安全性:将存储过程转换为EF6
[英]Security: Converting Stored Procedure into EF6
问题描述
I'm considering converting my project from using Sprox to linq (EF6), however I'm a bit concerned about DB permissions. 
我正在考虑将项目从使用Sprox转换为linq(EF6),但是我有点担心数据库权限。 At the moment I'm assigning explicitly rights to each and every procedure and nothing beyond that. 目前,我正在为每个过程明确分配权限,除此之外没有其他内容。 How can I have a similar level of security with the use of dynamically created queries in EntityFramework? 在EntityFramework中使用动态创建的查询,如何获得相似的安全级别?
1 个解决方案
解决方案1
0 2014-10-23 16:18:56
You can set individual permissions up using the GRANT command in SQL. 您可以使用SQL中的GRANT命令设置单个权限。
eg 例如
The following example grants SELECT permission to user RosaQdM on table Person.Address
GRANT SELECT ON OBJECT::Person.Address TO RosaQdM;
EF will have to respect the permissions granted, so whichever user that you are using in your application's connection string is the one you need to assign the appropriate permissions to. EF必须尊重授予的权限,因此,您在应用程序的连接字符串中使用的任何用户都是您要为其分配适当权限的用户。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.