Phan Hin*

S phn chia kh nng qun tr v s dng h qun tr c s d liu SQL Server.Hnh thnh theo c cuNgi ng nhp (login)Ngi dng (user)Quyn hn (permission)Nhm quyn (role)Ngi ng nhp c th hin l mi mt ngi dng vi mt s quyn hn ng vi mt d liu.

*

1234R1R2LoginSQL ServiceUser & Permission & RoleDatabase

Log inSQL ServerP*

To ngi ng nhp

exec sp_addlogin tn_login , mt_khu [, d_liu]

create login tn_login with password = mt_khu [, default_database = d_liu ]*

Xa ngi ng nhp

exec sp_droplogin tn_login

drop login tn_login Thay i ngi ng nhp

alter login { [enable | disable] | with { password = | default_database = } }*

To ngi dng cho tng d liu

exec sp_adduser tn_login , tn_user[ , tn_role ]create user tn_user for tn_loginXa ngi dng

exec sp_dropuser tn_userdrop user tn_user*

To nhm quyn

exec sp_addrole tn_role

create role tn_roleXa nhm quyn

exec sp_droprole tn_roledrop role tn_role*

Gn ngi dng vi nhm quyn

exec sp_addrolemember tn_role , tn_user

Xa nhm quyn

exec sp_droprolemember tn_role , tn_user*

To quyn hn

Grant {ALL | permission} on table[ (column [,n])] to { user | role [, n] }[with grant option]

with grant option : c php gn li quyn m mnh c cho ngi khc.*

Xa quyn hn

Revoke [grant option for] {ALL | permission} on table[ (column [,n])] to { user | role [, n] }[cascade]

grant option for : b tnh nng cp li quyn cho ngi khc (quyn vn c gi li).cascade: b tt c cc quyn ( cc k tha)*

ng nhp sa

Exec sp_addlogin u1, 123Exec sp_addlogin u2, 123Exec sp_adduser u1, u1Exec sp_adduser u2, u2Grant select on sinhvien to u1 with grant option

u1 c quyn dng 2 lnh - Select * from sinhvien - Grant select on sinhvien to u2 [with grant option]*

ng nhp vi u1

Grant select on sinhvien to u2 with grant optionVy u2 c quyn select v grant.ng nhp vi sa

Revoke select on sinhvien to u1 cascade Xa ht quyn select v grant u1 v c u2Revoke grant option for select on sinhvien to u1 cascade Xa quyn grant u1 v quyn select v grant u2*

*

*