Re: Restricting access to rows of table(s)+WRITE rights in SQLsrvr2k

From: Wayne Snyder (wsnyder@computeredservices.com)
Date: 08/21/02 

From: "Wayne Snyder" <wsnyder@computeredservices.com>
Date: Wed, 21 Aug 2002 10:57:57 -0700

If a view satisified your requirements, perhaps you could create 2 views,
one with select permissions and another with select, insert, update, delete
permissions. 

--
Wayne Snyder, MCDBA, SQL Server MVP
Computer Education Services Corporation (CESC), Charlotte, NC
www.computeredservices.com
(Please respond only to the newsgroups.)
I support the Professional Association of SQL Server (PASS) and it community
of SQL Server professionals.
www.sqlpass.org
"Ivan" <imalakov@yahoo.com> wrote in message
news:4ccf01c24860$2d6f89e0$3aef2ecf@TKMSFTNGXA09...
> The recent days I asked how to restrict the access of
> users by records(to table, which includes a field/column,
> indicating the group of users(ROLE),having access to the
> record/row.
> I am grateful to the guys, that responded. According to
> the answers it could be done by view, checking the Role of
> the current user and then returning the allowed records.
> I understood this, but then it came to my mind, that this
> is not enough for users with rights also to Write the
> allowed records, not only to read them.
> I supposed, there should be some kind of temporary table
> or cursor to store the results(for updating) of the query
> (for each connection), but then synchronisation problems
> will occur..
> So it's better if it could be done directly(by UPDATE
> statement?)
> The actual situation is:
> -in the old database (on SQLserver2000), having no access
> restrictions(especially on rows), there is a big table
> (about 5000 rows incl. many fields +pictures ),to which
> the access shold be restricted(on rows) by a view?,
> replacing the table. SO there won't be PROBLEMS(changes
> needed) with the many other Forms,Views and tables,
> previously querying the old table
> -There should be 2 kinds of Roles- 1 only with Read right
> and the other-with Read+WRITE(Update+Delete+Insert) rights.
>
> Thank you for your attention!
> Can s.b answer me on the additional question?
>
>

Relevant Pages

  • RE: Security Question
    ... You will give the clients connect rights to the server. ... Give that application role permissions to the tables. ... In your application before you run the report active the application role ... As a dept we are transitioning out of Access and into SQL Server ...
    (microsoft.public.sqlserver.security)
  • Re: Determining Users Effective Rights
    ... thanks for the reply - PERMISSIONS only works for the ... only shows the Roles' rights. ... >> I am using Windows 2000 and SQL Server 2000 in Windows ...
    (microsoft.public.sqlserver.security)
  • Re: Login with no Fixed Server Role and DB Role can stop SQL Agent Service?
    ... Yup - somehow the user has windows security rights to control services - we ... This posting is provided "AS IS" with no warranties, and confers no rights. ... >> a Window 2000 Login with Domain User default permissions, ... Forget about SQL Server for the moment. ...
    (microsoft.public.sqlserver.security)
  • Re: Unable to Backup on Network
    ... The correct permissions will be set if using Enterprise ... Manager to change the service accounts. ... Change the SQL Server or SQL Server Agent Service ... >> Also we have given FULL CONTROL rights to the target directory. ...
    (microsoft.public.sqlserver.security)
  • Re: Using script to list users and their allocated security
    ... Now that I think about it, I doubt the views include permissions obtained ... Wayne Snyder, MCDBA, SQL Server MVP ... community of SQL Server professionals. ... > a SQL Server 2000 database with read permissions or write permissions via ...
    (microsoft.public.sqlserver.server)