5 trigger sql-server permissions t-sql sql-server-2017
在 Microsoft SQL Server 2017+ 中,我想为单个用户授予dbcreator角色,但只允许她创建名称与固定前缀匹配的数据库。
是否可以使用内置功能或存储过程在数据库级别执行此操作?
您可以像这样使用服务器级触发器:
CREATE OR ALTER TRIGGER [database_name_check] ON ALL SERVER
FOR CREATE_DATABASE
AS
BEGIN
SET NOCOUNT ON;
DECLARE @event_data XML;
SET @event_data = EVENTDATA();
IF ((SELECT @event_data.value('(/EVENT_INSTANCE/LoginName)[1]', 'NVARCHAR(256)') ) = 'NADABRUTO\edarl'
AND (SELECT @event_data.value('(/EVENT_INSTANCE/DatabaseName)[1]', 'NVARCHAR(256)') ) NOT LIKE '%Stack%')
BEGIN
RAISERROR('NO CAN DO, BUCKAROO', 0, 1) WITH NOWAIT;
ROLLBACK;
END
END;
GO
ENABLE TRIGGER [database_name_check] ON ALL SERVER;
GO
或者像这样在数据库级别:
USE StackOverflow2013
GO
CREATE OR ALTER TRIGGER [database_name_check] ON DATABASE
FOR CREATE_DATABASE
AS
BEGIN
SET NOCOUNT ON;
DECLARE @event_data XML;
SET @event_data = EVENTDATA();
IF ((SELECT @event_data.value('(/EVENT_INSTANCE/LoginName)[1]', 'NVARCHAR(255)') ) = 'NADABRUTO\edarl'
AND (SELECT @event_data.value('(/EVENT_INSTANCE/DatabaseName)[1]', 'NVARCHAR(255)') ) NOT LIKE '%Stack%')
BEGIN
RAISERROR('NO CAN DO, BUCKAROO', 0, 1) WITH NOWAIT;
ROLLBACK;
END
END;
GO
ENABLE TRIGGER [database_name_check] ON DATABASE;
GO