Bài giảng Kiến trúc cài đặt cơ sở dữ liệu - Chương 11: Bảo mật mức hàng trong SQL Server

Bài giảng Kiến trúc cài đặt cơ sở dữ liệu - Chương 11: Bảo mật mức hàng trong SQL Server. Chương này tiến hành hướng dẫn việc xây dựng bảng, hàm, thủ tục và trigger cho mục đích bảo mật mức hàng. Mời các bạn tham khảo để biết thêm nội dung chi tiết.

B ̀ ̀ ̀ ng trong

SQL Server

N i dung

• Case study

L nh View

• [ WITH CHECK OPTION ]: b t bu c t t c các

l nh ch nh s a d li ̀ ̀ ̀ n view

u ph ̀ ̀ ̀ u ki n l c trong m nh select

– Khi 1 hàng b s ̀ i thông qua view, WITH

Ví d

CREATE VIEW CAonly

AS SELECT au_lname, au_fname, city, state

̀ ̀ ̀ ̀ ̀ ̀ ̀ ̀security

T ̀B ng security

USE OBXKites;

CREATE TABLE dbo.Security (

SecurityID int identity NOT NULL

ContactID UniqueIdentifier NOT NULL

REFERENCES dbo.Contact(ContactID) ON DELETE CASCADE, LocationID UniqueIdentifier NOT NULL

REFERENCES dbo.Location(LocationID) ON DELETE CASCADE, SecurityLevel INT NOT NULL DEFAULT 0

);

H ̀ ̀ ̀ ̀ ng security

ALTER TABLE dbo.Security

ADD CONSTRAINT ValidSecurityCode CHECK (SecurityLevel IN (0,1,2,3));

ALTER TABLE dbo.Security

ADD CONSTRAINT ContactLocation UNIQUE (ContactID, LocationID);

T ̀ ̀ m

CREATE TRIGGER ContactID_RI

ON dbo.Security AFTER INSERT, UPDATE

AS

SET NOCOUNT ON;

IF EXISTS(SELECT * FROM Inserted INNER JOIN dbo.Contact

ON Inserted.ContactID = Contact.ContactID WHERE Contact.ContactID IS NULL

OR IsEmployee = CAST(0 AS bit))

T ̀ ̀ ̀ ̀ ̀ a user

CREATE PROCEDURE pSecurity_Fetch

@LocationCode VARCHAR(15) = NULL,

@ContactCode VARCHAR(15) = NULL

AS

SET NOCOUNT ON;

SELECT c.ContactCode, l.LocationCode, s.SecurityLevel

FROM dbo.Security AS s INNER JOIN dbo.Contact AS c

ON s.ContactID = c.ContactID INNER JOIN dbo.Location AS l

ON s.LocationID = l.LocationID WHERE (l.LocationCode = @LocationCode

OR @LocationCode IS NULL) AND (c.ContactCode = @ContactCode

OR @ContactCode IS NULL);

T ̀ ̀ ̀ n security cho user

CREATE PROCEDURE pSecurity_Assign

@ContactCode VARCHAR(15),

@LocationCode VARCHAR(15), @SecurityLevel

INT

AS

SET NOCOUNT ON;

DECLARE @ContactID UNIQUEIDENTIFIER,

WHERE LocationCode = @LocationCode;

IF @@ERROR <> 0 RETURN -100;

IF @LocationID IS NULL BEGIN

‘́ISE‘‘O‘̀ L ̀ ̀ ̀ ̀

15,1,@LocationCode); RETURN -100;

END;

Insert INSERT dbo.Security (ContactID,LocationID, SecurityLevel) VALUES

(@ContactID, @LocationID,

@SecurityLevel);

IF @@ERROR <> 0 RETURN -100;

T ̀ ̀ ̀ ̀ ̀ ̀ ̀ nh

SELECT ContactCode FROM dbo.Contact WHERE IsEmployee = CAST(1 AS bit);

SELECT LocationCode FROM dbo.Location ;

T ̀ ̀ ̀ ̀ ̀ t

CREATE PROCEDURE p_SecurityCheck

@ContactCode VARCHAR(15), @LocationCode VARCHAR(15),

@SecurityLevel INT, @Approved BIT OUTPUT

AS

SET NOCOUNT ON;

DECLARE @ActualLevel INT = 0;

SELECT @ActualLevel = s.SecurityLevel FROM dbo.Security AS s

INNER JOIN dbo.Contact AS c ON s.ContactID = c.ContactID INNER JOIN dbo.Location AS l ON s.LocationID = l.LocationID WHERE c.ContactCode = @ContactCode

AND l.LocationCode = @LocationCode ;

T ̀ ̀ ̀ ̀ ̀ t (tt)

IF @ActualLevel < @SecurityLevel SET @Approved = CAST(0 AS bit);

ELSE SET @Approved = CAST(1 AS bit);

H m fSecurityCheck

CREATE FUNCTION dbo.fSecurityCheck (

@ContactCode VACHAR(15), @LocationCode VARCHAR(15),

@SecurityLevel INT)

RETURNS BIT

AS

BEGIN

DECLARE @Approved BIT = CAST(0 AS bit);

IF (SELECT s.SecurityLevel FROM dbo.Security AS s

INNER JOIN dbo.Contact AS c ON s.ContactID = c.ContactID

INNER JOIN dbo.Location AS l ON s.LocationID = l.LocationID

WHERE c.ContactCode = @ContactCode

AND l.LocationCode = @LocationCode) >= @SecurityLevel