我们如何显示在脚本中任何特定角色中添加的所有安全对象?
问问题
19736 次
2 回答
13
SELECT
OBJECT_NAME(major_id), USER_NAME(grantee_principal_id), permission_name
FROM
sys.database_permissions p
WHERE
p.class = 1 AND
OBJECTPROPERTY(major_id, 'IsMSSHipped') = 0
ORDER BY
OBJECT_NAME(major_id), USER_NAME(grantee_principal_id), permission_name
于 2010-01-07T17:27:05.827 回答
3
这是我用来进行数据库重构、更新或备份的另一个。它还支持列级权限。该语句生成 GRANT 语句。但它很容易适应。
SELECT (case when state_desc like 'GRANT%' then 'GRANT' else state_desc end)
+ ' ' + database_permissions.permission_name
+ CASE database_permissions.class_desc
WHEN 'SCHEMA' THEN ' ON SCHEMA::[' + schema_name(major_id) + ']'
WHEN 'OBJECT_OR_COLUMN' THEN ' ON '
+ isnull('[' + schema_name(objects.schema_id) + '].', '') + '['
+ (CASE WHEN minor_id = 0 THEN object_name(major_id) + ']' COLLATE Latin1_General_CI_AS_KS_WS
ELSE (SELECT object_name(object_id) + '] (['+ name + '])'
FROM sys.columns
WHERE object_id = database_permissions.major_id
AND column_id = database_permissions.minor_id) end)
WHEN 'DATABASE_PRINCIPAL' THEN ' ON USER::[' + USER_NAME(major_id) + ']'
WHEN 'DATABASE' Then ''
WHEN 'SERVICE_CONTRACT' then ' ON CONTRACT::['
+ (select name
from sys.service_contracts
where service_contract_id = major_id)
+ ']'
ELSE ' <<' + database_permissions.class_desc + '>>'
END
+ ' TO [' + database_principals.name + ']'
+ (case when state_desc = 'GRANT_WITH_GRANT_OPTION' then ' WITH GRANT OPTION' else '' end)
COLLATE Latin1_General_CI_AS_KS_WS
FROM sys.database_permissions
inner JOIN sys.database_principals
ON database_permissions.grantee_principal_id = database_principals.principal_id
LEFT JOIN sys.objects
ON objects.object_id = database_permissions.major_id
WHERE database_permissions.major_id > 0
于 2014-05-19T20:46:21.813 回答