Deny Method (Table, View)
В будущей версии Microsoft SQL Server эта возможность будет удалена. Избегайте использования этой возможности в новых разработках и запланируйте изменение существующих приложений, в которых она применяется.
The Deny method negates a granted table permission or a list of granted permissions for one or more Microsoft SQL Server users or roles.
Синтаксис
object
.Deny(
Privilege
,
GranteeNames
, [ ColumnNames ] ,
[ GrantGrant ] )
Parts
object
Expression that evaluates to an object in the Applies To list.Privilege
Long integer that specifies one or more table privileges as described in Settings.GranteeNames
SQL Distributed Management Objects (SQL-DMO) multistring that lists users or roles.ColumnNames
SQL-DMO multistring that lists column names within the table or view. When used, the specified permission is denied on only the columns named.GrantGrant
When TRUE, the grantee(s) specified are granted the ability to execute the DENY statement referencing the table or view. When FALSE (default), the ability to deny permission is not granted.
Prototype (C/C++)
HRESULT Deny(
SQLDMO_PRIVILEGE_TYPE iPrivileges,
SQLDMO_LPCSTR GranteeNames,
SQLDMO_LPCSTR ColumnNames = NULL,
BOOL GrantGrant = FALSE);
Settings
Set Privilege by using these SQLDMO_PRIVILEGE_TYPE values.
Constant |
Value |
Description |
---|---|---|
SQLDMOPriv_AllObjectPrivs |
63 |
Deny all granted table privileges. |
SQLDMOPriv_Delete |
8 |
Deny permission to execute the DELETE statement referencing the table or view. |
SQLDMOPriv_Insert |
2 |
Deny permission to execute the INSERT statement referencing the table or view. |
SQLDMOPriv_References |
32 |
Deny permission to reference the table in declarative referential integrity constraints established on other tables. |
SQLDMOPriv_Select |
1 |
Deny permission to execute the SELECT statement referencing the table or view. |
SQLDMOPriv_Update |
4 |
Deny permission to execute the UPDATE statement referencing the table or view. |
Замечания
Denying permissions to database users and roles by using the Deny method of the Table or View object requires appropriate permission. The SQL Server login used for SQLServer object connection must be granted the ability to execute DENY, referencing the database object, the owner of the database object, or a member of a role with greater permission.
For more information about setting multistring parameters, see Using SQL-DMO Multistrings.