Recently, need to use the database row-level control method, check information, finally there are instructions on the Microsoft web site to see, is as follows: https://docs.microsoft.com/zh-cn/dotnet/framework/data/adonet/sql/granting-row-level-permissions-in-sql-server? View=xamarinios - 10.8
Articles, SQL Server 2016 offers row-level security functions, can be used to simplify the line level access logic, and centralized security policy for the early version of SQL Server, can be done by using views make row-level screening similar functionality,
I was the 2014 version, but the specific how to operate I don't understand, has an experienced man to guide operation for an instance for me? Thank you very much!

CodePudding user response:

Does not allow the user to only allow access to the view, the view of limit the number of rows,
Business class staff is only allowed to see, for example, business related data, is:

The create view view_ business
As
Select * from tableName where type='business'
Go

Then set the business class users can only access this view,

CodePudding user response:

reference 1/f, gypsy song response:

does not allow the user to only allow access to the view, the view of limit the number of rows,
Business class staff is only allowed to see, for example, business related data, is:

The create view view_ business
As
Select * from tableName where type='business'
Go

And then set up the business class users can only access this view,

Thank you very much, I also want to ask a question, is what I want to build a user admin, can only to the database data table under aaabata CCC create account and authorization, check, change, add, delete, and then other can do anything, what all can't see, can only according to the data table CCC is authorized to operate and account to give the minimum permissions, can achieve?

CodePudding user response:

I do a test test, the test table CCC
Create a login admin, the password 123456

Close test to satisfy your requirements

 - 1. Create a login name 
USE [master] 
GO 
The CREATE LOGIN/admin WITH the PASSWORD=N '123456', DEFAULT_DATABASE=[test], CHECK_EXPIRATION=OFF, CHECK_POLICY=OFF 
GO 
Create user 
 - 2.USE [test] 
GO 
The CREATE USER/admin FOR LOGIN/admin 
GO 
- 3. Assign permissions to users 
GRANT INSERT, DELETE, UPDATE, SELECT ON CCC TO [admin] 

CodePudding user response:

Moderators, your statement, seems only to the operation of the data table, but cannot account set-up, prompt without permission, how to change?

CodePudding user response:

reference gypsy song reply: 3/f

I do a testing library test, test form in CCC
Create a login admin, the password 123456

Close test to satisfy your requirements

 - 1. Create a login name 
USE [master] 
GO 
The CREATE LOGIN/admin WITH the PASSWORD=N '123456', DEFAULT_DATABASE=[test], CHECK_EXPIRATION=OFF, CHECK_POLICY=OFF 
GO 
Create user 
 - 2.USE [test] 
GO 
The CREATE USER/admin FOR LOGIN/admin 
GO 
- 3. Assign permissions to users 
GRANT INSERT, DELETE, UPDATE, SELECT ON CCC TO [admin] 

Moderators, your statement, seems only to the operation of the data table, but cannot account set-up, prompt without permission, how to change?

CodePudding user response:

reference 5 floor qq_18911551 reply:

Quote: refer to the third floor of gypsy song response:

I do a testing library test, test form in CCC
Create a login admin, the password 123456

Close test to satisfy your requirements

 - 1. Create a login name 
USE [master] 
GO 
The CREATE LOGIN/admin WITH the PASSWORD=N '123456', DEFAULT_DATABASE=[test], CHECK_EXPIRATION=OFF, CHECK_POLICY=OFF 
GO 
Create user 
 - 2.USE [test] 
GO 
The CREATE USER/admin FOR LOGIN/admin 
GO 
- 3. Assign permissions to users 
GRANT INSERT, DELETE, UPDATE, SELECT ON CCC TO [admin] 

Moderators, your statement, seems only to the operation of the data table, but cannot account set-up, prompt without permission, how to change?

The admin to create a new account?

CodePudding user response:

refer to 6th floor gypsy song response:

Quote: refer to the fifth floor qq_18911551 reply:

Quote: refer to the third floor of the gypsy song response:

I do a testing library test, test form in CCC
Create a login admin, the password 123456

Close test to satisfy your requirements

 - 1. Create a login name 
USE [master] 
GO 
The CREATE LOGIN/admin WITH the PASSWORD=N '123456', DEFAULT_DATABASE=[test], CHECK_EXPIRATION=OFF, CHECK_POLICY=OFF 
GO 
Create user 
 - 2.USE [test] 
GO 
The CREATE USER/admin FOR LOGIN/admin 
GO 
- 3. Assign permissions to users 
GRANT INSERT, DELETE, UPDATE, SELECT ON CCC TO [admin] 

Moderators, your statement, seems only to the operation of the data table, but cannot account set-up, prompt without permission, how to change?

The admin to create a new account?

Yeah, I didn't mean to CCC and table creation account authorization, and then the operating authority, after all, is to create the administrator account, how can not establish account management, just want to limit the administrators, let it can give CCC data table creation account, and not to other data table creation account, can achieve

CodePudding user response:

Why no one notice? This problem can't be done? Should not be?

CodePudding user response:

Feel your direction is a little problem,

If it is a database level permissions, other people also is same, don't use the same is ok?
Don't need a login name,

If the user is using website or application, where the back limits not ok?

CodePudding user response:

references 9 f gypsy song response:

feel your direction is a little problem,

If it is a database level permissions, other people also is same, don't use the same is ok?
Don't need a login name,

If the user is using website or application, where the back limits not ok?

Made a database used for registration of personnel information, the front-end interface in excel, leading one meaning for an account, because involves the responsibility, the registration mistake should be responsible, so can't Shared an account, so you need to distribute to others with an administrator account account, where restrictions, I am afraid that others write their own instructions to bypass the restrictions to modify their permissions, like this do you have any good solution?