After you create ViewB
in DatabaseB
, which points to ViewA
in DatabaseA
, create the same user in both databases but limit the permissions like below :
- In
DatabaseA
, grant the user only theSELECT
permission onViewA
. - In
DatabaseB
, grant the userSELECT
permission onViewB
.
Then you explicitly deny the user any other permissions on DatabaseA
. This can be done using the DENY
statement in SQL.
Create and Grant Permissions in DatabaseA
-- Create ViewA in DatabaseA
CREATE VIEW ViewA AS
SELECT * FROM SomeTable;
-- Create user in DatabaseA
CREATE USER [YourUser] FOR LOGIN [YourLogin];
-- Grant select permission on ViewA
GRANT SELECT ON OBJECT::dbo.ViewA TO [YourUser];
-- Deny all other permissions on DatabaseA
DENY CONNECT TO [YourUser];
Create and Grant Permissions in DatabaseB
-- Create ViewB in DatabaseB pointing to ViewA in DatabaseA
CREATE VIEW ViewB AS
SELECT * FROM DatabaseA.dbo.ViewA;
-- Create user in DatabaseB
CREATE USER [YourUser] FOR LOGIN [YourLogin];
-- Grant select permission on ViewB
GRANT SELECT ON OBJECT::dbo.ViewB TO [YourUser];