Today, I worked on a service request that remember me the impact that we could have using row level security afterwards that our databases has been developed.
A customer reported a performance issue after implementing the row level security.
Our customer have the following design:
create table dbo.group_user ([groupcode] varchar(255),username varchar(128))
INSERT INTO dbo.group_user VALUES('G1',1)
DECLARE @n as integer = 0
WHILE(@n<=100000)
begin
SET @n=@n+1
insert into LogData ([InsertID], [ID]) values(@N,@N)
end
CREATE FUNCTION dbo.[fn_securitypredicate](@groupcode AS varchar(255))
RETURNS TABLE
WITH SCHEMABINDING
AS
RETURN SELECT 1 AS fn_securitypredicate_result
WHERE @groupcode IN (
SELECT dbo.group_user.[groupcode]
FROM dbo.group_user
WHERE dbo.group_user.username =
CASE
WHEN is_member('G1') = 1 THEN CAST('G1' AS nvarchar(128))
WHEN is_member('G2') = 1 THEN CAST('G2' As nvarchar(128))
WHEN is_member('G3') = 1 THEN CAST('G3' As nvarchar(128))
ELSE user_name()
END);
CREATE SECURITY POLICY dbo.[LogData_Check]
ADD FILTER PREDICATE dbo.[fn_securitypredicate]([groupcode]) ON dbo.Logdata
WITH (STATE = ON, SCHEMABINDING = ON)
GO
create index LogData2 on [dbo].LogData ([InsertiD],[groupcode])
create index LogData3 on [dbo].LogData ([InsertiD]) include ([groupcode])
Enjoy!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.