How to see the access/permission of a table for a specific user or role? Didn't get much from documentation. Any help on providing the SQL would be greatly helpful.
Something like
SHOW GRANTS ON TABLE schema.table;
Should work. https://docs.snowflake.net/manuals/sql-reference/sql/show-grants.html
Related
I know sybase supports two types of temp tables, one starts with # and can't be shared by sessions. The other one is created with tempdb.. prefix which can be shared by sessions or users.
My question is:
Are tables created in tempdb accessible to other users as well?
How to control the access or how to prevent the table created by userA from being modified/dropped by userB?
I googled for a while but didn't find any information on this.
I'm using sybase at work but don't have admin access to create new user so I can't do the test.
Can someone who have experience please advise?
please refer to http://infocenter.sybase.com/help/index.jsp?topic=/com.sybase.infocenter.dc32300.1570/html/sqlug/X10118.htm for details.
i also test the behavior on sybase ase 15.7.
the result as same as the previous link.
Are tables created in tempdb accessible to other users as well?
Yes.
How to control the access or how to prevent the table created by userA from being modified/dropped by userB?
There seems no method about the tempdb..xxx tables.
I'm about to migrate from Goldmine database to Suitecrm database. In Goldmine they have user groups and members, Im unable to locate that table where the groups/membership for each users has been stored in the Goldmine database. Can you please help me at the earlist!
Thanks in advance!
GoldMine stores the group membership in the U_security field in the users table. Unfortunately it is encrypted by the application and you will require the API to get access to it.
I've just received a question from my boss to encrypt an entire table, stored in SQL Server 2012.
The problem is that, in this table, we store some personal information that not even the database administrator has to see. We have also several application which work with the data in this table, so I will appreciate if there is a method to hide the data both with ODBC access and with SQL Query Access via SQL Server Management Studio, without changing these applications.
Can anyone tells me the solution?
Thank you very much
If you want to restrict access to certain columns only you can use column level security and grant access only to those columns. Considering you have a group called ODBCAPPS it would looks something like this:
GRANT SELECT ON dbo.Employee (EmployeeID, FirstName, MiddleName, SurName) TO ODBCAPPS;
More details about GRANT you can find on MSDN
You can do something with ASCII
UPDATE Table_name
SET x=ASCII(x)+3, y=ASCII(Y)+3 // Choose your number. This is the simplest
For more refer :https://learn.microsoft.com/en-us/sql/t-sql/functions/ascii-transact-sql
Is there a way to list table and column names where I am not granted access? I am a developer trying to access and see if a column name is available but dba's are restricting any sort of read 'select' access. This is for SQL Server 2008. Thanks.
It would be best to open up communications with your DBA for this issue. Technically speaking there is a way to do this however the DBA is likely the only one that can provide this information. Which asking what you have permissions to is not an unreasonable request in my eyes (as a DBA).
You might also suggest that in place of you having to ask them these types of questions over and over if they can grant you VIEW DEFINITION on the particular database. This grants you metadata access to objects in the database without granting access to the objects themselves.
No, there isn't. The SQL Server will not expose any metadata on objects you dont have a privilege to use. So, if you don't have a SELECT permission on a table, you won't see it's metadata. Same with stored procedures etc.
Try this:
select * from INFORMATION_SCHEMA.TABLES
select * from INFORMATION_SCHEMA.COLUMNS where TABLE_NAME='<name>'
Not sure if the DBA's restricted access to these views or not
While working with some random sql queries on our databases, we may not want to insert or delete items to some of the database tables by just typing their names by mistake. So how to make them locked to the "editing", to be able to work safe.
Thanks.
Why not just define a role in your database and give that role rights to whatever tables your users need, but this role would not have update/delete rights to the tables you are concerned with?
As the others have mentioned, this should be set up in the Roles.
Here is a useful link on Understanding Roles in SQL Server 2000
Work with a limited-rights account, and deny it rights to modify the 'protected' tables.
Roles are the best practice way to go. However if you can't/won't use roles, you could use triggers, see this answer: SQL Server Query Editors - any that warn of number of rows to be changed?
Move these special tables to its own database. Give the user account only select privileges for this database.