Table Delete protected - SQL Server Forums

Please start any new threads on our new site at https://forums.sqlteam.com. We've got lots of great SQL Server experts to answer whatever question you can come up with.

All Forums

General SQL Server Forums

New to SQL Server Programming

Table Delete protected

Author

Topic

nguyenl
Posting Yak Master

128 Posts

Posted - 2009-04-15 : 17:35:35

Hi,

How would I deny a user, even a sysadmin or dbowner, rights to delete records from a table? They will be able to update and insert but not delte. Please help.

Thanks

SwePeso
Patron Saint of Lost Yaks

30421 Posts

Posted - 2009-04-15 : 17:44:12

Write a DELETE TRIGGER

CREATE TRIGGER dbo.trgDELETE
ON dbo.MyTable
AS

RAISERROR('DELETE detected', 16, 1)
ROLLBACK TRAN

E 12°55'05.63"
N 56°04'39.26"

DonAtWork
Master Smack Fu Yak Hacker

2167 Posts

Posted - 2009-04-16 : 07:43:17

Pretty good answer from an entry level DBA there Peso. Impressive.

[Signature]For fast help, follow this link:
http://weblogs.sqlteam.com/brettk/archive/2005/05/25.aspx
Learn SQL or How to sell Used Cars
For ultra basic questions, follow these links.
http://www.sql-tutorial.net/
http://www.firstsql.com/tutor.htm
http://www.w3schools.com/sql/default.asp

SwePeso
Patron Saint of Lost Yaks

30421 Posts

Posted - 2009-04-16 : 07:48:54

Thanks!

E 12°55'05.63"
N 56°04'39.26"

Transact Charlie
Master Smack Fu Yak Hacker

3451 Posts

Posted - 2009-04-16 : 08:51:40

Hi Peso:

Shouldn't that be:


CREATE TRIGGER dbo.trgDELETE
ON dbo.employee
FOR DELETE
AS

RAISERROR('DELETE detected', 16, 1)
ROLLBACK TRAN
GO

?
Keep up the good work. You'll be.. oh at least a Journeyman level DBA.. as soon as you agree with one of WhiteFang's points I'm sure.

Charlie
===============================================================
Msg 3903, Level 16, State 1, Line 1736
The ROLLBACK TRANSACTION request has no corresponding BEGIN TRANSACTION

Transact Charlie
Master Smack Fu Yak Hacker

3451 Posts

Posted - 2009-04-16 : 08:55:13

Oh. Also -- nguyenl,

They will still be able to TRUNCATE the table -- triggers don't fire.

Charlie
===============================================================
Msg 3903, Level 16, State 1, Line 1736
The ROLLBACK TRANSACTION request has no corresponding BEGIN TRANSACTION

SwePeso
Patron Saint of Lost Yaks

30421 Posts

Posted - 2009-04-16 : 09:46:01

Yes, you're right. I missed that part in the excitement about the other thread.

E 12°55'05.63"
N 56°04'39.26"

nguyenl
Posting Yak Master

128 Posts

Posted - 2009-04-16 : 11:15:05

Thankyou, for all your help.

How would I stop people, even DBAs, from also truncating.

Transact Charlie
Master Smack Fu Yak Hacker

3451 Posts

Posted - 2009-04-16 : 12:10:03

I'm not sure that that's possible -- Roles will be all you can do here. Also -- whatever you do -- assuming the DBA has admin rights then they can just undo your changes.

For instance if you had a delete trigger as above there'd be nothing stopping a dba from doing

DROP TRIGGER trgDELETE

And then merrily DELETING all they wanted to.

Charlie
===============================================================
Msg 3903, Level 16, State 1, Line 1736
The ROLLBACK TRANSACTION request has no corresponding BEGIN TRANSACTION

Transact Charlie
Master Smack Fu Yak Hacker

3451 Posts

Posted - 2009-04-16 : 12:11:15

BUt really why would they want to?

I can see protection against an accidental delete.

If you are *actually* worried that your DBA's might TRUNCATE tables they are not supposed to then you should probably have a chat / fire those DBA's

Charlie
===============================================================
Msg 3903, Level 16, State 1, Line 1736
The ROLLBACK TRANSACTION request has no corresponding BEGIN TRANSACTION

Subscribe to SQLTeam.com

SQLTeam.com Articles via RSS

SQLTeam.com Weblog via RSS

- Advertisement -

Resources