Scribd Logo
Upload

Welcome to Scribd!

  • Phân quyền trong SQL SERVER

    Uploaded by

    Tuấn Nguyễn
    14 views12 pages
    Phân quyền trong SQL SERVER

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Phân quyền trong SQL SERVER

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    14 views12 pages

    Phân quyền trong SQL SERVER

    Uploaded by

    Tuấn Nguyễn
    Phân quyền trong SQL SERVER

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 12

    PHN QUYN TRONG

    SQL SERVER

    Phan Hin

    GII THIU
    S phn chia kh nng qun tr v s dng
    h qun tr c s d liu SQL Server.
    Hnh thnh theo c cu

    Ngi

    ng nhp (login)
    Ngi dng (user)
    Quyn hn (permission)
    Nhm quyn (role)

    Ngi ng nhp c th hin l mi mt


    ngi dng vi mt s quyn hn ng vi
    mt d liu.

    GII THIU
    Login

    SQL Service

    User & Permission & Role

    Database

    Log in
    1

    R1
    SQL Server

    R2

    P
    3

    NG NHP (LOGIN)

    To ngi ng nhp
    exec
    sp_addlogin
    tn_login , mt_khu [, d_liu]

    create login tn_login


    with
    password = mt_khu
    [, default_database = d_liu ]
    4

    NG NHP (LOGIN)

    Xa ngi ng nhp
    exec
    sp_droplogin

    tn_login

    drop login tn_login


    Thay i ngi ng nhp
    alter login { [enable | disable]
    | with { password =
    | default_database = }
    }
    5

    NGI DNG (USER)


    To ngi dng cho tng d liu
    exec
    sp_adduser tn_login , tn_user
    [ , tn_role ]
    create user tn_user for tn_login
    Xa ngi dng
    exec
    sp_dropuser tn_user

    drop user

    tn_user
    6

    NHM QUYN (ROLE)

    To nhm quyn
    exec
    sp_addrole tn_role

    create role tn_user


    Xa nhm quyn
    exec
    sp_droprole
    drop role

    tn_role

    tn_role
    7

    NGI DNG & NHM QUYN

    Gn ngi dng vi nhm quyn


    exec sp_addrolemember
    tn_role , tn_user

    Xa nhm quyn
    exec sp_droprolemember
    tn_role , tn_user
    8

    QUYN HN (PERMISSION)

    To quyn hn
    Grant {ALL | permission}
    on table[ (column [,n])]
    to { user | role [, n] }
    [with grant option]
    with grant option : c php gn li quyn
    m mnh c cho ngi khc.
    9

    QUYN HN (PERMISSION)

    Xa quyn hn
    Revoke [grant option for] {ALL | permission}
    on table[ (column [,n])]
    to { user | role [, n] }
    [cascade]
    grant option for : b tnh nng cp li quyn
    cho ngi khc (quyn vn c gi li).
    cascade: b tt c cc quyn ( cc k tha)
    10

    V D

    ng nhp sa
    Exec sp_addlogin u1, 123
    Exec sp_addlogin u2, 123
    Exec sp_adduser u1, u1
    Exec sp_adduser u2, u2
    Grant select on sinhvien to u1 with grant option
    u1

    c quyn dng 2 lnh


    - Select * from sinhvien
    - Grant select on sinhvien to u2 [with grant option]
    11

    V D

    ng nhp vi u1
    Grant select on sinhvien to u2 with grant option
    Vy u2 c quyn select v grant.

    ng nhp vi sa
    Revoke select on sinhvien to u1 cascade
    Xa ht quyn select v grant u1 v c u2
    Revoke grant option for
    select on sinhvien to u1 cascade
    Xa quyn grant u1
    v quyn select v grant u2

    12

    You might also like