UFN_SECURITY_APPUSER_GRANTED_SMARTQUERYINSTANCE_IN_SYSTEMROLE
Returns true if user has been granted and not denied the smart query instance for a system role.
Return
| Return Type |
|---|
| bit |
Parameters
| Parameter | Parameter Type | Mode | Description |
|---|---|---|---|
| @APPUSERID | uniqueidentifier | IN | |
| @SMARTQUERYID | uniqueidentifier | IN |
Definition
Copy
CREATE function [dbo].[UFN_SECURITY_APPUSER_GRANTED_SMARTQUERYINSTANCE_IN_SYSTEMROLE]
(
@APPUSERID uniqueidentifier,
@SMARTQUERYID uniqueidentifier
)
returns bit
as
/*
Returns true if user has been granted and not denied the smart query instance for a System Role.
*/
begin
--If at least one grant and no deny then return true
--otherwise, false
declare @grant bit;
set @grant=0;
-- note that this routine assumes the check for SysAdmin has been performed already
-- check to see if the user is the ower of the query, or the query has been granted to everyone
declare @OWNERID uniqueidentifier;
declare @SECURITYLEVEL tinyint;
declare @SITEID uniqueidentifier;
set @SECURITYLEVEL = 0;
select @OWNERID = OWNERID, @SECURITYLEVEL = SECURITYLEVEL, @SITEID = SITEID from dbo.SMARTQUERYINSTANCE where ID = @SMARTQUERYID;
if (@SITEID is not null) and (dbo.UFN_SITEALLOWEDFORUSER(@APPUSERID, @SITEID) <> 1)
return 0;
if (@OWNERID = @APPUSERID) or (@SECURITYLEVEL = 0)
set @grant = 1;
-- user isn't the owner, and the query has not been granted to everyone; check to see if the user has been
-- granted (and not denied) explicit rights to the smart query instance.
if @grant = 0
begin
--order by GRANTORDENY, deny will be first.
select top 1
@grant = GRANTORDENY
from
dbo.V_SECURITY_SYSTEMROLEASSIGNMENT_USER_SMARTQUERYINSTANCE
where
(APPUSERID = @APPUSERID) and (SMARTQUERYID = @SMARTQUERYID)
order by
GRANTORDENY asc;
end;
return @grant;
end