sql server的許可權查詢
--有關資料庫的許可權查詢:
WITH tree_roles as
(
SELECT role_principal_id, member_principal_id
FROM sys.database_role_members
WHERE member_principal_id = USER_ID('UserName')
UNION ALL
SELECT c.role_principal_id,c.member_principal_id
FROM sys.database_role_members as c
inner join tree_roles
on tree_roles.member_principal_id = c.role_principal_id
)
SELECT distinct USER_NAME(role_principal_id) RoleName
FROM tree_roles
--相關的許可權表
select * from sysusers
select * from syspermissions
具體的一些查詢
--檢視誰可以訪問例項
SELECT
name as UserName, type_desc as UserType, is_disabled as IsDisabled
FROM sys.server_principals
where type_desc in('WINDOWS_LOGIN', 'SQL_LOGIN')
order by UserType, name, IsDisabled
--檢視誰可以訪問資料庫
SELECT
dp.name as UserName, dp.type_desc as UserType, sp.name as LoginName, sp.type_desc as LoginType
FROM sys.database_principals dp
JOIN sys.server_principals sp ON dp.principal_id = sp.principal_id
order by UserType
select * from sys.database_principals
--角色許可權查詢
select
p.name as UserName, p.type_desc as UserType, pp.name as ServerRoleName, pp.type_desc as ServerRoleType
from sys.server_role_members roles
join sys.server_principals p on roles.member_principal_id = p.principal_id
join sys.server_principals pp on roles.role_principal_id = pp.principal_id
where pp.name in('sysadmin')
order by ServerRoleName, UserName
--資料庫角色
SELECT
p.name as UserName, p.type_desc as UserType, pp.name as DBRoleName, pp.type_desc as DBRoleType, pp.is_fixed_role as IfFixedRole
FROM sys.database_role_members roles
JOIN sys.database_principals p ON roles.member_principal_id = p.principal_id
JOIN sys.database_principals pp ON roles.role_principal_id = pp.principal_id
where pp.name in('db_owner', 'db_datawriter')
--檢視使用者的許可權
SELECT
grantor.name as GrantorName, dp.state_desc as StateDesc, dp.class_desc as ClassDesc, dp.permission_name as PermissionName ,
OBJECT_NAME(major_id) as ObjectName, GranteeName = grantee.name
FROM sys.database_permissions dp
JOIN sys.database_principals grantee on dp.grantee_principal_id = grantee.principal_id
JOIN sys.database_principals grantor on dp.grantor_principal_id = grantor.principal_id
where permission_name like '%UPDATE%'
--其它說明
透過儲存過程來查詢
EXEC sp_helprotect NULL, NULL ,null,'golden_ro';
引數1:Owner sysname Name of the object owner
引數2:Object sysname Name of the object.
引數3:Grantee sysname Name of the principal to which permissions were granted
引數4:Grantor sysname Name of the principal that granted permissions to the specified grantee.
暫時列常用的四個引數!用法如上!
如查詢表的授權情況
EXEC sp_helpuser;
引數1:UserName sysname Users in the current database.
引數2:RoleName sysname Roles to which UserName belongs.
引數3:LoginName sysname Login of UserName.
引數4:DefDBName sysname Default database of UserName.
最近在跟使用者授權的時候,發現要授予全部儲存過程的執行許可權,搞了很久,終於搞懂
grant execute to username;
授予單個表、檢視、儲存過程,就比較簡單了!
來自 “ ITPUB部落格 ” ,連結:http://blog.itpub.net/29371470/viewspace-2141157/,如需轉載,請註明出處,否則將追究法律責任。
相關文章
- SQL Server 許可權管理SQLServer
- SQL Server中查詢使用者的物件許可權和角色的方法SQLServer物件
- SQL Server許可權問題SQLServer
- Oracle 查詢許可權角色Oracle
- Oracle許可權相關查詢Oracle
- SQL Server SA許可權最新入侵方法SQLServer
- 舉例如何控制查詢許可權
- Oracle查詢使用者許可權Oracle
- MySql查詢使用者許可權MySql
- sql server點檢賬號需要的許可權SQLServer
- [譯]SQL Server分析服務的許可權配置SQLServer
- SQL Server 2000 許可權問題SQLServer
- DB2的4種查詢許可權DB2
- 查詢每個使用者的許可權
- 使用LDAP查詢快速提升域許可權LDA
- MySQL如何查詢all有哪些許可權?MySql
- 查詢沒有許可權但資料字典中顯示有許可權
- SQL Server2000 許可權問題SQLServer
- SQL Server資料庫SA許可權總結SQLServer資料庫
- 【自然框架】之通用許可權(八):許可權到欄位(列表、表單、查詢)框架
- 使用SQL批量查詢出建立使用者及許可權指令碼SQL指令碼
- sql許可權管理SQL
- Linux 特殊許可權a,i,t,s以及查詢帶有特殊許可權的所有檔案Linux
- MongoDB4.0建立自定義許可權(只有查詢,插入和更新的許可權)的角色步驟MongoDB
- Permission API 統一查詢許可權狀態API
- Linux雜記 查詢與特殊許可權位Linux
- 查詢Tcode與許可權物件的對應關係物件
- 關於樹結構的查詢優化,及許可權樹的查詢優化優化
- SQL Server 2008固定資料庫角色的許可權SQLServer資料庫
- SQL Server中sysobjects含義及批量賦予許可權的方法SQLServerObject
- Oracle的物件許可權、角色許可權、系統許可權Oracle物件
- SQL Server 查詢分解SQLServer
- 許可權控制下的SQL寫法SQL
- 呼叫者許可權與定義者許可權的pl/sql子程式SQL
- SQL Server遞迴查詢SQLServer遞迴
- SQL SERVER 查詢鎖資訊SQLServer
- SQL server跨庫查詢SQLServer
- Sql Server系列:子查詢SQLServer