Home Forums SQL Server 2016 SQL Server 2016 - Development and T-SQL Prevent Mass Updates With RowCount 1 RE: Prevent Mass Updates With RowCount 1

  • January 17, 2017 at 12:37 pm

    #1923259

    Joe Torre - Tuesday, January 17, 2017 9:55 AM

    mary.clemons 79057 - Saturday, January 14, 2017 6:18 AM

    I have a mission critical table which at times unfortunately does need a manual update to key value.  Failure to remember the obviously not so obvious fact that you do absolutely need that WHERE clause which is unfortunately so easy to forget when every single one of those mission critical applications have suddenly convinced all the users that the IT Director finally got the one guy with the password to walk out.  Could RowCount 1 somehow be used to help?

    You could write a trigger that would rollback the transaction if the row count exceeds a threshold.

    I also had this same thought for a brief moment, but triggers are not fired for truncate table statements, and there may occasionally be a legitimate need to delete or update more than (x) rows. I second the motion to remove users from SYSADMIN, DBO, or DATAWRITER roles and instead grant them execute permission on a parameterized stored procedures which contains the proper logic. If end users can ad-hoc write to the database, there are 100 different ways they can screw up the tables. For example, they can open an SSMS connection to production by mistake thinking it's development, or they can get the source and destination servers switched around when attempting to import data from tables in production to QA.

    "Do not seek to follow in the footsteps of the wise. Instead, seek what they sought." - Matsuo Basho