September 22, 2014 at 8:47 am
So we're building a small "datamart" type of thing. A new database that will contain data several other databases will want.
A common way these other databases will access this data is through views within the application database. For example, AppA has a view that selects from DataMart's table.
Of course by default, this doesn't work.
From what I've gathered, there's two ways to handle this.
Enable and implement cross database ownership chaining, or manually granting permission to everyone that has access to AppA's view to DataMart's table.
I've heard lots of cautions about cross database ownership chaining, so I'm leery there. It also won't allow me to granularly control what type of access AppA is getting... if they have the same owner, it lets them do anything AppA asks. Not a huge concern since our environment is controlled, but it still seems risky.
On the other hand, granting permissions separately also has a few issues. Every time someone builds a new view to the datamart, they have to remember to ask for the proper permissions to the DataMart as well. Often times, they may not even know this view is bringing in data from the DataMart.
Anyhow, are there any other options that I'm not thinking of? Any better ways of handling this?
Viewing 0 posts
You must be logged in to reply to this topic. Login to reply