I have a slight problem!
I have an original base table "StaffAddressDetails":
CREATE TABLE StaffAddressDetails
(ContactID INTEGER NOT NULL,
Postcode VARCHAR (10) NOT NULL,
HouseNameOrNumber VARCHAR (50) NOT NULL,
Street VARCHAR (50) NOT NULL,
Street2 VARCHAR (50) DEFAULT '...',
Town VARCHAR (50) NOT NULL,
County VARCHAR (50) NOT NULL,
Country VARCHAR (50) NOT NULL,
StaffID INTEGER NOT NULL,
CONSTRAINT StaffAddressDetails_PK PRIMARY KEY (ContactID, Postcode),
CONSTRAINT StaADContactIDSCD FOREIGN KEY (ContactID)
REFERENCES StaffContactDetails (ContactID));
I want the members of staff to be able to see only their own details, so I have a created a view "HDPBHTTSKStaffAddDetsForSelf" and granted that view to a role "Teacher":
CREATE VIEW HDPBHTTSKStaffAddDetsForSelf AS
SELECT * FROM StaffAddressDetails
WHERE StaffID IN
(SELECT USER
FROM DUAL);
...and...
GRANT SELECT, INSERT, UPDATE ON HDPBHTTSKStaffAddDetsForSelf TO Teacher;
That all works fine - the problem comes when inserting a new row (when logged in on a teacher's account) should, say, the teacher acquire a new address and wish to add it to the school system.
The inserted row appears when queried from that teacher's account, but does not pass down to the original base table, meaning no-one except the teacher can see it, not even admin.
Is there a quick fix??
Many thanks in advance,
Zulu
You should use the WITH CHECK OPTION when creating your view, so that Teacher role members cannot insert or update data with different StaffID than their own, i.e.
create view ... as select ... from ... where ... WITH CHECK OPTION;
Further, agreeing with #danihp, only reason I see why data seem not being passed down to the table for the admin to see, is that inserting transaction is not being committed.
According to my "Pro Oracle Database 11g Administration" book:
If you don't want a user to be able to perform INSERT, UPDATE, or
DELETE operations on a view, then don't grant those object privileges
on the underlying table(s) to that user.
Of course, you want to allow DML operations to the underlying table. To me, that says you also need to make sure that the "Teacher" has appropriate permissions on the StaffAddressDetails table, as well.
GRANT SELECT, INSERT, UPDATE ON StaffAddressDetails TO Teacher;
And to echo Carl's answer, it's a good idea to create this type of view using WITH CHECK OPTION.
Related
I'm new to the MS SQL server. Our client has given us a SQL server DB and for this DB they have configured the Service Principal Authentication. So I logged into the DB using my client company account and then I tried to create a table without giving any schema name. for example
CREATE TABLE visits (
visit_id INT PRIMARY KEY IDENTITY (1, 1),
first_name VARCHAR (50) NOT NULL,
last_name VARCHAR (50) NOT NULL,
visited_at DATETIME,
phone VARCHAR(20),
store_id INT NOT NULL,
);
so when I ran this query it gave me the below error
Msg 2760, Level 16, State 1, Line 1
The specified schema name "aashay.amballi#<company>.com" either does not exist or you do not have permission to use it.
so now when I created the table with DBO schema it created the table.
CREATE TABLE dbo.visits (
visit_id INT PRIMARY KEY IDENTITY (1, 1),
first_name VARCHAR (50) NOT NULL,
last_name VARCHAR (50) NOT NULL,
visited_at DATETIME,
phone VARCHAR(20),
store_id INT NOT NULL,
);
So now when I tried to query this visits table without any schema (i.e. DBO) select * from visits it actually gave me the result.
Also when I ran the select SCHEMA_NAME() to check what is the default schema, it returned null. So is there a possibility that when there is no default schema that is set for a user and while creating a table without a schema name it will give that error? if that is the case then while querying without any schema how it's picking the dbo schema by default?
So I'm a bit confused about how this is working. Can anyone please explain this?
This question is regarding the question that I asked a couple of days back when I'm trying to integrate MSSQL with service principal authentication with the Django Framework - Django MigrationSchemaMissing exception on Azure SQL using service principal auth
From the CREATE TABLE description:
If type_schema_name isn't specified, the SQL Server Database Engine
references type_name in the following order:
The SQL Server system data type.
The default schema of the current user in the current database.
The dbo schema in the current database.
And what is your default schema? It depends on options of CREATE USER statement used when creating your user's account:
WITH DEFAULT_SCHEMA = schema_name Specifies the first schema that will
be searched by the server when it resolves the names of objects for
this database user.
You can skip the schema in queries, but it is a best practise to always use schemas.
I'm learning DDL to create and define an SQL database with Postgresql 10.
I have the something like the following SQL code in an .sql file, and I want to input it in psql or PgAdmin 4, just to test the syntax and see the database structure:
CREATE DATABASE database;
CREATE TYPE t_name AS
( first VARCHAR(30),
last VARCHAR(60)
);
CREATE TABLE telephone_m
( tnumber VARCHAR(15) NOT NULL UNIQUE
);
CREATE TABLE people
( curp CHAR(18) NOT NULL PRIMARY KEY,
pname t_name NOT NULL,
birth_date DATE NOT NULL,
telephone_m VARCHAR(15) REFERENCES telephone_m
);
CREATE TABLE clients
( curp CHAR(18) NOT NULL PRIMARY KEY,
cid SERIAL NOT NULL REFERENCES cards,
clocation VARCHAR(29)
) INHERITS (people);
CREATE TABLE cards
( cid BIGSERIAL NOT NULL PRIMARY KEY,
curp CHAR(18) NOT NULL REFERENCES clients,
trips SMALLINT,
distance NUMERIC,
points NUMERIC
);
CREATE TABLE drivers
( curp CHAR(18) NOT NULL PRIMARY KEY,
rfc CHAR(22) NOT NULL UNIQUE,
adress t_adress NOT NULL
) INHERITS (people);
I've tried in PgAdmin 4 making right-click on a new database -> CREATE Script, it opens Query Editor, I copy paste my code and execute it, but it returns:
ERROR: CREATE DATABASE cannot be executed from a function or multi-command string
SQL state: 25001
I've also tried using Query Tool directly from the PgAdmin tools menu with the same results.
The database is created just fine. But if you want to create object in the new DB, you have to connect to it. In any client, including pgAdmin4.
And you cannot run CREATE DATABASE inside of a transaction. Must be committed on it's own. Executing multiple commands at once is automatically wrapped into a single transaction in pgAdmin.
You have to execute CREATE DATABASE mydb; on its own (for instance by selecting only that line and pressing F5 while being connected to any DB, even the maintenance db "postgres". Then click on "Databases" in the object browser in the pgadmin4 main window / tab, hit F5 to refresh the view, click on the new DB, open up a new query tool with the flash icon (in a new window / tab) and execute the rest of your script there.
psql scripts manage by using the meta-command \c to connect to the new db after creating it, within the same session.
Asides:
"database" is no good name for a database.
CREATE TYPE AS (...), but just CREATE TABLE (...). No AS.
And you typically don't want to use the data type CHAR(18). See:
Any downsides of using data type "text" for storing strings?
Get sum of integers for UNIQUE ids
What is the overhead for varchar(n)?
Should I add an arbitrary length limit to VARCHAR columns?
There is the ; missing after the CREATE DATABASE database (and perhaps give the db a better name).
While trying to create some tables with constraints I have stumbled on syntax errors. I am using Microsoft Access and it keeps advising me that my second Constraint is wrong. What is going on? My code looks as follows:
CREATE TABLE STORE
(
StoreName Char(25) NOT NULL,
City Char(35) NULL
Country Char(50) NULL,
Phone Char(8) NULL,
Fax Char(15) NULL,
Email Varchar(100) NULL,
Contact Char(35) NULL,
CONSTRAINT StorePK PRIMARY KEY(StoreName),
CONSTRAINT Citizen CHECK (Country IN ('Belize', 'United States', 'Mexico','China', 'Germany', 'France', 'Netherlands'))
);
I believe you have to create the table and the use ALTER TABLE to add the constraint.
ALTER TABLE STORE
CONSTRAINT Citizen CHECK (
Country IN (
'Belize', 'United States', 'Mexico','China',
'Germany', 'France', 'Netherlands'
)
);
I don't know how much the situation has changed since Access 2000 I'm pretty certain that some limitations still apply as indicated in this old documentation:
Note The check constraint statement can only be executed through the Jet OLE DB provider and ADO; it will return an error message if
used though the Access SQL View user interface.
https://msdn.microsoft.com/en-us/library/aa140015%28office.10%29.aspx#acintsql_ddlconst
Your CREATE TABLE statement is valid Access DDL when executed from ADO/OleDb. CHECK constraints are among the DDL features added with Jet 4, and which are not supported under DAO.
That also means CHECK is not supported by default for queries run from the query designer. You might be able to work around that limitation by setting the Access option "SQL Server Compatible Syntax (ANSI 92)". However that option has other side effects. If you use it, make sure to test your existing queries to see whether they all still operate as intended.
I put your statement text in a variable and executed it successfully like this:
CurrentProject.Connection.Execute strDDL
That worked because CurrentProject.Connection is an ADO object.
I am using VS 2008 and SQL Server 2005. And the problem is that when I insert a new record which is string data. It continues on entering the same data which is already exiting in the table, again and again. But I want that where my insert query is running. I place the check there that it does not allow similar data in the table.
My scenario:
I have to decide on these two string columns: 'source' and 'destination'
If similar source and destination occur in any record we must stop we the entry on record.
Share the solution.
The easiest way to do it is by putting a 'UNIQUE constraint' on your database. Then, each time an SQL UPDATE or an SQL INSERT is executed, the database server would check the validity of the new SQL action and cancel it if it violates your data integrity constraing.
For example (copying from this SQL tutorial):
CREATE TABLE Persons
(
P_Id int NOT NULL UNIQUE,
LastName varchar(255) NOT NULL,
FirstName varchar(255),
Address varchar(255),
City varchar(255)
)
If you want to add a UNIQUE constraint on two columns, you could use such a statement:
CREATE TABLE Example
(Col1 int NOT NULL,
Col2 int NOT NULL,
UNIQUE (Col1, Col2)
)
Hope I helped!
I want to create a table named Domains in HSQL. But when i try to do so it includes 29 columns although my table definition specifies just 5.There is a Domains System View and it seems it is including these columns also in my metadata.Because of this i am not able to insert anything in my db as those unwanted columns from Domains System View also contain some non-null values.
I tried creating schema but it is not what i need as my solution.
I need to override this Domains System View or stop the metadata from picking it.
Does anyone know how can we do it?
I am stuck at it for more than few days now.
CREATE TABLE IF NOT EXISTS Domains
(
domain_id INTEGER NOT NULL,
name VARCHAR(100) NOT NULL,
description VARCHAR(500) NOT NULL,
CREATED_BY VARCHAR(8) NOT NULL,
LAST_UPDATED_BY VARCHAR(8) NOT NULL,
PRIMARY KEY (domain_id)
);