Hi,
Is there a possibility to allow a user only for a particular view, without allowing him to open the tables directly ?
Couldn't find a way, probably overlooking. As soon reader-access is allowed on the table, the table is accesable directly, which I want to avoid
Thx
PS : I'm using Windows authentication
9 4596 ck9663 2,878
Recognized Expert Specialist
Use VIEWS
Happy coding.
-- CK
Hi,
In the URL you gave, under "Views As A Security Tool", the description matches exactly what I want to do.
My problem is, I don't get the security correct. If I don't give reader-access on the table, the view isn't useable. Meaning the table can be accessed directly via ODBC, what I don't want.
How can I restrict and have the view accessable ?
PS : I'm using SQL Server 2005
ck9663 2,878
Recognized Expert Specialist
You can limit the access of any user to any object as long as you have the necessary rights to do so. However, if the user logging in knows the username and password of someone who have read/write access, of course he can access the tables either via ODBC or the console
-- CK
Sure, I know that. And I have all the rights to do anything I want.
But, I'm still stuck with my question : how to give rights on a view without giving reader access on the table ?
I'm sure I'm overlooking something, so if someone could give me a clue where to do so. The "protection " tab for views doesn't allow setting the reader-access, only column-granting
What I want to achieve : only views connectable (either via application or by odbc), and only for those users (Windows-authentication) granted for the view.
ck9663 2,878
Recognized Expert Specialist
I don't get it.
You have a table. You have users. You allow them to connect to your db. But you don't want them to see your tables? What are these users going to do with their connection anyway?
-- CK
Delerna 1,134
Recognized Expert Top Contributor
Why does it matter if they can open the table as well as the view through the odbc.
They have to connect with a user profile that you give them and if that user only has read access to the table then, even if they do open the table through the odbc, they can't do anything except read from it.
Hi,
You need to deny permissions on the tables but allow select permission on the view. I tested this using SQL Express then using odbc and excel to test access - and it worked fine. The user logged in and could not see the tables but could see the view. The user was not a member of any group that may have select permission on the tables.
As far as I have always understood it- much of the purpose of a view is for this exact reason - to deny access to table data, as views may only contain a subset of the data, i.e. department specific/user specific. At least that is the way we use views ;-). Often users should not be allowed to even read certain table data - payroll for example, but may need a small piece of info from that table, hence a view.
JinxT.
Delerna 1,134
Recognized Expert Top Contributor
Yes its true, by connecting a user to SQLServer through some front end they can only see what is given them.
But I think the point of wquatan's question (he will correct me if I am wrong) is that by giving a user access to the table, then a user who knows what they are doing can gain access to what you didn't intend them to have, by creating their own "front end"
A stored procedure might be a good way to hide your tables yet return the information you're looking for.
Sign in to post your reply or Sign up for a free account.
Similar topics |
by: Kofi |
last post by:
I need just the names of tables, views and sprocs within a SQL Server
database. What's the easiest way to do this?
|
by: Ezekiël |
last post by:
Hello,
I need some help with implenting the following:
I recently migrated from access to sql server and i now i want to use
maintainable permissions on my tables, views, etc. The access database will
serve as a front-end.
I've created for testing purposes an testaccount with only a public role to
access to my database.
|
by: sk |
last post by:
I have an applicaton in which I collect data for different parameters
for a set of devices. The data are entered into a single table, each
set of name, value pairs time-stamped and associated with a device.
The definition of the table is as follows:
CREATE TABLE devicedata
(
device_id int NOT NULL REFERENCES devices(id), -- id in the device
|
by: Joe |
last post by:
I am using Access 2003 and are linking to an Oracle 9i ODBC datasource
(using Oracle ODBC drivers). After linking the tables in Access, I inspect
the data contained in the linked tables. For tables that involve a number
field as the primary key, the data is returned successfully. For tables
that involve a character field (e.g. CHAR(3) or VARCHAR(10)) as the primary
key, I have the correct number of rows returned, but the data displayed...
|
by: Lewis Veale |
last post by:
I have an Access 2000 front-end pointing at a SQL Server backend, with
around 80 linked tables and views. I frequently need to point the
front-end at different versions of the back-end, and achieve this by
relinking the tables and views to use a different DSN.
I use the Linked Table Manager > Select All > and tick the 'always
prompt for a new location' box, then click OK. It correctly pops up
the 'select data source' box, from which I...
| |
by: T.S.Negi |
last post by:
Hello All,
I want to Find out list of tables, views and stored procedure used in vb form.
If any body have any idea about it, pls.let me know.
Thanx in adv.
T.S.Negi
|
by: serge |
last post by:
SQL BPA says the following:
"One or more objects are referencing tables/views without
specifying a schema! Performance and predictability of the
application may be improved by specifying schema names."
"When SQL Server looks up a table/view without a schema
qualification, it first searches the default schema and then the
'dbo' schema. The default schema corresponds to the current
user for ad-hoc batches, and corresponds to the schema...
|
by: JC |
last post by:
I created an updateable view, which joins two tables, in a DB2 UDB
database. The view was made updateable by the creation of an "instead
of" trigger. I'd like to use this view for updates via QMF for Windows
or DB2 Table Editor. However, when I try to update from either of
these tools, I receive an SQL0150 error. Is there anything I can do to
allow the updates, such as update the READONLY value for the view in
the catalog table? ...
|
by: rsmccli |
last post by:
I posted this in a different forum, but wanted to see what people had to say here.
Access 2002.
This is probably a dumb question but I am not very well versed in Access security.
I have created a number of forms where users from different companies will input employee data into our database.
It would appear that all users of this database will require the ability to read, insert, update, and delete data in tables and queries in the...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
| |
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
| |
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| |