PANTHEON™ Help

 Toc
 PANTHEON Help - Welcome
[Collapse]PANTHEON
 [Collapse]Guides for PANTHEON
  [Expand]Guide for PANTHEON
  [Expand]Guide for PANTHEON Retail
  [Expand]Guide for PANTHEON Vet
  [Expand]Guide for PANTHEON Farming
 [Collapse]User Manuals for PANTHEON
  [Collapse]User Manual for PANTHEON
   [Collapse]Getting Started
     Dictionary of terms
     First steps with PANTHEON
    [Expand]Using PANTHEON at Tecta, a fictional company
    [Expand]Instructions for Ensuring Compliance of PANTHEON with SAS
    [Expand]PANTHEON Installation
    [Expand]PANTHEON System
    [Expand]PANTHEON Basics
    [Expand]PANTHEON Help
    [Expand]Materials and Goods Movements
    [Expand]Assigning Identifiers
    [Expand]Frequently asked questions about Pantheon (F.A.Q.)
    [Collapse]Archive
     [Expand]PANTHEON Editions
      Installing PANTHEON on Linux and Oracle Database
     [Expand]eDocumentation
     [Expand]eInvoice
     [Expand]Workflow
     [Expand]Backup
     [Collapse]Get.start
      [Expand]Duplicates
       Windows 7
       SQL Server
      [Expand]ODBC
       SQL Server Agent
       Windows Vista
       Slabšanje performans MS-SQL strežnika
      [Collapse]Row Level Security
        How RLS works in practice
        Upgrade
        Database
        Code changes
        Troubleshooting
        ARES - RLS Compatibility Mode
        RLS Questions and Answers
       MS SQL Server Installation
      [Expand]Task Scheduling
       PANTHEON System Environment
      [Expand]Hardware
       Installation types on different network configurations
      [Expand]Datalab Utilities
       Installation
       On-premises installation
       PANTHEON Cloud installation
       Ordering and setting eBusiness services
       One-user installation of PANTHEON Cloud
       Network installation of PANTHEN Cloud
       PANTHEON Client Setup Wizard
     [Expand]To-do
     [Expand]End-User License Agreement
      Introductory word
     [Expand]Referential integrity (RI)
      eExchange
      SMS notifications
   [Expand]User Manual for eBusiness
   [Expand]Settings
   [Expand]Orders
   [Expand]Goods
   [Expand]Manufacturing
   [Expand]Service
   [Expand]Help
   [Expand]Personnel
   [Expand]Financials
   [Expand]Analytics
  [Expand]User Manual for PANTHEON Retail
  [Expand]User manual for PANTHEON Vet
  [Expand]User Manual for PANTHEON Farming
[Collapse]PANTHEON Web
 [Collapse]Guides for PANTHEON Web
  [Expand]Guide for PANTHEON Web Light
  [Expand]Guide for PANTHEON Web Terminal
  [Expand]Guide for PANTHEON Web Legal
  [Expand]Old products Archive
 [Collapse]User Manuals for PANTHEON Web
  [Expand]Getting started PANTHEON Web
  [Expand]User Manual for PANTHEON Web Light
  [Expand]User Manual for PANTHEON Web Terminal
  [Expand]User Manual for PANTHEON Web Legal
  [Expand]Old products Archive
[Collapse]PANTHEON Granules
 [Collapse]Guides for PANTHEON Granules
  [Expand]Personnel Granule
  [Expand]Travel Orders Granule
  [Expand]Documents and Tasks Granule
  [Expand]Dashboard Granule
  [Expand]B2B Orders Granule
  [Expand]Field Service Granule
  [Expand]Fixed Assets Inventory Granule
  [Expand]Warehouse Inventory Granule
 [Collapse]User Manuals for PANTHEON Granules
  [Expand]Getting started
  [Expand]Personnel Granule
  [Expand]Travel Orders Granule
  [Expand]Documents and Tasks Granule
  [Expand]B2B Orders Granule
  [Expand]Dashboard Granule
  [Expand]Field Service Granule
  [Expand]Fixed Assets Inventory Granule
  [Expand]Warehouse Inventory Granule
  [Expand]Archive
[Expand]User Site

Load Time: 453.1327 ms
"
   1000002338 | 221960 | 374070 | Updated
Label

ARES - RLS Compatibility Mode

              

 

Code that must run without a security context of authorizations needs impersonation. Several function and properties are available for impersonation.

 

When an EXECUTE AS statement is run, the execution context of the session is switched to the specified login or user name. After the context switch, permissions are checked against the login and user security tokens for the specified account instead of the account calling the EXECUTE AS statement.

 

Check the following code:

Select USER_NAME()

execute as user = 'RLS_ALL' 

Select USER_NAME()

revert

Select USER_NAME()

 

Result:

 

Warning

Revert must be called! The user or login account is impersonated for the duration of the session or module execution. Afterwards, the context switch is reverted.

 

Functions and properties, see Ares example: EX66716 - ARES - RLS Compatibility Mode

 

Warning

All functions and methods modify code only when IsRLS = True
 

 

The same code can be used on RLS and non-RLS databases.

  • IsRLS: returns True if RLS is enabled on database.
    check: select * from [dbo].[fPA_RLSEnabled]()
  • Function SQLToSQLRLSAll(ASQL: String): String;
    Converts SQL
  • ARES.ExecuteStep_RLS_ALL(3);
    Code in step 3 will be executed using SQLToSQLRLSAll.
  • ExecuteAsUser_RLS_ALLSQL
    Use in try-finally statements.
    • ExecuteAsUser_RLS_ALLSQL(True): execute as user = 'RLS_ALL' statement is run
    • ExecuteAsUser_RLS_ALLSQL(False): revert statement is run

  • Property TdlDataset.ExceuteAs_RLS_ALL := True;
    Code TdlDataset.SQL.Text will be executed using SQLToSQLRLSAll.

 

 

Related topics:

  Row Level Security

  How RLS works in practice

  Upgrade

  Database

 Code changes

 


 

Rate this topic
Was this topic usefull?
Comments
Comment will also bo visible in forum!