API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 7th, 2017
67
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.03 KB | None | 0 0
raw download clone embed print report
  1. CREATE LOGIN testdev WITH PASSWORD = 'sldkjlkjlkj 987kj//'
  2.  
  3. CREATE USER testdev
  4.  
  5. GRANT ALTER ON SCHEMA::dbo TO testdev
  6. GRANT CREATE PROCEDURE TO testdev
  7. GRANT SELECT, INSERT, UPDATE, DELETE ON SCHEMA::dbo TO testdev
  8.  
  9. CREATE TABLE mysig (a int NOT NULL)
  10. EXECUTE AS USER = 'testdev'
  11. go
  12.  
  13. CREATE PROCEDURE slaskis AS PRINT 12
  14. go
  15.  
  16. CREATE TABLE hoppsan(a int NOT NULL) -- FAILS!
  17. go
  18.  
  19. INSERT mysig (a) VALUES(123)
  20. go
  21.  
  22. REVERT
  23. go
  24.  
  25. DROP PROCEDURE slaskis
  26. DROP TABLE mysig
  27. DROP USER testdev
  28. DROP LOGIN testdev
  29.  
  30. --** Create a Developer Role
  31. CREATE ROLE [Developer] AUTHORIZATION db_securityadmin;
  32. GO
  33.  
  34. --** Grant view and execute on all SPs to Devloper
  35. --GRANT VIEW DEFINITION ON SCHEMA::dbo TO [Developer];
  36. GRANT CREATE PROCEDURE TO [Developer];
  37. GRANT SELECT, INSERT, UPDATE, DELETE, ALTER, EXECUTE, VIEW DEFINITION ON SCHEMA::dbo TO [Developer]
  38.  
  39. --** Create user and login for testdev and add to the Developer role
  40. CREATE LOGIN testdev WITH PASSWORD = 'sldkjlkjlkj987kj'
  41. CREATE USER testdev
  42. EXEC sp_addrolemember @rolename = 'Developer', @membername = 'testdev';
  43. GO
  44.  
  45. --** Create DDL trigger to deny drop and alter to the Developer role
  46. CREATE TRIGGER tr_db_DenyDropAlterTable_Dev
  47. ON DATABASE
  48. FOR DROP_TABLE, ALTER_TABLE
  49. AS
  50. BEGIN
  51. IF IS_MEMBER('Developer') = 1
  52. BEGIN
  53. PRINT 'You are not authorized to alter or drop a table.';
  54. ROLLBACK TRAN;
  55. END;
  56. END;
  57. GO
  58.  
  59. --** Testing
  60. CREATE TABLE mysig (a int NOT NULL) ;
  61.  
  62. EXECUTE AS USER = 'testdev';
  63. GO
  64.  
  65. CREATE PROCEDURE slaskis AS PRINT 12;
  66. GO
  67.  
  68. CREATE TABLE hoppsan(a int NOT NULL); -- FAILS!
  69. GO
  70.  
  71. INSERT mysig (a) VALUES(123);
  72. GO
  73.  
  74. ALTER TABLE mysig ADD test INT; --** This will fail too
  75. GO
  76.  
  77. REVERT;
  78. GO
  79.  
  80. DROP PROCEDURE slaskis ;
  81. DROP TABLE mysig ;
  82. DROP USER testdev;
  83. DROP LOGIN testdev;
  84. DROP ROLE [Developer];
  85. DROP TRIGGER tr_db_DenyDropAlterTable_Dev on DATABASE;
  86.  
  87. USE PermissionDB;
  88. ---Select Your database
  89. CREATE ROLE Employee;
  90. ---Create role
  91. CREATE USER Employee1 Without Login;
  92. ---Create User
  93.  
  94. ----Execute the Above query
  95. EXEC sp_addrolemember @rolename = 'Employee', @membername = 'Employee1';
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!