sqlserver 限制用户只能访问指定的视图
项目中有一个需求,要求给其它单位提供数据,我们用到了视图,并要求不能让他们看到数据库中的其它数据,我们为其创建了单独的账号,并只能看到指定视图
一、创建视图
CREATE VIEW [dbo].[v_Insurance_abroadPerson] AS SELECT TOP (100) PERCENT e.ReceivedletterNumber AS groupId, e.Principle AS ContactName, e.Email
FROM dbo.Ea AS e INNER JOIN dbo.chgrymd AS p ON p.xmbh = e.ReceivedletterNumber
INNER JOIN dbo.unitinfo AS u ON u.dm = e.unit_code
INNER JOIN dbo.ryk AS r ON r.xmbm = p.xmbm INNER JOIN dbo.Purpose AS pp ON e.mission_type = pp.Id
ORDER BY p.groupid
二、创建用户,并为用户指定访问该视图的权限
1、创建角色 seeviewForInsurance
exec sp_addrole 'seeviewForInsurance'
2、结角色赋查看视图的权限,视图名为:v_Insurance_abroadPerson 角色名为创建的角色 seeviewForInsurance
grant select on v_Insurance_abroadPerson to seeviewForInsurance
3、创建用户,并为用户指定默认的数据库,用户名:abroadInsurance 密码:12345abc123! 默认的数据库:cnpc
exec sp_addlogin 'abroadInsurance','12345abc123!','cnpc'
4、将用户和角色进行绑定 ‘用户’,‘密码’,‘角色’
exec sp_adduser 'abroadInsurance','12345abc123!','seeviewForInsurance'
注:这个密码如果长度和强度不够的话是执行不了的。