我们正在使用 NAV 2018 来源。我是 SQL 开发人员,我希望所有与角色、组、访问级别相关的用户信息用于审计目的。我有以下表格。但我得到的结果是巨大的。大约 1000 万条记录,我觉得这可能不正确。下面是表格列表和加入条件。
select
u.[UserName]as UserName
,u.WindowsSecurityID as UserSID
,u.[FullName]AS UserFullName
,u.[ContactEmail]as UserEmail
,isnull(ugm.[UserGroupCode],'') UserGroupCode
,isnull(ug.[Name],'') UserGroupCodeDescription
,isnull(ug.[DefaultProfileID],'') UserGroupProfile
,ug.[AssigntoAllNewUsers] UserGroupAssigntoAllNewUsers
,ac.[RoleID]as AccessRole
,ps.[Name] RoleDescription
, o.[Name] as TableName
, o.[ID] as TableID
,u.[State]as UserStatus
,ac.CompanyName
,CASE WHEN p.[ReadPermission] = 1 THEN CONVERT(NVARCHAR(20),'Read Permission') END AS Read_Permission
,CASE WHEN p.[InsertPermission]=1 THEN CONVERT(NVARCHAR(20),'Insert Permission') END AS Insert_Permission
,CASE WHEN p.[ModifyPermission]=1 THEN CONVERT(NVARCHAR(20),'Modify Permission') END AS Modify_Permission
,CASE WHEN p.[DeletePermission]=1 THEN CONVERT(NVARCHAR(20),'Delete Permission') END AS Delete_Permission
,CASE WHEN p.[ExecutePermission]=1 THEN CONVERT(NVARCHAR(20),'Execute Permission') END AS Execute_Permission
from
[User] u (nolock)
left join
AccessControl ac (nolock)
on ac.[UserSecurityID]=u.[UserSecurityID]
left join
Permission p (nolock)
on ac.[RoleID]=p.[RoleID]
and p.[ObjectType]=0 -- (Type = 0 is for Table .. I guess)
and (p.[ReadPermission] = 1 or p.[InsertPermission] = 1 or p.[ModifyPermission] = 1 or p.[DeletePermission] = 1 or p.[ExecutePermission] = 1 )
left join
Object o (nolock)
ON o.[ID] = p.[ObjectID] and [Type]=0 -- (Type = 0 is for Table .. I guess)
left join
PermissionSet ps
ON ps.RoleID = p.RoleID
left join
UserGroupMember ugm (nolock)
ON ugm.UserSecurityID = ac.UserSecurityID and ugm.CompanyName = ac.CompanyName
left join
UserGroup ug (nolock)
ON ug.Code = ugm.UserGroupCode
where
NULLIF(u.[UserName],'') IS NOT NULL