Is it possible to create some "system" trigger, through which it would be possible to enable / disable the execution of update, insert, delete commands on the whole database, for certain users and / or certain applications?
I know I can do a logon trigger that will not allow the users to log in and / or from applications to the SQL server. I know it would probably work by creating triggers on each table, but that's impractical. After all, the SSMS Activity Monitor sees exactly which user is running which command from which host.
Example: Application1, application2 and user1, user2
SQL Server 2014:
User1 from application1 can run all commands (select, update, insert, delete ...)
User1 from application2 is not allowed run update, insert, delete, other commands are allowed
User2 from any application can run all commands (select, update, insert, delete ...)
I solved it by combining of linking servers (RO user) from Test SQL server and logon trigger on Prod SQL server. Thanks.