我不想授予用户 Sysadmin 角色。有没有办法以系统管理员或系统管理员用户的身份运行特定的存储过程?存储过程在 MSSQL 2005 中并具有 xp_cmdshell 下面是代码:
ALTER PROCEDURE [dbo].[procExcelQuotebyItem]
(
@OrderNumber INT
)
AS
BEGIN
SET NOCOUNT ON
DECLARE @Cmd varchar(1000)
DECLARE @fn varchar(500)
DECLARE @provider varchar(100)
DECLARE @ExcelString varchar(100)
-- New File Name to be created
SET @fn = 'D:\Pre-Manufacturing\Excel\QuotebyItem.xls'
/*Cleanup*/
SET @Cmd = 'DEL ' + @fn
EXEC xp_cmdshell @Cmd, no_output
-- FileCopy command string formation
SET @Cmd = 'Copy D:\Pre-Manufacturing\Excel\QuotebyItemTemplate.xls ' + @fn
-- FileCopy command execution through Shell Command
EXEC MASTER..XP_CMDSHELL @cmd, NO_OUTPUT
-- Mentioning the excel destination filename
SET @provider = 'Microsoft.Jet.OLEDB.4.0'
SET @ExcelString = 'Excel 8.0;Database=' + @fn
EXEC('INSERT INTO OPENROWSET(''' + @provider + ''',''' + @ExcelString + ''',''SELECT * FROM [Sheet1$A2:L2]'')
SELECT [ITEMNUMBER],'''',[ITEM_DESCRIPTION],[CASEPACK],[UNIT PRICE],[CASE PRICE],[WEIGHT],[CUBE],[CASE DIMS],[UPC],[CASE UPC],[Q Comments] FROM [ORDER SUMMERY] WHERE [Order #] = ''' + @OrderNumber + '''')