sql server - SQL owner chaining -

-

basically have front end application called adminprogram. in sql server have role called adminprogramusers.

now role has permissions various sps , but, crucially, there no select permission on table. see or modify done through sps.

now i've written new sp them. have had no choice use dynamic sql, constructing actual sql query in string variable called @finalquery , running execute @finalquery.

now getting lot of user doesn't have access tables, needed either grant selects columns in question, solution won't work due internal politics.

the other thing seem understand need use execute as somehow. have googled, i'm struggling right.

and pre-emptively answer couple of questions, there no option use dynamic sql in sp displeasure, we're talking sql server 2005 , there no way of signing sps certificates (mainly dba flip nut @ prospect of complicated).

so... think answer lies somewhere in execute ownership chaining... need know how it... assuming role available adminprogramusers...

the current solution have is:

create sp mysp declare @finaltable (columns)  declare @finalquery set @finalquery = "execute caller select blah blah"  insert  @finaltable  execute (@querystring) user ='adminprogramusers'

do more processing on @finaltable

select * @finaltable

the error is:

unexpected error in sp cannot execute database principal because principal "adminprogramusers" not exist, type of principal cannot impersonated, or not have permission.

here excerpt ms documentation execute on sql server 2005:

the user or login name specified in { login | user } = ' name ' must exist principal in sys.database_principals or sys.server_principals, respectively, or statement fail. additionally, impersonate permissions must granted on principal. unless caller database owner or member of sysadmin fixed server role, principal must exist when user accessing database or instance of sql server through windows group membership.

in code feed execute role user or login expected instead.

the above text not clear if don't read this:

login

specifies context impersonated login. scope of impersonation server.

user

specifies context impersonated user in current database. scope of impersonation restricted current database. context switch database user not inherit server-level permissions of user.

you can specify user or login impersonation context; a role neither login nor user.


Comments

Post a Comment

Popular posts from this blog

java - Oracle EBS .ClassNotFoundException: oracle.apps.fnd.formsClient.FormsLauncher.class ERROR -

-
i need in configuring java on machine because, when try loading forms, loader goes in circles , gives error: java.lang.classnotfoundexception: oracle.apps.fnd.formsclient.formslauncher.class @ sun.plugin2.applet.applet2classloader.findclass(unknown source) @ sun.plugin2.applet.plugin2classloader.loadclass0(unknown source) @ sun.plugin2.applet.plugin2classloader.loadclass(unknown source) @ sun.plugin2.applet.plugin2classloader.loadclass(unknown source) @ java.lang.classloader.loadclass(unknown source) @ sun.plugin2.applet.plugin2classloader.loadcode(unknown source) @ sun.plugin2.applet.plugin2manager.createapplet(unknown source) @ sun.plugin2.applet.plugin2manager$appletexecutionrunnable.run (unknown source) @ java.lang.thread.run(unknown source) i have tried re-installing firefox, older versions of java runtime environments, disabling proxy. what missing? application working on other machines. i spent around 100 hours finding s
Read more

c# - how to use buttonedit in devexpress gridcontrol -

-
Image
i trying create gridcontrol buttonedit in 1 of columns. when user clicks button edit, popups form select product. when selection done on popup, returns datarow selection main grid below. but when column loses focus, value wrote column disappear. here code creates gridcontrol's data , buttonedit's click event. private void frmsiparisnew_load(object sender, eventargs e) { dt = new datatable(); dt.columns.add("malzeme_kodu",typeof(string)); dt.columns.add("malzeme_aciklama", typeof(string)); dt.columns.add("adet", typeof(decimal)); dt.columns.add("birim", typeof(string)); dt.columns.add("fiyat", typeof(decimal)); dt.columns.add("kur", typeof(string)); dt.columns.add("tutar", typeof(decimal)); datarow dr = dt.newrow(); dt.rows.add(dr); gc.datasource = dt; } private void repositoryitembuttoneditmal
Read more

nvd3.js - angularjs-nvd3-directives setting color in legend as well as in chart elements -

-
good morning i using angularjs-nvd3-directives, great, having difficulties when setting color of multi bar chart ( http://cmaurer.github.io/angularjs-nvd3-directives/multi.bar.chart.html ). the show legend works well: <div ng-controller="examplectrl"> <nvd3-multi-bar-chart data="exampledata" id="showlegendexample" width="550" height="300" showxaxis="true" showyaxis="true" xaxistickformat="xaxistickformatfunction()" showlegend="true"> <svg></svg> </nvd3-multi-bar-chart> </div> but when add option in conjunction color="colorfunction()" where, var colorarray = ['#ff0000', '#0000ff', '#ffff00', '#00ffff']; $scope.colorfunction = function() { return function(d, i) { return colorarray[i]; }; } the color of cha
Read more