Sample for use of Row-Level Security in WideWorldImporters
This script demonstrates the use of Row-Level Security to restrict access to certains rows in the table to certain users.
Contents
About this sample
Before you begin
Running the sample
Sample details
Disclaimers
Related links
About this sample
- Applies to: SQL Server 2016 (or higher), Azure SQL Database
- Key features: Row-Level Security
- Workload: OLTP
- Programming Language: T-SQL
- Authors: Greg Low, Jos de Bruijn
- Update history: 26 May 2016 - initial revision
Before you begin
To run this sample, you need the following prerequisites.
Software prerequisites:
- SQL Server 2016 (or higher) or Azure SQL Database.
- With SQL Server, make sure SQL authentication is enabled.
- SQL Server Management Studio
- The WideWorldImporters database.
Running the sample
-
Open both scripts in different windows or tabs in Management Studio.
-
Follow the instructions in the main script DemonstrateRLS.sql.
Sample details
The sample enables row-level security in the database, for the table Sales.Customers. Users of the database can only see the customers they are allowed to see.
The user 'Great Lakes Sales' is allowed to see only the customers in the Great Lakes sales territory.
The Website user, which is used by the Web front-end in this scenario, configures the sales territory, and RLS takes care of the required filtering based on the information provided by the Web app.
Disclaimers
The code included in this sample is not intended to be used for production purposes.
Related Links
For more information, see these articles: