Added row-level security

Author: jovanpop-msft

samples/databases/wide-world-importers/wwi-ssdt/wwi-ssdt/Application/Functions/DetermineCustomerAccess.sql

@@ -10,7 +10,7 @@ RETURN (SELECT 1 AS AccessResult
                           INNER JOIN [Application].StateProvinces AS sp
                           ON c.StateProvinceID = sp.StateProvinceID
                           WHERE c.CityID = @CityID) + N' Sales') <> 0
-	    OR (ORIGINAL_LOGIN() = N'Website'
+	    OR ((ORIGINAL_LOGIN() = N'Website' OR ORIGINAL_LOGIN() = N'WebApi')
 		    AND EXISTS (SELECT 1
 		                FROM [Application].Cities AS c
 				        INNER JOIN [Application].StateProvinces AS sp

samples/databases/wide-world-importers/wwi-ssdt/wwi-ssdt/Security/Permissions.sql

@@ -5,3 +5,13 @@ GRANT VIEW ANY COLUMN ENCRYPTION KEY DEFINITION TO PUBLIC;
 GO
 GRANT VIEW ANY COLUMN MASTER KEY DEFINITION TO PUBLIC;
 */
+
+GO
+CREATE LOGIN WebApi WITH PASSWORD = 'Sp1d3rman!';
+GO
+CREATE USER WebApi FROM LOGIN WebApi;
+GO
+GRANT EXECUTE ON SCHEMA::WebApi TO WebApi;
+GO
+GRANT SELECT ON SCHEMA::WebApi TO WebApi;
+GO

samples/databases/wide-world-importers/wwi-ssdt/wwi-ssdt/WebApi/Stored Procedures/Login.sql

@@ -0,0 +1,10 @@
+CREATE PROCEDURE [WebApi].[Login](@LogonName nvarchar(256), @Password nvarchar(256))
+WITH EXECUTE AS OWNER
+AS BEGIN
+	select  PersonID, PreferredName, IsSalesperson, IsEmployee,
+        Territory = JSON_VALUE(CustomFields,'$.PrimarySalesTerritory')
+	from Application.People
+	where IsPermittedToLogon = 1
+	and LogonName = @LogonName
+	--and HashedPassword = HASHBYTES(N'SHA2_256', @Password)",
+END

samples/databases/wide-world-importers/wwi-ssdt/wwi-ssdt/WebApi/Views/CustomerTransactions.sql

@@ -4,7 +4,7 @@ SELECT ct.CustomerTransactionID, ct.TransactionDate, ct.AmountExcludingTax, ct.T
 		c.CustomerName, tt.TransactionTypeName, i.InvoiceDate, i.CustomerPurchaseOrderNumber, pm.PaymentMethodName,
 		ct.CustomerID, ct.TransactionTypeID, ct.InvoiceID, ct.PaymentMethodID
 FROM Sales.CustomerTransactions AS ct
-		LEFT OUTER JOIN Sales.Invoices AS i ON ct.InvoiceID = i.InvoiceID
+		JOIN Sales.Customers AS c ON ct.CustomerID = c.CustomerID
+		JOIN Sales.Invoices AS i ON ct.InvoiceID = i.InvoiceID
 		LEFT OUTER JOIN Application.TransactionTypes AS tt ON ct.TransactionTypeID = tt.TransactionTypeID
-		LEFT OUTER JOIN Sales.Customers AS c ON ct.CustomerID = c.CustomerID
 		LEFT OUTER JOIN Application.PaymentMethods AS pm ON ct.PaymentMethodID = pm.PaymentMethodID

samples/databases/wide-world-importers/wwi-ssdt/wwi-ssdt/WideWorldImporters.sqlproj

@@ -773,6 +773,7 @@
       <AnsiNulls>On</AnsiNulls>
       <QuotedIdentifier>On</QuotedIdentifier>
     </Build>
+    <Build Include="WebApi\Stored Procedures\Login.sql" />
   </ItemGroup>
   <ItemGroup>
     <PostDeploy Include="PostDeploymentScripts\Script.PostDeployment1.sql" />