简体繁体 English

连接 WPF 和 SQL 服务器的最佳实践

[英]Best practice to connect WPF and SQL Server

原文 2021-03-28 23:33:51 8 1 c#/ php/ asp.net/ sql-server/ wpf

I have been working using WPF for a while, but due to lack of resources I used Access Files as Databases.我一直在使用 WPF 一段时间，但由于资源不足，我使用 Access Files 作为数据库。 Recently I got the opportunity to get my hands on a SQL Database.最近我有机会接触到 SQL 数据库。 When I created my WPF Application (a simple data entry, which writes and read from the database) one of the IT guys where I work started complaining he would have to give full access to everyone who would use this app.当我创建我的 WPF 应用程序（一个简单的数据条目，它从数据库中写入和读取）时，我工作的一位 IT 人员开始抱怨他必须向所有使用该应用程序的人授予完全访问权限。

So, here's my question since you could say I'm new to use WPF Linked to SQL: What is the best approach to achieve the above mentioned example?所以，这是我的问题，因为你可以说我是新来使用 WPF 链接到 SQL：实现上述示例的最佳方法是什么？ I have been researching about API's, ASP.NET, PHP, etc. to see what I could use to send/receive requests from the server, but my understanding is that those previous scripting languages (to just give it a name) are used more for web development, my application is WPF and just runs on the server PC's like a regular windows application.我一直在研究 API、ASP.NET、PHP 等，看看我可以用什么来发送/接收来自服务器的请求，但我的理解是那些以前的脚本语言（只是给它一个名字）更多地用于 Z271967A5EC3705E开发，我的应用程序是 WPF 并且像普通的 windows 应用程序一样在服务器 PC 上运行。

I would appreciate any insights as where to shift my attention, what should I learn/research?我会很感激任何关于将注意力转移到哪里的见解，我应该学习/研究什么？

Thank you all!谢谢你们！

1 个解决方案

This is the scenario that Application Roles were designed to help with.这是应用程序角色旨在帮助解决的场景。

An application role is a database principal that enables an application to run with its own, user-like permissions.应用程序角色是一个数据库主体，它使应用程序能够以自己的类似用户的权限运行。 You can use application roles to enable access to specific data to only those users who connect through a particular application.您可以使用应用程序角色仅允许通过特定应用程序连接的用户访问特定数据。 Unlike database roles, application roles contain no members and are inactive by default.与数据库角色不同，应用程序角色不包含任何成员，并且默认情况下处于非活动状态。 Application roles are enabled by using sp_setapprole, which requires a password.应用程序角色通过使用 sp_setapprole 启用，这需要密码。 Because application roles are a database-level principal, they can access other databases only through permissions granted in those databases to guest.因为应用程序角色是数据库级别的主体，所以它们只能通过在这些数据库中授予来宾的权限来访问其他数据库。 Therefore, any database in which guest has been disabled will be inaccessible to application roles in other databases.因此，任何已禁用来宾的数据库都将无法访问其他数据库中的应用程序角色。

Users still need to Connect to the database, but they don't need to have any permissions beyond that.用户仍然需要连接到数据库，但除此之外他们不需要任何权限。

If your users are local admins on their desktops they could always discover the application role's password with a debugger, so this only works in locked-down environments or where you have reasonably trustworthy users.如果您的用户是他们桌面上的本地管理员，他们总是可以使用调试器发现应用程序角色的密码，因此这仅适用于锁定环境或您拥有相当值得信赖的用户的地方。