stored procedures - Storing DATABASE_PRINCIPAL_ID in sql server table -

-

we're using stored procedures restrict access of of our database users. need access specific parts of database (not tables/views, specific rows), , sproc should check if user allowed see table rows he's requesting.

to store authorization rules, we're planning use table dbo.authrules that:

|id|userid  |accessfrom  |accessto    | ... =============================================== | 1|       1| 01.01.2013 | 31.12.2013 | ... | 2|       2| 31.05.2012 | 31.12.2015 | ...

the stored procedure query table check if current user has access requested data. to make clear: cannot use grant permission because need fine-grained access rules down rows in db.

we're not sure userid column. best solution kind of foreign key system view sys.database_principals, there no foreign keys views.

  • should store principal_id column of sys.database_principals, without constraint?
  • would better store name column instead of principal_id?
  • are there other options store reference db user?

q: should store principal_id column of sys.database_principals, without constraint?

a: if evaluating constraint-based solution, don't have choice. however, if willing write trigger, way @ least 'virtually' create constraint. otherwise have reference system sysowners table , isn't possible without hacking.

q: better store name column instead of principal_id?

a: answer have ask what-if question. if principal_id changes? if name changes? updates/deletes? rather have id-based solution.

q: there other options store reference db user?

a: stated in answer#1, don't think there possibilities except creating trigger...


Comments

Post a Comment

Popular posts from this blog

javascript - Laravel datatable invalid JSON response -

-
everything work fine on code below fetch user logs: js: <script> $(document).ready(function () { var table =$('#systemlogs').datatable({ responsive: true, processing: true, serverside: true, "language": { "url": "/datatables/media/plug-in/persian.json" }, ajax: '{!! url('/admin/systemlogs/data/systemlogsdatatable') !!}', columns: [ { data: 'name', name: 'name' }, { data: 'message_text', name: 'message_text' }, { data: 'remote_addr', name: 'remote_addr' }, { data: 'log_created_at', name: 'management_logs.created_at' }, { data: 'log_updated_at', name: 'management_logs.updated_at' }, ] }); }); </script> routes: route::get('/systemlogs/data/systemlogsdatatable','systemlogscontrolle...
Read more

java - Exception in thread "main" org.springframework.context.ApplicationContextException: Unable to start embedded container; -

-
i getting error when run spring application: exception in thread "main" org.springframework.context.applicationcontextexception: unable start embedded container; nested exception org.springframework.context.applicationcontextexception: unable start embeddedwebapplicationcontext due missing embeddedservletcontainerfactory bean. @ org.springframework.boot.context.embedded.embeddedwebapplicationcontext.onrefresh(embeddedwebapplicationcontext.java:124) @ org.springframework.context.support.abstractapplicationcontext.refresh(abstractapplicationcontext.java:476) @ org.springframework.boot.context.embedded.embeddedwebapplicationcontext.refresh(embeddedwebapplicationcontext.java:109) @ org.springframework.boot.springapplication.refresh(springapplication.java:691) @ org.springframework.boot.springapplication.run(springapplication.java:320) @ org.springframework.boot.springapplication.run(springapplication.java:952) @ org.springframework.boot.springa...
Read more

sql server 2008 - My Sql Code Get An Error Of Msg 245, Level 16, State 1, Line 1 Conversion failed when converting the varchar value '8:45 AM' to data type int -

-
msg 245, level 16, state 1, line 1 conversion failed when converting varchar value '8:45 am' data type int. script declare @specimenid bigint = 0, @script varchar(max); declare @starttime int = (select convert(int,substring(start_time,0,charindex(':', start_time)) - 12) appt appt._id=112601) --select @starttime set @script = 'select distinct ptlast_name + '', '' + pt.first_name patient_name, dbo.formatdate(pt.dob,''mm/dd/yyyy'') dob, (convert(varchar, (datediff(yy, dob, appt_date) - case when (month(dob) > month(appt_date)) or (month(dob) = month(appt_date) , day(dob) > day(appt_date)) 1 else 0 end)) + ''/'' + convert(varchar, (datediff(m, dateadd(yy, (datediff(yy, dob, appt_date) - case when (month(dob) > month(appt_date)) or (month(dob) = month(appt_date) , day(dob) > day(appt_date)) 1 else 0 end), d...
Read more