing| ++| @ALTER@ | @ALL FUNCTIONS IN KEYSPACE@ |@CREATE FUNCTION@ replacing existing in keyspace ==<br>== @CREATE AGGREGATE@ replacing any existing in keyspace| ++| @ALTER@ | @FUNCTION@ |@CREATE FUNCTION@ replacing existing ==<br>== @CREATE AGGREGATE@ replacing existing| ++| @ALTER@ | @ALL ROLES@ |@ALTER ROLE@ on any role| ++| @ALTER@ | @ROLE@ |@ALTER ROLE@| + | @DROP@ | @ALL KEYSPACES@ |@DROP KEYSPACE@ ==<br>== @DROP TABLE@ in any keyspace| + | @DROP@ | @KEYSPACE@ |@DROP TABLE@ in specified keyspace| + | @DROP@ | @TABLE@ |@DROP TABLE@| ++| @DROP@ | @ALL FUNCTIONS@ |@DROP FUNCTION@ in any keyspace ==<br>== @DROP AGGREGATE@ in any existing| ++| @DROP@ | @ALL FUNCTIONS IN KEYSPACE@ |@DROP FUNCTION@ in keyspace ==<br>== @DROP AGGREGATE@ in existing| ++| @DROP@ | @FUNCTION@ |@DROP FUNCTION@| ++| @DROP@ | @ALL ROLES@ |@DROP ROLE@ on any role| ++| @DROP@ | @ROLE@ |@DROP ROLE@| + | @SELECT@ | @ALL KEYSPACES@ |@SELECT@ on any table| + | @SELECT@ | @KEYSPACE@ |@SELECT@ on any table in keyspace| + | @SELECT@ | @TABLE@ |@SELECT@ on specified table| + | @MODIFY@ | @ALL KEYSPACES@ |@INSERT@ on any table ==<br>== @UPDATE@ on any table ==<br>== @DELETE@ on any table ==<br>== @TRUNCATE@ on any table| -| @MODIFY@ | @KEYSPACE@ |@INSERT@ on any table in keyspace ==<br>== @UPDATE@ on any table in keyspace ==<br>== @DELETE@ on any table in keyspace ==<br>== @TRUNCATE@ on any table in keyspace ++| @MODIFY@ | @KEYSPACE@ |@INSERT@ on any table in keyspace ==<br>== @UPDATE@ on any table in keyspace ==<br> == @DELETE@ on any table in keyspace ==<br>== @TRUNCATE@ on any table in keyspace + | @MODIFY@ | @TABLE@ |@INSERT@ ==<br>== @UPDATE@ ==<br>== @DELETE@ ==<br>== @TRUNCATE@| + | @AUTHORIZE@ | @ALL KEYSPACES@ |@GRANT PERMISSION@ on any table ==<br>== @REVOKE PERMISSION@ on any table| + | @AUTHORIZE@ | @KEYSPACE@ |@GRANT PERMISSION@ on table in keyspace ==<br>== @REVOKE PERMISSION@ on table in keyspace| + | @AUTHORIZE@ | @TABLE@ |@GRANT PERMISSION@ ==<br>== @REVOKE PERMISSION@ | ++| @AUTHORIZE@ | @ALL FUNCTIONS@ |@GRANT PERMISSION@ on any function ==<br>== @REVOKE PERMISSION@ on any function| ++| @AUTHORIZE@ | @ALL FUNCTIONS IN KEYSPACE@ |@GRANT PERMISSION@ in keyspace ==<br>== @REVOKE PERMISSION@ in keyspace| ++| @AUTHORIZE@ | @ALL FUNCTIONS IN KEYSPACE@ |@GRANT PERMISSION@ in keyspace ==<br>== @REVOKE PERMISSION@ in keyspace| ++| @AUTHORIZE@ | @FUNCTION@ |@GRANT PERMISSION@ ==<br>== @REVOKE PERMISSION@| ++| @AUTHORIZE@ | @ALL ROLES@ |@GRANT ROLE@ grant any role ==<br>== @REVOKE ROLE@ revoke any role| ++| @AUTHORIZE@ | @ROLES@ |@GRANT ROLE@ grant role ==<br>== @REVOKE ROLE@ revoke role| ++| @DESCRIBE@ | @ALL ROLES@ |@LIST ROLES@ all roles or only roles granted to another, specified role| ++| @EXECUTE@ | @ALL FUNCTIONS@ |@SELECT@, @INSERT@, @UPDATE@ using any function ==<br>== use of any function in @CREATE AGGREGATE@| ++| @EXECUTE@ | @ALL FUNCTIONS IN KEYSPACE@ |@SELECT@, @INSERT@, @UPDATE@ using any function in keyspace ==<br>== use of any function in keyspace in @CREATE AGGREGATE@| ++| @EXECUTE@ | @FUNCTION@ |@SELECT@, @INSERT@, @UPDATE@ using function ==<br>== use of function in @CREATE AGGREGATE@| + + + h3(#grantPermissionsStmt). GRANT PERMISSION + + __Syntax:__ + + bc(syntax).. + <grant-permission-stmt> ::= GRANT ( ALL ( PERMISSIONS )? | <permission> ( PERMISSION )? ) ON <resource> TO <identifier> + -<permission> ::= CREATE | ALTER | DROP | SELECT | MODIFY | AUTHORIZE ++<permission> ::= CREATE | ALTER | DROP | SELECT | MODIFY | AUTHORIZE | DESRIBE | EXECUTE + + <resource> ::= ALL KEYSPACES + | KEYSPACE <identifier> + | ( TABLE )? <tablename> ++ | ALL ROLES ++ | ROLE <identifier> ++ | ALL FUNCTIONS ( IN KEYSPACE <identifier> )? ++ | FUNCTION <functionname> + p. + + __Sample:__ + + bc(sample). -GRANT SELECT ON ALL KEYSPACES TO alice; ++GRANT SELECT ON ALL KEYSPACES TO data_reader; ++ ++This gives any user with the role @data_reader@ permission to execute @SELECT@ statements on any table across all keyspaces ++ ++bc(sample). ++GRANT MODIFY ON KEYSPACE keyspace1 TO data_writer; ++ ++This give any user with the role @data_writer@ permission to perform @UPDATE@, @INSERT@, @UPDATE@, @DELETE@ and @TRUNCATE@ queries on all tables in the @keyspace1@ keyspace ++ ++bc(sample). ++GRANT DROP ON keyspace1.table1 TO schema_owner; + -This gives @alice@ permissions to execute @SELECT@ statements on any table across all keyspaces ++This gives any user with the @schema_owner@ role permissions to @DROP@ @keyspace1.table1@. + + bc(sample). -GRANT MODIFY ON KEYSPACE keyspace1 TO bob; ++GRANT EXECUTE ON FUNCTION keyspace1.user_function( int ) TO report_writer; + -This gives @bob@ permissions to perform @UPDATE@, @INSERT@, @UPDATE@, @DELETE@ and @TRUNCATE@ queries on all tables in the @keyspace1@ keyspace ++This grants any user with the @report_writer@ role permission to execute @SELECT@, @INSERT@ and @UPDATE@ queries which use the function @keyspace1.user_function( int )@ + + bc(sample). -GRANT DROP ON keyspace1.table1 TO carlos; ++GRANT DESCRIBE ON ALL ROLES TO role_admin; ++ ++This grants any user with the @role_admin@ role permission to view any and all roles in the system with a @LIST ROLES@ statement ++ ++h4(#grantAll). GRANT ALL ++ ++When the @GRANT ALL@ form is used, the appropriate set of permissions is determined automatically based on the target resource. + -This gives @carlos@ permissions to @DROP@ @keyspace1.table1@. ++h4(#autoGrantPermissions). Automatic Granting ++ ++When a resource is created, via a @CREATE KEYSPACE@, @CREATE TABLE@, @CREATE FUNCTION@, @CREATE AGGREGATE@ or @CREATE ROLE@ statement, the creator (the role the database user who issues the statement is identified as), is automatically granted all applicable permissions on the new resource. + + + h3(#revokePermissionsStmt). REVOKE PERMISSION + + __Syntax:__ + + bc(syntax).. + <revoke-permission-stmt> ::= REVOKE ( ALL ( PERMISSIONS )? | <permission> ( PERMISSION )? ) ON <resource> FROM <identifier> + -<permission> ::= CREATE | ALTER | DROP | SELECT | MODIFY | AUTHORIZE ++<permission> ::= CREATE | ALTER | DROP | SELECT | MODIFY | AUTHORIZE | DESRIBE | EXECUTE + + <resource> ::= ALL KEYSPACES + | KEYSPACE <identifier> + | ( TABLE )? <tablename> ++ | ALL ROLES ++ | ROLE <identifier> ++ | ALL FUNCTIONS ( IN KEYSPACE <identifier> )? ++ | FUNCTION <functionname> + p. + + __Sample:__ + + bc(sample).. -REVOKE SELECT ON ALL KEYSPACES FROM alice; -REVOKE MODIFY ON KEYSPACE keyspace1 FROM bob; -REVOKE DROP ON keyspace1.table1 FROM carlos; ++REVOKE SELECT ON ALL KEYSPACES FROM data_reader; ++REVOKE MODIFY ON KEYSPACE keyspace1 FROM data_writer; ++REVOKE DROP ON keyspace1.table1 FROM schema_owner; ++REVOKE EXECUTE ON FUNCTION keyspace1.user_function( int ) FROM report_writer; ++REVOKE DESCRIBE ON ALL ROLES FROM role_admin; + p. + + h4(#listPermissionsStmt). LIST PERMISSIONS + + __Syntax:__ + + bc(syntax).. + <list-permissions-stmt> ::= LIST ( ALL ( PERMISSIONS )? | <permission> ) + ( ON <resource> )? + ( OF <identifier> ( NORECURSIVE )? )? + + <resource> ::= ALL KEYSPACES + | KEYSPACE <identifier> + | ( TABLE )? <tablename> ++ | ALL ROLES ++ | ROLE <identifier> ++ | ALL FUNCTIONS ( IN KEYSPACE <identifier> )? ++ | FUNCTION <functionname> + p. + + __Sample:__ + + bc(sample). + LIST ALL PERMISSIONS OF alice; + -Show all permissions granted to @alice@. ++Show all permissions granted to @alice@, including those acquired transitively from any other roles. + + bc(sample). + LIST ALL PERMISSIONS ON keyspace1.table1 OF bob; + -Show all permissions on @keyspace1.table1@ granted to @bob@. This also includes any permissions higher up the resource hierarchy which can be applied to @keyspace1.table1@. For example, should @bob@ have @ALTER@ permission on @keyspace1@, that would be included in the results of this query. Adding the @NORECURSIVE@ switch restricts the results to only those permissions which were directly granted to @bob@. ++Show all permissions on @keyspace1.table1@ granted to @bob@, including those acquired transitively from any other roles. This also includes any permissions higher up the resource hierarchy which can be applied to @keyspace1.table1@. For example, should @bob@ have @ALTER@ permission on @keyspace1@, that would be included in the results of this query. Adding the @NORECURSIVE@ switch restricts the results to only those permissions which were directly granted to @bob@ or one of @bob@'s roles. + + bc(sample). + LIST SELECT PERMISSIONS OF carlos; + -Show any permissions granted to @carlos@, limited to @SELECT@ permissions on any resource. ++Show any permissions granted to @carlos@ or any of @carlos@'s roles, limited to @SELECT@ permissions on any resource. h2(#types). Data Types @@@ -1579,15 -1439,12 +2006,19 @@@ CQL distinguishes between _reserved_ an | @COUNT@ | no | | @COUNTER@ | no | | @CREATE@ | yes | ++| @DATE@ | no | | @DECIMAL@ | no | | @DELETE@ | yes | | @DESC@ | yes | - | @DETERMINISTIC@ | no | ++| @DESCRIBE@ | yes | ++| @DETERMINISTIC@ | no | ++| @DISTINCT@ | no | | @DOUBLE@ | no | | @DROP@ | yes | | @EACH_QUORUM@ | yes | ++| @EXECUTE@ | yes | +| @FUNCTION@ | no | +| @FINALFUNC@ | no | | @FLOAT@ | no | | @FROM@ | yes | | @GRANT@ | yes | @@@ -1619,9 -1472,7 +2050,11 @@@ | @PERMISSIONS@ | no | | @PRIMARY@ | yes | | @QUORUM@ | yes | +| @REPLACE@ | yes | +| @RETURNS@ | no | | @REVOKE@ | yes | ++| @ROLE@ | no | ++| @ROLES@ | no | | @SCHEMA@ | yes | | @SELECT@ | yes | | @SET@ | yes | @@@ -1631,6 -1480,6 +2064,7 @@@ | @SUPERUSER@ | no | | @TABLE@ | yes | | @TEXT@ | no | ++| @TIME@ | no | | @TIMESTAMP@ | no | | @TIMEUUID@ | no | | @THREE@ | yes | @@@ -1651,9 -1500,7 +2085,7 @@@ | @WHERE@ | yes | | @WITH@ | yes | | @WRITETIME@ | no | --| @DISTINCT@ | no | - | @DATE@ | no | - | @TIME@ | no | ++ h2(#appendixB). Appendix B: CQL Reserved Types @@@ -1673,12 -1520,6 +2105,13 @@@ h2(#changes). Change The following describes the changes in each version of CQL. +h3. 3.3.0 + +* User-defined functions are now supported through "@CREATE FUNCTION@":#createFunctionStmt and "@DROP FUNCTION@":#dropFunctionStmt, +* User-defined aggregates are now supported through "@CREATE AGGREGATE@":#createAggregateStmt and "@DROP AGGREGATE@":#dropAggregateStmt. +* Allows double-dollar enclosed strings literals as an alternative to single-quote enclosed strings. ++* Introduces Roles to supercede user based authentication and access control + h3. 3.2.0 * User-defined types are now supported through "@CREATE TYPE@":#createTypeStmt, "@ALTER TYPE@":#alterTypeStmt, and "@DROP TYPE@":#dropTypeStmt