PANTHEON™ Help

 Toc
 PANTHEON Ajutor - Bun venit
[Collapse]PANTHEON
 [Collapse]Ghiduri pentru PANTHEON
  [Expand]Ghid pentru PANTHEON
  [Expand]Ghid pentru PANTHEON Retail
  [Expand]Ghid pentru PANTHEON Vet
  [Expand]Ghid pentru PANTHEON Fermă
 [Collapse]Manuale de utilizare pentru PANTHEON
  [Expand]Manual de utilizare pentru PANTHEON
  [Expand]Manual de utilizare pentru PANTHEON Retail
  [Expand]Manual de utilizare pentru PANTHEON Vet
  [Expand]Manual de utilizare pentru PANTHEON Farming
[Collapse]PANTHEON Web
 [Collapse]Ghiduri pentru PANTHEON Web
  [Expand]Ghid pentru PANTHEON Web Light
  [Expand]Ghid pentru Terminalul Web PANTHEON
  [Expand]Ghid pentru PANTHEON Web Legal
  [Expand]Arhivă produse vechi
 [Collapse]Manuale de utilizare pentru PANTHEON Web
  [Expand]Începerea PANTHEON Web
  [Expand]Manual de utilizare pentru PANTHEON Web Light
  [Expand]Manual de utilizare pentru terminalul web PANTHEON
  [Expand]Manual de utilizare pentru PANTHEON Web Legal
  [Expand]Arhivă produse vechi
[Collapse]PANTHEON Granule
 [Collapse]Ghiduri pentru granule PANTHEON
  [Expand]Granul Personal
  [Expand]Comenzi de Călătorie Granule
  [Expand]Documente și Sarcini Granul
  [Expand]Tabloul de bord Granule
  [Expand]Comenzi B2B Granule
  [Expand]Granul de Serviciu pe Teren
  [Expand]Granul Inventar Active Fixe
  [Expand]Inventar de Magazin Granule
 [Collapse]Manuale de utilizare pentru granulele PANTHEON
  [Expand]Începerea
  [Expand]Granul Personal
  [Expand]Comenzi de Călătorie Granule
  [Expand]Documente și Sarcini Granul
  [Expand]Comenzi B2B Granule
  [Expand]Tabloul de bord Granule
  [Expand]Serviciul de teren Granule
  [Expand]Granul Inventar Active Fixe
  [Expand]Inventar de Magazin Granule
  [Expand]Arhivă
[Expand]Site utilizator

Load Time: 343,7768 ms
"
   6613 | 1 | |
Label


ARES - RLS Compatibility Mode

              

 

Code that must run without a security context of authorizations needs impersonation. Several function and properties are available for impersonation.

 

When an EXECUTE AS statement is run, the execution context of the session is switched to the specified login or user name. After the context switch, permissions are checked against the login and user security tokens for the specified account instead of the account calling the EXECUTE AS statement.

 

Check the following code:

Select USER_NAME()

execute as user = 'RLS_ALL' 

Select USER_NAME()

revert

Select USER_NAME()

 

Result:

 

Warning

Revert must be called! The user or login account is impersonated for the duration of the session or module execution. Afterwards, the context switch is reverted.

 

Functions and properties, see Ares example: EX66716 - ARES - RLS Compatibility Mode

 

Warning

All functions and methods modify code only when IsRLS = True
 

 

The same code can be used on RLS and non-RLS databases.

  • IsRLS: returns True if RLS is enabled on database.
    check: select * from [dbo].[fPA_RLSEnabled]()
  • Function SQLToSQLRLSAll(ASQL: String): String;
    Converts SQL
  • ARES.ExecuteStep_RLS_ALL(3);
    Code in step 3 will be executed using SQLToSQLRLSAll.
  • ExecuteAsUser_RLS_ALLSQL
    Use in try-finally statements.
    • ExecuteAsUser_RLS_ALLSQL(True): execute as user = 'RLS_ALL' statement is run
    • ExecuteAsUser_RLS_ALLSQL(False): revert statement is run

  • Property TdlDataset.ExceuteAs_RLS_ALL := True;
    Code TdlDataset.SQL.Text will be executed using SQLToSQLRLSAll.

 

 

Related topics:

  Row Level Security

  How RLS works in practice

  Upgrade

  Database

 Code changes

 

  

     


Rate this topic
Was this topic usefull?
Comments
Comment will also bo visible in forum!