Questões Comentadas - BD
(Cespe)Para atribuir permissões de acesso a objetos do SGDB Windows SQL 2000,
utilizamos os comandos GRANT, REVOKE e DENY.
O comando "Revoke select on TbUsuario from Carlos" retira o direito de acesso select à tabela TbUsuario ao usuário Carlos
permitindo que ele tenha acesso através de condição de membro de grupo que possua o direito.
Managing Database Permissions
You can assign database permissions by the database owner, members of sysadmin, and members of securityadmin. The available permissions include
• Grant: Gives permission to perform the related task. With roles, all members of the role inherit the permission.
• Revoke: Removes prior grant permission but doesn't explicitly prevent a user or role from performing a task. A user or role could still inherit grant permission from another role.
• Deny: Explicitly denies permission to perform a task and prevents the user or role from inheriting the permission. Deny takes precedence over all other grant permissions.
Note: Deny is a Transact-SQL command and isn't part of the ANSI SQL-92 standard.
Sample 5-13 REVOKE Syntax and Usage
Syntax
REVOKE {ALL | statement[,...n]}
FROM security_account[,...n]
REVOKE [GRANT OPTION FOR]
{ALL [PRIVILEGES] | permission[,...n]}
{
[(column[,...n])] ON {table | view}
| ON {table | view}[(column[,...n])]
| {stored_procedure | extended_procedure}
}
{TO | FROM}
security_account[,...n]
[CASCADE]
[AS {group | role}]
Usage
REVOKE CREATE TABLE, CREATE DEFAULT
FROM Devs, Testers
REVOKE INSERT, UPDATE, DELETE
FROM Users, [GALAXY\Sales]
Revoke select on TbUsuario from Carlos
http://www.microsoft.com/technet/prodtechnol/sql/2000/books/c05ppcsq.mspx
utilizamos os comandos GRANT, REVOKE e DENY.
O comando "Revoke select on TbUsuario from Carlos" retira o direito de acesso select à tabela TbUsuario ao usuário Carlos
permitindo que ele tenha acesso através de condição de membro de grupo que possua o direito.
Managing Database Permissions
You can assign database permissions by the database owner, members of sysadmin, and members of securityadmin. The available permissions include
• Grant: Gives permission to perform the related task. With roles, all members of the role inherit the permission.
• Revoke: Removes prior grant permission but doesn't explicitly prevent a user or role from performing a task. A user or role could still inherit grant permission from another role.
• Deny: Explicitly denies permission to perform a task and prevents the user or role from inheriting the permission. Deny takes precedence over all other grant permissions.
Note: Deny is a Transact-SQL command and isn't part of the ANSI SQL-92 standard.
Sample 5-13 REVOKE Syntax and Usage
Syntax
REVOKE {ALL | statement[,...n]}
FROM security_account[,...n]
REVOKE [GRANT OPTION FOR]
{ALL [PRIVILEGES] | permission[,...n]}
{
[(column[,...n])] ON {table | view}
| ON {table | view}[(column[,...n])]
| {stored_procedure | extended_procedure}
}
{TO | FROM}
security_account[,...n]
[CASCADE]
[AS {group | role}]
Usage
REVOKE CREATE TABLE, CREATE DEFAULT
FROM Devs, Testers
REVOKE INSERT, UPDATE, DELETE
FROM Users, [GALAXY\Sales]
Revoke select on TbUsuario from Carlos
http://www.microsoft.com/technet/prodtechnol/sql/2000/books/c05ppcsq.mspx
Comentários