Professional Documents
Culture Documents
Phân quyền trong SQL SERVER
Phân quyền trong SQL SERVER
SQL SERVER
Phan Hin
GII THIU
S phn chia kh nng qun tr v s dng
h qun tr c s d liu SQL Server.
Hnh thnh theo c cu
Ngi
ng nhp (login)
Ngi dng (user)
Quyn hn (permission)
Nhm quyn (role)
GII THIU
Login
SQL Service
Database
Log in
1
R1
SQL Server
R2
P
3
NG NHP (LOGIN)
To ngi ng nhp
exec
sp_addlogin
tn_login , mt_khu [, d_liu]
NG NHP (LOGIN)
Xa ngi ng nhp
exec
sp_droplogin
tn_login
drop user
tn_user
6
To nhm quyn
exec
sp_addrole tn_role
tn_role
tn_role
7
Xa nhm quyn
exec sp_droprolemember
tn_role , tn_user
8
QUYN HN (PERMISSION)
To quyn hn
Grant {ALL | permission}
on table[ (column [,n])]
to { user | role [, n] }
[with grant option]
with grant option : c php gn li quyn
m mnh c cho ngi khc.
9
QUYN HN (PERMISSION)
Xa quyn hn
Revoke [grant option for] {ALL | permission}
on table[ (column [,n])]
to { user | role [, n] }
[cascade]
grant option for : b tnh nng cp li quyn
cho ngi khc (quyn vn c gi li).
cascade: b tt c cc quyn ( cc k tha)
10
V D
ng nhp sa
Exec sp_addlogin u1, 123
Exec sp_addlogin u2, 123
Exec sp_adduser u1, u1
Exec sp_adduser u2, u2
Grant select on sinhvien to u1 with grant option
u1
V D
ng nhp vi u1
Grant select on sinhvien to u2 with grant option
Vy u2 c quyn select v grant.
ng nhp vi sa
Revoke select on sinhvien to u1 cascade
Xa ht quyn select v grant u1 v c u2
Revoke grant option for
select on sinhvien to u1 cascade
Xa quyn grant u1
v quyn select v grant u2
12