-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path7 lab.sql
146 lines (90 loc) · 3.49 KB
/
7 lab.sql
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
USE TV
GO
SELECT session_id FROM sys.dm_exec_sessions WHERE login_name = 'login_test'
kill 51
EXECUTE sp_droplogin 'login_test'
EXECUTE sp_dropuser 'user_test'
CREATE LOGIN login_test WITH PASSWORD = '0000'
CREATE USER user_test FOR LOGIN login_test
------
--Проверка прав доступа у user_test
EXECUTE AS user = 'user_test'
BEGIN TRAN
SELECT * FROM EMPLOYEE
SELECT EMPLOYEE.first_name FROM EMPLOYEE
UPDATE [CONTRACT]
SET hire_date = '25.10.2020' WHERE contract_id = 1
INSERT DANGER(danger_id, [level], [description]) VALUES(5, 5, 'Атомная война')
DELETE FROM REPORT_MAKERS
WHERE CONTRACT_id = 1
ROLLBACK
REVERT
------
--Присвоить новому пользователю права SELECT, INSERT, UPDATE в полном объеме на одну таблицу
GRANT INSERT, SELECT, UPDATE ON DANGER TO user_test
EXECUTE AS USER = 'user_test'
BEGIN TRAN
SELECT * FROM DANGER
SELECT * FROM CHANNEL
UPDATE DANGER
SET [description] = 'Безболезненно'
WHERE danger_id = 1
INSERT DANGER(danger_id, [level], [description]) VALUES(5, 5, 'Атомная война')
DELETE FROM DANGER
WHERE danger_id = 1
ROLLBACK
REVERT
REVOKE INSERT, SELECT, UPDATE TO user_test
-----
--Для одной таблицы новому пользователю присвоим права SELECT и UPDATE только избранных столбцов.
GRANT SELECT, UPDATE ON REPORT (event_id, [type_id], [name]) TO user_test
EXECUTE AS USER = 'user_test'
BEGIN TRAN
SELECT * FROM REPORT
SELECT event_id, [type_id], [name] FROM REPORT
UPDATE REPORT
SET quality_id = 1
WHERE event_id = 3
UPDATE REPORT
SET [type_id] = 3
WHERE event_id = 3
ROLLBACK
REVERT
REVOKE SELECT, UPDATE TO user_test
------
--Для одной таблицы новому пользователю присвоим только право SELECT.
GRANT SELECT ON EMPLOYEE TO user_test;
EXECUTE AS USER = 'user_test'
SELECT * FROM CHANNEL
SELECT * FROM EMPLOYEE
UPDATE EMPLOYEE
SET country_id = 2
WHERE employee_id = 1
REVERT
REVOKE SELECT TO user_test
------
--Присвоим новому пользователю право доступа (SELECT) к представлению, созданному в лабораторной работе №5.
GRANT SELECT ON v3 TO user_test
EXECUTE AS USER = 'user_test'
SELECT * FROM v1
SELECT * FROM v3
REVERT
REVOKE SELECT TO user_test
------
--Cоздать стандартную роль уровня базы данных, присвоить ей право доступа (SELECT, UPDATE на некоторые столбцы) к представлению,
--созданному в лабораторной работе №5, назначить новому пользователю созданную роль.
CREATE ROLE role_test
GRANT SELECT, UPDATE ON v3 (reporter_first_name, reporter_last_name, report_date) TO role_test
EXECUTE sp_addrolemember 'role_test', 'user_test'
EXECUTE AS USER = 'user_test'
BEGIN TRAN
SELECT reporter_first_name, reporter_last_name, report_date FROM v3
UPDATE v3 SET reporter_first_name = 'Топоровкий', reporter_last_name = 'Владислав'
WHERE report_date = '31.12.2019'
ROLLBACK
REVERT
-----
EXECUTE sp_droprolemember 'role_test', 'user_test'
EXECUTE sp_droprole 'role_test'
EXECUTE sp_dropuser 'user_test'
EXECUTE sp_droplogin 'login_test'