cuiyi's blog（崔毅 crazycy）

记录点滴鉴往事之得失以资于发展

数据加载中……

SQLServer Create Login/Create User/Grant Privildges to a userName

above refer to uri

If you want to give your user all read permissions, you could use:

EXEC sp_addrolemember N'db_datareader', N'your-user-name'

That adds the default db_datareader role (read permission on all tables) to that user.

There's also a db_datawriter role - which gives your user all WRITE permissions (INSERT, UPDATE, DELETE) on all tables:

EXEC sp_addrolemember N'db_datawriter', N'your-user-name'

If you need to be more granular, you can use the GRANT command:

GRANT SELECT, INSERT, UPDATE ON dbo.YourTable TO YourUserName
GRANT SELECT, INSERT ON dbo.YourTable2 TO YourUserName
GRANT SELECT, DELETE ON dbo.YourTable3 TO YourUserName

and so forth - you can granularly give SELECT, INSERT, UPDATE, DELETE permission on specific tables.

by me:

If you want to give your user permissions to execute a procedure, you could use:

GRANT EXECUTE ON OBJECT::dbo.your_procedure_name TO N'your-user-name';

below is a full step to create a user db_user, and give him permissions to execute a procedure to a table db_tableABC and a procedureproc_get_price_data; assuming the user's loginName is your_user_login_name

--add a db engine login

IF NOT EXISTS(SELECT name FROM sys.server_principals WHERE name='{your_domain\}your_user_login_name')
CREATE LOGIN [{your_domain\}your_user_login_name] WITH PASSWORD='your_user_password', DEFAULT_DATABASE = TestDB;

--add a user to current database
use TestDB;
IF NOT EXISTS (SELECT * FROM sys.database_principals WHERE name='db_user')
CREATE USER [db_user] FOR LOGIN [{your_domain\}your_user_login_name];

--grant
GRANT INSERT, UPDATE, SELECT, DELETE ON dbo.db_tableABC TO your_user;
GRANT EXECUTE ON OBJECT::dbo.proc_get_price_data TO your_user;

e.g.
assuming a user named domain123\admin1 can access a database;

IF EXISTS(SELECT name FROM sys.server_principals WHERE name = '[domain123\admin1]')
BEGIN
   IF NOT EXISTS (SELECT * FROM sys.database_principals WHERE name = 'admin1')
   BEGIN
        CREATE USER [admin1] FOR LOGIN [domain123\admin1];
   END
   GRANT INSERT, UPDATE, SELECT, DELETE ON dbo.db_tableABC TO admin1;
   GRANT EXECUTE ON OBJECT::dbo.GET_PRICE_DATA TO admin1;
END

posted on 2013-07-11 12:52 crazycy 阅读(691) 评论(0) 编辑收藏所属分类: DBMS

新用户注册刷新评论列表


只有注册用户登录后才能发表评论。




网站导航: 博客园 IT新闻知识库 C++博客博问管理
相关文章: Database-001 MySQL存储引擎MyISAM与InnoDB的主要区别对比 (转） index study - 001 NoSQL学习（九） 2014年八大最热门的大数据工作 NoSQL学习（八）大数据要“落地”，还缺些什么？ NoSQL学习（七）Hadoop是数据仓库的终结者吗? NoSQL学习（六） 2014年大数据分析趋势展望(转) NoSQL学习（五）Cassandra vs MongoDB vs CouchDB vs Redis vs Riak vs HBase vs Couchbase vs Neo4j vs Hypertable vs ElasticSearch vs Accumulo vs VoltDB vs Scalaris comparison NoSQL非关系型数据库学习（四）这样对比下HBase, Memcached, MongoDB, Redis和Solr NoSQL非关系型数据库学习（三）NoSQL与RDBMS：何时使用，何时不使用 NoSQL非关系型数据库学习（二）

cuiyi's blog（崔毅 crazycy）

SQLServer Create Login/Create User/Grant Privildges to a userName

导航

我参与的团队

随笔分类

相册

积分与排名

最新评论

阅读排行榜