Question: Create three user accounts that will demonstrate different access capabilities. SQLCopy CREATE USER Manager WITHOUT LOGIN; CREATE USER Sales1 WITHOUT LOGIN; CREATE USER Sales2 WITHOUT

Create three user accounts that will demonstrate different access capabilities.

SQLCopy

CREATE USER Manager WITHOUT LOGIN; CREATE USER Sales1 WITHOUT LOGIN; CREATE USER Sales2 WITHOUT LOGIN;

Create a simple table to hold data.

Copy

CREATE TABLE Sales ( OrderID int, SalesRep sysname, Product varchar(10), Qty int );

Populate the table with 6 rows of data, showing 3 orders for each sales representative.

Copy

INSERT Sales VALUES (1, 'Sales1', 'Valve', 5), (2, 'Sales1', 'Wheel', 2), (3, 'Sales1', 'Valve', 4), (4, 'Sales2', 'Bracket', 2), (5, 'Sales2', 'Wheel', 5), (6, 'Sales2', 'Seat', 5); -- View the 6 rows in the table SELECT * FROM Sales;

Grant read access on the table to each of the users.

Copy

GRANT SELECT ON Sales TO Manager; GRANT SELECT ON Sales TO Sales1; GRANT SELECT ON Sales TO Sales2;

Create a new schema, and an inline table valued function. The function returns 1 when a row in the SalesRep column is the same as the user executing the query (@SalesRep = USER_NAME()) or if the user executing the query is the Manager user (USER_NAME() = 'Manager').

Copy

CREATE SCHEMA Security; GO CREATE FUNCTION Security.fn_securitypredicate(@SalesRep AS sysname) RETURNS TABLE WITH SCHEMABINDING AS RETURN SELECT 1 AS fn_securitypredicate_result WHERE @SalesRep = USER_NAME() OR USER_NAME() = 'Manager';

Create a security policy adding the function as a filter predicate. The state must be set to ON to enable the policy.

Copy

CREATE SECURITY POLICY SalesFilter ADD FILTER PREDICATE Security.fn_securitypredicate(SalesRep) ON dbo.Sales WITH (STATE = ON);

Now test the filtering predicate, by selected from the Sales table as each user.

Copy

EXECUTE AS USER = 'Sales1'; SELECT * FROM Sales; REVERT; EXECUTE AS USER = 'Sales2'; SELECT * FROM Sales; REVERT; EXECUTE AS USER = 'Manager'; SELECT * FROM Sales; REVERT;

The Manager should see all 6 rows. The Sales1 and Sales2 users should only see their own sales.

Alter the security policy to disable the policy.

Copy

ALTER SECURITY POLICY SalesFilter WITH (STATE = OFF);

Use code of above example to change implementation of short_address scenario from using views to using Row level security

Provide step-by-step instructions and screenshot to show that your code works correctly above

Step by Step Solution

There are 3 Steps involved in it

1 Expert Approved Answer
Step: 1 Unlock blur-text-image
Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock
Step: 3 Unlock

Students Have Also Explored These Related Databases Questions!

Q:

Database Administration CHAPTER OBJECTIVES I Understand the need for and importance of database I ttno'illI the meaning of ACID transaction administralin - Learn the tour 1992 ANSI standard isolation...

Q:

MINI-PROJECT Implement a Software-Engineering Process stages by selecting any topic which is mention below or you can select your desired any other topic. Website Administration Airport checking-in...

Q:

PLEASE READ CAREFULLY THE CASE STUDY PROVIDED AND FEEL FREE TO ADD HERE YOUR COMMENTS FOR EXAMPLE LIKES DISLIKES WORDS OR PHRASES YOU DO NOT UNDERSTAND ANY COMMENTS THAT WILL IMPROVE THE DIALOGUE...

Q:

Due Week 4: Work Breakdown Structure According to the PMBOK Guide, "the WBS is a deliverableoriented hierarchical decomposition of the work to be executed by the project team, to accomplish the...

Q:

BBUS 4701: Business Policy and Strategy Yahoo 2012 Annual Report Assignment 4 By Yahoo! Yahoo!. (2012). Yahoo 2012 Annual Report. Retrieved from: http://investor.yahoo.net/annuals.cfm 2 01 2 A N N UA...

Q:

Table of Contents Main Objective of the assessment 1 Description of the Assessment 1 Learning Outcomes and Marking Criteria. 4 Format of the Assessment 6 Submission Instructions. 7 Avoiding...

Q:

This assignment gives you the opportunity to examine a real software requirements specification. This will give you the chance to become more familiar with the different elements in an SRS. For this...

Q:

Your manager has provided you the following matrix and asked that you use it to complete the design assessment phase of your testing. The manager has already performed a preliminary survey, and has...

Q:

When 'Ameen' Turns into a Thief: A Case of Weak Internal Controls in a Commercial Bank Abstract This study gives an overview of different operational activities taking place at a bank's branch at any...

Q:

55 When 'Ameen' Turns into a Thief: A Case of Weak Internal Controls in a Commercial Bank Ali Abdullah1, Shafiullah Jan2, Adnan Malik3 Abstract This study gives an overview of different operational...

Q:

You are provided with the following data on the NHC. The company has stable earnings growth of 10% per annum and maintains a constant dividend pay-out ratio. The ratios in the table below are...

Q:

Prove that a unit in a ring R cannot be a proper divisor of zero.

Q:

25. Each of the following items must be considered in preparing a statement of cash flows. Indicate where each item is to be reported in the statement, if at all. Assume that net income is reported...

Q:

Exercise 3-4A (Algo) Prepaid items on financial statements LO 3-2 Life, Incorporated experienced the following events in Year 1, its first year of operation: 1. Performed counseling services for...

Q:

LO4 List options for development needs analyses.

Q:

1. Integrated talent management is the new buzzword. Rather than considering each aspect of creating a talent pipeline as a separate process, companies are beginning to integrate all processes to...

Q:

2. Global leadership development is an important business activity. The globalization of business means that employees at all levels must be up- skilled to work effectively with colleagues around the...