SQL SERVER 数据库授权某个用户只能读数据,不能写数据,禁止查看部分表
USE [db]; -- 切换到目标数据库 -- 加入只读角色(SELECT权限) ALTER ROLE [db_datareader] ADD MEMBER [crm]; -- 移除写权限角色(确保无INSERT/UPDATE/DELETE权限) ALTER ROLE [db_datawriter] DROP MEMBER [crm]; -- 撤销可能的显式写权限 REVOKE INSERT, UPDATE, DELETE, ALTER ON SCHEMA::[dbo] TO [crm]; DENY SELECT ON OBJECT::dbo.T_BD_ACCOUNT TO [crm]; DENY SELECT ON OBJECT::dbo.T_GL_VOUCHER TO [crm]; DENY SELECT ON OBJECT::dbo.T_GL_VOUCHERENTRY TO [crm]; DENY SELECT ON OBJECT::dbo.T_GL_VOUCHERLOG TO [crm]; DENY SELECT ON OBJECT::dbo.T_GL_VOUCHERSUMMARY TO [crm]; DENY SELECT ON OBJECT::dbo.T_GL_VOUCHERSUMMARYENTRY TO [crm]; DENY SELECT ON OBJECT::dbo.T_GL_BALANCE TO [crm]; DENY SELECT ON OBJECT::dbo.T_GL_BALANCEADJUST TO [crm]; DENY SELECT ON OBJECT::dbo.T_BD_RPTITEM TO [crm];
最新回复 (0)
