create view DBO.limited_access_test as select branch_nbr, name from datamart.dbo.branchGOgrant select on limited_access_test to LowAccessTest
USE masterGOCREATE LOGIN LowAccessTest WITH PASSWORD = 'mypwd!'GO--------------------------------------------------------------------------CREATE DATABASE MyDataMartGOALTER AUTHORIZATION ON DATABASE::MyDataMart TO saALTER DATABASE MyDataMart SET DB_CHAINING ON;GOUSE MyDataMartGOCREATE USER LowAccessTest FROM LOGIN LowAccessTest WITH DEFAULT_SCHEMA = dbo;GOCREATE TABLE dbo.Branch (id INT)GO--------------------------------------------------------------------------CREATE DATABASE MyMiniMartGOALTER AUTHORIZATION ON DATABASE::MyMiniMart TO saALTER DATABASE MyMiniMart SET DB_CHAINING ON;GOUSE MyMiniMartGOCREATE USER LowAccessTest FROM LOGIN LowAccessTest WITH DEFAULT_SCHEMA = dbo;GOCREATE VIEW dbo.limited_access_testASSELECT idFROM MyDataMart.dbo.branchGOGRANT SELECT ON dbo.limited_access_test TO LowAccessTestGO---------------------------------------------------------------------------- succeedsUSE MyMiniMartGOEXECUTE AS LOGIN = 'LowAccessTest'GOSELECT * FROM dbo.limited_access_test;GOREVERTGO---------------------------------------------------------------------------- fails with error, as it shouldUSE MyDataMartGOEXECUTE AS LOGIN = 'LowAccessTest'GOSELECT * FROM dbo.Branch;GOREVERTGO
USE masterALTER DATABASE MyDataMart SET SINGLE_USER WITH ROLLBACK IMMEDIATE;DROP DATABASE MyDataMartALTER DATABASE MyMiniMart SET SINGLE_USER WITH ROLLBACK IMMEDIATE;DROP DATABASE MyMiniMartDROP LOGIN LowAccessTest;
