I have a situation where I need to give a login a restricted view of data in all tables in a database. Every table includes a "MemberID" column. What I need is a login that has full select access to all of the data in every table and then another login that has select access to a "restricted" view of the data based on a list of approved "MemberID's".The other requirement is that the same query needs to work regardless of the login. So if USERA (who has full permission) does a select against TABLEA they will get all of the records returned - if USERB runs the exact same query they will only get back the records that match the "MemberID" list that they are allowed to access.My thought was to create a schema and then create a view with the same name as each table that includes the necessary WHERE clause to limit the data returned. This works in theory but I seem to be having a problem with the Permission Chaining. I can't seem to find the right combination to Create the User, Create the Schema, Create the View and then have the logged in user be able to select against the view but not the underlying table directly.
↧