Advertisement
PavloSerg

Лаба роли

Apr 6th, 2023 (edited)
1,384
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
T-SQL 3.87 KB | None | 0 0
  1. ---------------------РУКОВОДИТЕЛЬ---------------------
  2. --1) Создание роли и выдача прав
  3. create role DirectorRole
  4. go
  5. grant control to DirectorRole
  6.  
  7. --2) Создание пользователя и назначение роли
  8. create user DirectorUserTest without login
  9. go
  10. alter role DirectorRole add member DirectorUserTest
  11. go
  12.  
  13. --3) Тестирование доступа
  14.  
  15. --3.0) Мы точно директор
  16. execute as user = 'DirectorUserTest'
  17. select user
  18. revert
  19.  
  20. --3.1) Селект случайной таблицы
  21. execute as user = 'DirectorUserTest'
  22. select *
  23. from SeregaTheDed_SQLLogin_1.users;
  24. revert
  25.  
  26. --3.2) Селект случайного вью
  27. execute as user = 'DirectorUserTest'
  28. select *
  29. from SeregaTheDed_SQLLogin_1.DatesAndOrdersAtDate;
  30. revert
  31.  
  32. --3.3) Вызов случайной процедуры
  33. execute as user = 'DirectorUserTest'
  34. execute SeregaTheDed_SQLLogin_1.GetMenuToday;
  35. revert
  36.  
  37.  
  38. --3.4) Селект случайной фукнции
  39. execute as user = 'DirectorUserTest'
  40. select *
  41. from SeregaTheDed_SQLLogin_1.GetCustomerList();
  42. revert
  43.  
  44.  
  45.  
  46. ---------------------ПРОСТОЙ_СОТРУДНИК---------------------
  47. --1) Создание роли и выдача прав
  48. create role EmployeeRole
  49. go
  50.  
  51. grant select on SeregaTheDed_SQLLogin_1.categories(name) TO EmployeeRole
  52. grant update, select on SeregaTheDed_SQLLogin_1.config(next_order_day, last_time_to_do_order) TO EmployeeRole
  53. grant all privileges on SeregaTheDed_SQLLogin_1.orders(customer_name, date, status_id) TO EmployeeRole
  54. grant all privileges on SeregaTheDed_SQLLogin_1.positions(status_id, date, product_id_first, product_id_second, customer_name, user_id, with_sauce, price) TO EmployeeRole
  55. grant update, select, insert on SeregaTheDed_SQLLogin_1.products TO EmployeeRole
  56. grant all privileges on SeregaTheDed_SQLLogin_1.rel_orders_products TO EmployeeRole
  57. grant select on SeregaTheDed_SQLLogin_1.statuses to EmployeeRole
  58.  
  59. grant execute on SeregaTheDed_SQLLogin_1.PrintProductsTopAtAllDates to EmployeeRole
  60. grant execute on SeregaTheDed_SQLLogin_1.GetMenuToday to EmployeeRole
  61. grant select on SeregaTheDed_SQLLogin_1.GetRollbackCustomer to EmployeeRole
  62.  
  63.  
  64.  
  65. go
  66. --2) Создание пользователя и назначение роли
  67. create user EmployeeUserTest without login
  68. go
  69. alter role EmployeeRole add member EmployeeUserTest
  70. go
  71.  
  72. --3) Тестирование доступа
  73.  
  74. --3.0) Мы точно работник НЕТ ПРАВ
  75. execute as user = 'EmployeeUserTest'
  76. select user
  77. revert
  78.  
  79. --3.1) Селект случайной таблицы НЕТ ПРАВ
  80. execute as user = 'EmployeeUserTest'
  81. select *
  82. from SeregaTheDed_SQLLogin_1.users;
  83. revert
  84.  
  85. --3.2) Селект случайного вью НЕТ ПРАВ
  86. execute as user = 'EmployeeUserTest'
  87. select *
  88. from SeregaTheDed_SQLLogin_1.DatesAndOrdersAtDate;
  89. revert
  90.  
  91. --3.3) Вызов случайной процедуры НЕТ ПРАВ
  92. execute as user = 'EmployeeUserTest'
  93. execute SeregaTheDed_SQLLogin_1.GetMenuToday;
  94. revert
  95.  
  96.  
  97. --3.4) Селект случайной фукнции НЕТ ПРАВ
  98. execute as user = 'EmployeeUserTest'
  99. select *
  100. from SeregaTheDed_SQLLogin_1.GetCustomerList();
  101. revert
  102.  
  103. --3.5) Все категории
  104. execute as user = 'EmployeeUserTest'
  105. select *
  106. from SeregaTheDed_SQLLogin_1.categories
  107. revert
  108. --С учетом прав:
  109. execute as user = 'EmployeeUserTest'
  110. select name
  111. from SeregaTheDed_SQLLogin_1.categories
  112. revert
  113.  
  114. --3.6) Выполнение функции, на которую выданы правы
  115. execute as user = 'EmployeeUserTest'
  116. select *
  117. from SeregaTheDed_SQLLogin_1.GetRollbackCustomer()
  118. revert
  119.  
  120. --3.7) Выполнение хранимой процедуры, на которую выданы правы
  121. execute as user = 'EmployeeUserTest'
  122. execute SeregaTheDed_SQLLogin_1.GetMenuToday
  123. revert
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement