sql - Sqlserver stored procedure to execute DML on behalf of another user -


requirement:

user can log in ss instance, has access database x. user has no other access objects.

database x has stored_proc called "sp_exec_dml" takes dml string , executes it. stored proc would(should?) run owner x.

does database x, or stored procedure ""sp_exec_dml" need access other dbs/objects.

for example

user executes

exec x..sp_exec_dml n"update z..table set ..................."

i hope makes sense. come oracle background how permissions granted , grantees can confusing.

do databases or stored procedures have access granted them

thanks

according msdn : (url : https://msdn.microsoft.com/en-us/library/ms345484.aspx )

to grant permissions on stored procedure

in object explorer, connect instance of database engine , expand instance.  expand databases, expand database in procedure belongs, , expand programmability.  expand stored procedures, right-click procedure grant permissions on, , click properties.  stored procedure properties, select permissions page.  grant permissions user, database role, or application role, click search.  in select users or roles, click object types add or clear users , roles want.  click browse display list of users or roles. select users or roles whom permissions should granted.  in explicit permissions grid, select permissions grant specified user or role. description of permissions,

see permissions (database engine).

selecting grant indicates grantee given specified permission. selecting grant indicates grantee able grant specified permission other principals.

this link explains few concepts : (url : https://dba.stackexchange.com/questions/6878/sql-server-stored-procedure-permissions )

stored procedures take advantage of ownership chaining provide access data users not need have explicit permission access database objects. ownership chain exists when objects access each other sequentially owned same user. example, stored procedure can call other stored procedures, or stored procedure can access multiple tables. if objects in chain of execution have same owner, sql server checks execute permission caller, not caller's permissions on other objects. therefore need grant execute permissions on stored procedures; can revoke or deny permissions on underlying tables.


Comments

Post a Comment

Popular posts from this blog

javascript - Google App Script ContentService downloadAsFile not working -

i have web app developed using google app script htmlservice , html form, populating excel sheet in google drive using spreadsheetapp . , 1 section calling contentservice download data excel file. function doget(e) { // read excel sheet //getappfile(); // render application html template return htmlservice.createtemplatefromfile('index').evaluate() .settitle('go smart') .setsandboxmode(htmlservice.sandboxmode.iframe); } function downloaddoublequatecsvfile() { var sheetid = propertiesservice.getscriptproperties().getproperty('sheetid'); var ss = spreadsheetapp.openbyid(sheetid).getactivesheet(); //var ss = spreadsheetapp.getactivespreadsheet().getactivesheet(); var maxcolumn = ss.getlastcolumn(); var maxrow = ss.getlastrow(); var data = ss.getrange(1, 1, maxrow, maxcolumn).getvalues(); if (data.length > 1) { var csv = ""; (var row = 0; row < data.length; row++) { (var c...
Read more

javascript - Function overwritting -

is there way overwrite function or event handling in function? using addeventlistener, can have many event handlers on element want var test=document.getelementbyid("div"); test.addeventlistener("click",function(){alert("im first");},false); test.addeventlistener("click",function(){alert("im second");},false); // alerts "im first" , after "im second" but if want overwrite function/event example based on client width example this function one() { alert("first"); } function two() { alert("second"); } window.onresize = function() { var test = document.getelementbyid("div"); if (window.innerwidth > 500) { test.onclick = 1 } else { test.onclick = two; } } is possible in javascript? in case use effective little known approach. addeventlistener can accept object property handleevent event handler. in case it's easy overwr...
Read more

php - Find a regex to take part of Email -

i have following emails need extract part from: bestellnummer xxx: 1 von xxx, 1er pack ------------- anfang der nachricht ------------- foo bar baz foo bar baz // <<<<< need text here ------------- ende der nachricht ------------- ------------- anfang der nachricht ------------- foo bar baz foo bar baz ------------- ende der nachricht ------------- there 0 unlimited occurences of ------------- anfang der nachricht ------------- ------------- ende der nachricht ------------- and i'm able extract first part regex: $re = "/------------- .*? -------------.?(.*?).?------------- .*? -------------/s"; but, i'm quite new on learning regex, i'm pretty sure there must better regex extract part (foo bar baz foo bar baz) of text between ------------- anfang der nachricht ------------- ------------- ende der nachricht ------------- as can in different languages, i'm using .? to match between hyphens. i...
Read more