Row-Level security
In the first part of this chapter, you learned about the permissions on database objects, including objects with data, namely tables, views, and table-valued, user-defined functions. Sometimes you need to give permissions to end users in a more granular way. For example, you might need to give permissions to a specific user to read and update only a subset of columns in the table, and to see only a subset of rows in a table.
You can use programmable objects, such as stored procedures, to achieve these granular permission needs. You can use declarative permissions with the DCL statements GRANT
, REVOKE
, and DENY
on the column level already available in previous versions of SQL Server. However, SQL Server 2016 also offers declarative ...
Get SQL Server 2016 Developer's Guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.