我正在通过Eclipse创建一个GUI,并且正在使用Java。然后应用程序连接到SQL Server数据库。我设法使用他们各自的安全性或限制直接使用Microsoft SQL Server添加新用户。
但是,我想通过GUI本身添加新用户,并能够确定他们可以访问哪个表。或者至少只是添加新用户,然后弄不清楚如何确定他们可以访问哪个表。我遇到了将SQL代码转换为Java的问题(毕竟,我是新手)。
先谢谢您,
以下是我在SQL Server中发现的用于添加新登录名然后添加新用户的SQL代码,其目的是直接从GUI中用实际用户输入替换“ NewAdminName”和“ ABCD”:
CREATE LOGIN NewAdminName WITH PASSWORD = 'ABCD'
GO
Use BEPAWI;
GO
IF NOT EXISTS (SELECT * FROM sys.database_principals WHERE name = N'NewAdminName')
BEGIN
CREATE USER [NewAdminName] FOR LOGIN [NewAdminName]
EXEC sp_addrolemember N'db_owner', N'NewAdminName'
END;
以下是我目前正在使用Eclipse的JAVA代码:
JButton btnNewButton = new JButton("Enter");
btnNewButton.addActionListener(new ActionListener() {
public void actionPerformed(ActionEvent arg0) {
try {
String username = "";
String password = "";
username = UsernametextField.getText().trim();
password = PasswordtextField.getText().trim();
if (username.equals("")|| password.equals(""))
{
JOptionPane.showMessageDialog(null," name or password is wrong","Error",JOptionPane.ERROR_MESSAGE);
}
else
{
connection = DriverManager.getConnection(AdminMenu.DATABASE_URL, AdminMenu.UserName, AdminMenu.Password);
statement = connection.createStatement();
resultSetInt = statement.executeUpdate("CREATE LOGIN '"+username+"' WITH PASSWORD = ''"+password+"'' GO USE BEPAWI GO IF NOT EXISTS (SELECT * FROM sys.database_principals WHERE name = N''"+username+"'') BEGIN CREATE USER ['"+username+"'] FOR LOGIN ['"+username+"'] EXEC sp_addrolemember N'db_owner', N''"+username+"'' END;) VALUES('"+username+"', '"+password+"');");
System.out.println(resultSetInt);
System.out.println("Connecting to a selected database...");
System.out.println("Connected database successfully...");
String SMessage = "Record added for "+username;
JOptionPane.showMessageDialog(null,SMessage,"Message",JOptionPane.PLAIN_MESSAGE);
//close connection
((java.sql.Connection)connection).close();
}
}
catch (SQLException se)
{
//handle errors for JDBC
se.printStackTrace();
}
catch (Exception a) //catch block
{
a.printStackTrace();
}
}
});
我相信我的问题是这行代码:
resultSetInt = statement.executeUpdate("CREATE LOGIN '"+username+"' WITH PASSWORD = ''"+password+"'' GO USE BEPAWI GO IF NOT EXISTS (SELECT * FROM sys.database_principals WHERE name = N''"+username+"'') BEGIN CREATE USER ['"+username+"'] FOR LOGIN ['"+username+"'] EXEC sp_addrolemember N'db_owner', N''"+username+"'' END;) VALUES('"+username+"', '"+password+"');");
也许我必须添加SQL表中的所有列?如那个 sys.database_principals和FROM sys.server_principals
再次感谢您,
答案 0 :(得分:0)
好,所以我知道了。哇!
我正在添加代码,以防其他人需要它。
现在要弄清楚如何将某些表限制为每个新用户。...
谢谢
try {
String username = "";
String password = "";
username = UsernametextField.getText().trim();
password = PasswordtextField.getText().trim();
if (username.equals("")|| password.equals(""))
{
JOptionPane.showMessageDialog(null," name or password is wrong","Error",JOptionPane.ERROR_MESSAGE);
}
else
{
connection = DriverManager.getConnection(AdminMenu.DATABASE_URL, AdminMenu.UserName, AdminMenu.Password);
statement = connection.createStatement();
resultSetInt = statement.executeUpdate("CREATE LOGIN "+username+" WITH PASSWORD = '"+password+"'");
resultSetInt = statement.executeUpdate("IF NOT EXISTS (SELECT * FROM sys.database_principals WHERE name = N'"+username+"') CREATE USER ["+username+"] FOR LOGIN ["+username+"] EXEC sp_addrolemember N'db_owner', N'"+username+"'");
//("CREATE LOGIN NewAdminName WITH PASSWORD = 'ABCD' GO USE BEPAWI GO IF NOT EXISTS (SELECT * FROM sys.database_principals WHERE name = N'NewAdminName') BEGIN CREATE USER [NewAdminName] FOR LOGIN [NewAdminName] EXEC sp_addrolemember N'db_owner', N'NewAdminName' END;) VALUES('"+username+"', '"+password+"');");
String SMessage = "Record added for "+username;
// create dialog ox which is print message
JOptionPane.showMessageDialog(null,SMessage,"Message",JOptionPane.PLAIN_MESSAGE);
//close connection
((java.sql.Connection)connection).close();
}
}
catch (SQLException se)
{
//handle errors for JDBC
se.printStackTrace();
}
catch (Exception a) //catch block
{
a.printStackTrace();
}
}
});