On 1/16/26 13:15, Marcelo Fernandes wrote:
> Those operations do different things, sure.
>
> But from a roles/privilege framework perspective, why would you want to give
> certain users the DELETE privilege whereas others you want to give them
> only the TRUNCATE privilege?
>
> Are we saying to a user that "You need a different level of privilege because
> you are about to cause a MVCC-unsafe operation?".
The thing I see as difference worthy of separation is:
"CASCADE
Automatically truncate all tables that have foreign-key references
to any of the named tables, or to any tables added to the group due to
CASCADE.
"
Now the same end result can be done with:
delete from some_table:
where the FK's pointing at some_table have ON CASCADE DELETE. The
difference being a DBA has the option of creating the FKs with ON
CASCADE NO ACTION which would throw an error. In other words you can
prevent an unconstrained DELETE on some_table from removing all the
child records. With TRUNCATE ... CASCADE, you cannot, the potential for
harm is greater.
>
> Or is the privilege framework simply ruling "Do different things, have
> different permissions"?
>
> Marcelo.
>
--
Adrian Klaver
adrian.klaver@aklaver.com
