Database Access Control
A user can play the following roles in relation to databases and database server (SQL Server):
- Database Server Admin (SQL Server).
- Database Admin.
- Business Studio Database User.
Each Role’s permissions are described in Table 1.
| Permissions | Database Server Admin | Database Admin | Business Studio Database User |
|---|---|---|---|
| With local or remote access | |||
| Access to a database via the application | + | + | + |
| Can modify database data working in the application | + | + | + |
| Database Conversion | + | + | |
| Access to data by third-party tools – external report generators, data analyzers | + | + | |
| Add users | + | ||
| Delete users | + | + | |
| Access** to database objects regardless of horizontal rights | + | + | |
| Can grant a user with Admin permissions to a database | + | ||
| Maintain database by means of the application | + | + | |
| Modify database structure by means of MetaEdit | + | + | |
| With local access only | |||
| Create and restore database | + | ||
| Delete a database | + | + | |
| Save the database Backup copy | + | + | |
Table1. Permissions of roles
* - to the corresponding database only.
** - permissions to "Read" and "Edit Permissions " (see horizontal_right).
Access to the database via the application means that a user can access the database no matter if this user has access to all repositories and database objects. Note though that Database Admin always has access to the sub-classes of the Administration Object class. See the user_rights, horizontal_right articles for the description of limitations of user access to database objects.
SQL Server has its own roles for the roles specified above:
- Database Server Admin – member of the "sysadmin" server role;
- Database Admin – member of the "db_owner" database role;
- Regular user has no roles except for the "public" role.
Contents
