Murdock
Reputation: 4662
Is SQL Server Security Policy executed per row or per select
Lets say I have
CREATE FUNCTION [sec].[PartyGroupAccessPredicate](@PartyGroupId uniqueidentifier)
RETURNS TABLE
WITH SCHEMABINDING
AS
RETURN SELECT 1 AS accessResult
FROM [sec].[PartyGroupPartyLink] partyGroupLink
WHERE
(
partyGroupLink.PartyGroupId = @PartyGroupId AND partyGroupLink.PartyId = CAST(SESSION_CONTEXT(N'PartyId') AS VARCHAR(50))
AND @PartyGroupId IS NOT NULL
)
GO
CREATE SECURITY POLICY [sec].[PartyGroupAccessPolicy]
ADD FILTER PREDICATE [sec].[PartyGroupAccessPredicate]([PartyGroupId]) ON [int].[Program]
... would the security policy execute for each row or does sql do some optimization where its executed only once?
Is there any better approaches that would be more performant?
Upvotes: 0
Views: 139
Answers (1)
SQLZealots
Reputation: 42
The security policy is applied at row level. This is how row level security is being implemented in SQL Server. Reference: Row level security Regarding, your query on performant, If you need to apply multiple filters, then it will have an impact.
Upvotes: 0
Related Questions
- PostgreSQL RLS explicit Policies
- postgresql row level security RESTRICTIVE policies write single select query
- Row Level Security update block predicate not working
- What is the usage of policy management in sql server 2008?
- Row level security only on SELECT
- Is execution plan per-batch or per-statement?
- Row Level Security with multiple users for one row
- Implementing Row Level Security in SQL Server 2008
- Does WITH statement execute once per query or once per row?
- SQL Query Execution more than once?