Results 1 to 3 of 3
  1. #1
    Join Date
    Oct 2013
    Posts
    1

    Post Unanswered: restrict application user with specific data

    hey
    i am using sql server 2008R2 and i want to restrict my application user to view only the data(ships) related to him only.

    We have database and many vessels with many owners, basically wants the owner could only view his owned vessels not the vessel owned by another owner.

    Kindly help me with this as this really urgent.

    Thanks

  2. #2
    Join Date
    Jan 2007
    Location
    UK
    Posts
    11,434
    Provided Answers: 10
    Assuming you've identified the owner in your application you need to pass this as a parameter to your queries.

    Something like the following air-code
    Code:
    SELECT list
         , of
         , fields
    FROM   ships
    WHERE  EXISTS (
             SELECT owner
             FROM   ships_owners
             WHERE  ship_id = ships.ship_id
             AND    owner_id = @owner_id
           )
    George
    Home | Blog

  3. #3
    Join Date
    Dec 2007
    Location
    Richmond, VA
    Posts
    1,328
    Provided Answers: 5
    we had done it a little differently in another app, where a client could have many users, but we only want those users to see that client's data.

    at logon we would set the sqlid = to the client id

    then we had views on our tables and all app programs used views no direct table access. the view looked like:

    Code:
    select all, columns, in, the, table,
       from first_table
    where client_id = current sqlid;

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •