所有权链接适用于数据库内的对象。它不允许您输入数据库本身。因此,您必须在您读取的任何数据库中创建一个登录名,例如:
use DatabaseB
exec sp_grantdbaccess 'testuser'
所有权链接确实授予对存储过程的权限。所以数据库登录可以没有任何权限。它必须存在。
创建两个测试数据库并在一个中调用一个过程的查询:
use master
if exists (select * from sys.databases where name = 'TestDatabase1')
drop database TestDatabase1
if exists (select * from sys.databases where name = 'TestDatabase2')
drop database TestDatabase2
create database TestDatabase1
go
use TestDatabase1
exec sp_changedbowner 'sa'
go
create procedure dbo.sp1 as select 'hello world!'
go
create database TestDatabase2
go
use TestDatabase2
exec sp_changedbowner 'sa'
go
create procedure dbo.sp2 as exec TestDatabase1.dbo.sp1
go
use TestDatabase2
exec sp_grantdbaccess 'testuser'
grant execute on sp2 to testuser as dbo
use TestDatabase1
-- Either of the below lines would work
-- exec sp_grantdbaccess 'guest'
-- exec sp_grantdbaccess 'testuser'
use TestDatabase2
execute as login = 'testuser'
exec sp2
revert -- Revert back to original login
查询以显示数据库和过程的所有权:
select d.name
, l.name
from sys.databases d
join sys.syslogins l
on d.owner_sid = l.sid
where d.name like '...your database...'
select p.name
, dp.name
from TestDatabase.sys.procedures p
join TestDatabase.sys.schemas s
on s.schema_id = p.schema_id
join TestDatabase.sys.database_principals dp
on s.principal_id = dp.principal_id
where p.name like '...your stored procedure...'