I've created the Secure Policy for my Ms Sql Server database. And I'm trying to figure out a difference between BEFORE and AFTER dml operations. Also it would be great to know what is a reason to use it. I couldn't find any clear explenations of my topic.
CREATE SECURITY POLICY [Security].DealershipsCarsFilter
ADD FILTER PREDICATE [Security].fn_securitypredicate(DealershipId)
ON dbo.[DealershipsCars],
ADD BLOCK PREDICATE [Security].fn_securitypredicate(DealershipId)
ON dbo.[DealershipsCars] AFTER INSERT
WITH (STATE = ON);
For an UPDATE
, you might specify different policies for BEFORE
and AFTER
, to allow you to evaluate the old values in the row before the update is applied and the new values in the row after the update is applied. Or you may wish the same policy to be applied in both situations. The choice is yours.
For INSERT
or DELETE
, you can only choose AFTER
or BEFORE
, respectively, because the rows don't exist in the other state.
Which is a long way of saying, before and after here don't have some deep technical meaning, adopting instead their plain English meanings.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With