I have two databases DB1 and DB2 DB1 has a source table named 'Source' I have created a login 'Test_user' in DB2 with Public access. I have also created a view named 'Test_view' in DB2 which references data from DB1.dbo.Source
Thank you for your reply.
I created a login 'test_login'
I created a user 'test_user' for the login 'test_login'
I created a role named 'test' and added 'test_user' to that role.
I granted select and execute to the role 'test' on the view.
BUT still the following is not working
SELECT * FROM DB2.dbo.Test_view --Not working --This should work
SELECT * FROM DB1.dbo.Source --Should Not work --This is fine
Wouldn't you run into cross-database ownership chaining issues unless you create the user/role in the database where the base table is located (DB1 in the example)?
I can think of two possibilities - neither of which I particularly like:
b) Grant public access to login 'Test_user' in DB1 as well, create a view in that database. Then use that view to select from in the view that you create in the DB2 database. Like this:
USE DB1
GO
CREATE USER [Test_user] FOR LOGIN [Test_user]
GO
CREATE VIEW dbo.DB1Test_View
AS
SELECT * FROM dbo.[Source];
GO
GRANT SELECT ON dbo.DB1Test_View TO [Test_user]
GO
USE DB2
GO
CREATE VIEW dbo.Test_View
AS
SELECT * FROM DB1.dbo.DB1Test_View
GO
GRANT SELECT ON dbo.Test_View TO [Test_user]
GO
Given a choice I would opt for #2. If you want to enable cross-database ownership chaining, investigate and understand the security risks thoroughly before doing it.
Thank you for your response. We ended up as below:
USE db1
GO
-- Step 3
CREATE VIEW VW1
AS
SELECT *
FROM TBL1
-- Step 4
GRANT SELECT ON VW1 TO test_user
USE db2
GO
--Step 6
CREATE VIEW v2
AS
SELECT * FROM VW1