I'm migrating some old applications to another database server (sql2005) and wanted to revisit the way our web applications access the databases. I plan on using a role for the permissions instead of the user. I've written the following and wanted to make sure I'm scripting this correctly. The applications do not use stored procedures or ORM so I want to limit the role to the basic CRUD operations.
Also, is there any way to set the databasename, rolename and username as variables at the top for reuse in the script? Thanks!
USE [db_name]
GO
CREATE ROLE [db_webrole]
GO
GRANT SELECT, UPDATE, INSERT, DELETE to [db_webrole]
GO
CREATE LOGIN [username] WITH PASSWORD='password',
DEFAULT_DATABASE=[db_name], CHECK_POLICY=OFF
GO
CREATE USER [username] FOR LOGIN [username]
EXEC sp_addrolemember N'db_webrole', N'username'
GO
Aucun commentaire:
Enregistrer un commentaire