PANTHEON™ Help

 Toc
 Početna stranica
[Collapse]PANTHEON
 [Collapse]PANTHEON priručnici
  [Expand]Vodič kroz Datalab PANTHEON Farming
  [Expand]Vodič za mobilni POS
  [Expand]Vodič po DataLab PANTHEON™-u
  [Expand]Vodič po PANTHEON Vet
 [Collapse]PANTHEON korisnički priručnici
  [Expand]Korisnički priručnik za DataLab PANTHEON™
  [Expand]Korisnički priručnik za PANTHEON Vet
  [Expand]Korisnički priručnik za PANTHEON maloprodaju
[Collapse]PANTHEON Web
 [Collapse]Vodiči po PANTHEON Web
  [Expand]Vodič po PANTHEON Web Light-u
  [Expand]Vodič za PANTHEON Web Terminal
  [Expand]Arhiva starih proizvoda
  [Expand]Vodič po PANTHEON Web Legal
 [Collapse]Korisnički priručnici za PANTHEON Web
  [Expand]Početak rada s PANTHEON Web-om
  [Expand]Korisnički priručnik za PANTHEON Web Light
  [Expand]Korisnički priručnik za PANTHEON Web Terminal
  [Expand]Korisnički priručnik za PANTHEON Web Legal
  [Expand]Arhiva starih proizvoda
[Collapse]PANTHEON Granule
 [Collapse]Vodič po PANTHEON Granulama
  [Expand]Granule za Servis na terenu
  [Expand]Granula Kadrovi
  [Expand]Granula Putni nalozi
  [Expand]Granula Dokumenti i Zadaci
  [Expand]Granula Kontrolna tabla
  [Expand]Granula B2B narudžbe
  [Expand]Inventar Fiksne Imovine Granula
  [Expand]Inventar Skladišta Granula
 [Collapse]Korisnički priručnik za PANTHEON Granule
   Početak
   Korištenje PANTHEON Granula u imaginarnom poduzeću Tecta
  [Expand]PANTHEON Granule i aktivacija
  [Expand]Granula Kadrovi
  [Expand]Granula Putni nalozi
  [Expand]Granula Dokumenti i zadaci
  [Expand]Granula B2B narudžbe
  [Expand]Granula Nadzorna ploča
  [Expand]Granula Servis na terenu
   Česta pitanja i odgovori
  [Expand]Inventar dugotrajne imovine
  [Expand]Granula Inventura skladišta
   Arhiva

Load Time: 406,2572 ms
"
   6613 | 1 | |
Label


ARES - RLS Compatibility Mode

              

 

Code that must run without a security context of authorizations needs impersonation. Several function and properties are available for impersonation.

 

When an EXECUTE AS statement is run, the execution context of the session is switched to the specified login or user name. After the context switch, permissions are checked against the login and user security tokens for the specified account instead of the account calling the EXECUTE AS statement.

 

Check the following code:

Select USER_NAME()

execute as user = 'RLS_ALL' 

Select USER_NAME()

revert

Select USER_NAME()

 

Result:

 

Warning

Revert must be called! The user or login account is impersonated for the duration of the session or module execution. Afterwards, the context switch is reverted.

 

Functions and properties, see Ares example: EX66716 - ARES - RLS Compatibility Mode

 

Warning

All functions and methods modify code only when IsRLS = True
 

 

The same code can be used on RLS and non-RLS databases.

  • IsRLS: returns True if RLS is enabled on database.
    check: select * from [dbo].[fPA_RLSEnabled]()
  • Function SQLToSQLRLSAll(ASQL: String): String;
    Converts SQL
  • ARES.ExecuteStep_RLS_ALL(3);
    Code in step 3 will be executed using SQLToSQLRLSAll.
  • ExecuteAsUser_RLS_ALLSQL
    Use in try-finally statements.
    • ExecuteAsUser_RLS_ALLSQL(True): execute as user = 'RLS_ALL' statement is run
    • ExecuteAsUser_RLS_ALLSQL(False): revert statement is run

  • Property TdlDataset.ExceuteAs_RLS_ALL := True;
    Code TdlDataset.SQL.Text will be executed using SQLToSQLRLSAll.

 

 

Related topics:

  Row Level Security

  How RLS works in practice

  Upgrade

  Database

 Code changes

 

  

     


Rate this topic
Was this topic usefull?
Comments
Comment will also bo visible in forum!