Schema design in Cassandra, for efficient tables, will grate against your RDBMS experience; for efficiency, the Cassandra prefers denormalization, not normalization. By this, I mean that if you have some user information and you want to look up that data using two different primary keys, then using Cassandra, it actually is better to use two tables (and duplicate the data). Yes, this means more storage space, but it also allows for faster reads.
As a side note, based on my own experiences, I would recommend against using a secondary index, and instead simply use another table. Secondary indexes in Cassandra are treated a little differently, with background threads which update the indexes periodically; this makes reading from an index not quite as reliable (i.e. more likely to surprise you, in a not good way) than just using a table.
Thus I would recommend something like the following two tables for your needs:
CREATE TABLE users (
id TIMEUUID PRIMARY KEY,
user UUID,
friend UUID
);
CREATE TABLE friends (
id TIMEUUID,
user UUID,
friend UUID,
PRIMARY KEY (user, friend)
);
This second table would let you do your CQL query:
SELECT * FROM friends WHERE user = ?
Notice that this friends table uses a compound primary key. This allows there to be multiple friend values associated with that single user value.
One of the downsides of this multiple-table approach is that your application code now has to be responsible for writing into both tables for a single "update", and you have to deal with any potential skew/reconciliation. Cassandra achieves its performance, in many ways, by avoiding enforcing of foreign key constraints and such and leaving that to the application.
Hope this helps!
You can't, because that would require rewriting all your data on disk in a different order, while resorting at runtime until the rewrite was done, which would result in an unacceptable hit to performance. You'll need to create a new table and bulk-load it in.
Best Answer
I don't think this is possible natively. The Cassandra role-based permissions as shown here show that granting a user MODIFY includes both UPDATE (which is effectively INSERT) and DELETE. You can't select which one you want.
Check out this blog entry I found, though and see if there's anything useful there. It looks like you could do read or write only permissions. Maybe if you can do write-only permissions you can limit the user from being able to delete a table or keyspace.
Hope this helps point you in the right direction.
-em