database design - SET IDENTITY_INSERT ON/OFF needed on application server, but ALTER permission seems dangerous. Suggestion? -
we building multi-user web app need unique postid
post
create. each post
has (userid, postid)
compound primary key.
right now, postid
identity value, because of need support operations require postid
inserted (no re-numbering), decide use set identity_insert on/off
.
however, our dba told such operation not meant used application server because alter permission requirement:
permissions
user must own table or have alter permission on table.
https://msdn.microsoft.com/en-ca/library/ms188059.aspx
if application server got hacked, alter permission seems rather risky. our dba suggests not use identity value @ all, , locally generate unique postid
per user.
can set identity_insert on
left on globally?
if can't left on globally, avoiding identity value , use local generation of postid
(per user) max(postid)+1
per user make sense? prefer use identity value if possible because worried possible deadlocks , performance issues associated custom postid generation.
starting sql server 2012 can use sequences in oracle. may better off those. first, create sequence:
create sequence myseq long start 1 increment 1; go
then have table's primary key default next sequence value (instead of being identity value):
create table mytable ( mypk long primary key default (next value myseq), mywhatever... );
if don't specify pk value insert
you'll unique, generated sequence value. it's same behavior identity
. if want specify pk value can, long don't violate primary key's uniqueness - again, that's same behavior identity
set identity insert on
.
Comments
Post a Comment