SQL Server用户权限查询

Posted 开发随想

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了SQL Server用户权限查询相关的知识,希望对你有一定的参考价值。

--服务器级权限
WITH CTE AS (
    SELECT
        u.name AS 用户名,
        u.is_disabled AS 是否禁用,
        g.name AS 服务器角色,
        \'\' AS \'flag\' 
    FROM
        sys.server_principals u
        INNER JOIN sys.server_role_members m ON u.principal_id = m.member_principal_id
        INNER JOIN sys.server_principals g ON g.principal_id = m.role_principal_id 
    ) SELECT
    * 
FROM
    CTE PIVOT ( MAX ( flag ) FOR 服务器角色 IN ( [public], [sysadmin], [securityadmin], [serveradmin], [setupadmin], [processadmin], [diskadmin], [dbcreator], [bulkadmin] ) ) AS T;

--数据库级权限
WITH CTE AS (
    SELECT
        u.name AS 用户名,
        g.name AS 数据库角色,
        \'\' AS \'flag\' 
    FROM
        sys.database_principals u
        INNER JOIN sys.database_role_members m ON u.principal_id = m.member_principal_id
        INNER JOIN sys.database_principals g ON g.principal_id = m.role_principal_id 
    ) SELECT
    * 
FROM
    CTE PIVOT (
    MAX ( flag ) FOR 数据库角色 IN ( [public], [db_owner], [db_accessadmin], [db_securityadmin], [db_ddladmin], [db_backupoperator], [db_datareader], [db_datawriter], [db_denydatareader], [db_denydatawriter] ) 
    ) AS T;

--数据库级单独权限
SELECT
    c.name AS 用户名,
    b.name AS 对象名,
CASE
        b.type 
        WHEN \'U\' THEN
        \'Table\' 
        WHEN \'P\' THEN
        \'Procedure\' ELSE \'OTHER\' 
    END AS 对象类型,
CASE
        
        WHEN a.ACTION = 26 
        AND a.PROTECTTYPE = 205 THEN
            \'\' ELSE \'\' 
            END AS \'REFERENCES\',
    CASE
            
            WHEN a.ACTION = 193 
            AND a.PROTECTTYPE = 205 THEN
                \'\' ELSE \'\' 
                END AS \'SELECT\',
        CASE
                
                WHEN a.ACTION = 195 
                AND a.PROTECTTYPE = 205 THEN
                    \'\' ELSE \'\' 
                    END AS \'INSERT\',
            CASE
                    
                    WHEN a.ACTION = 197 
                    AND a.PROTECTTYPE = 205 THEN
                        \'\' ELSE \'\' 
                        END AS \'UPDATE\',
                CASE
                        
                        WHEN a.ACTION = 196 
                        AND a.PROTECTTYPE = 205 THEN
                            \'\' ELSE \'\' 
                            END AS \'DELETE\',
                    CASE
                            
                            WHEN a.ACTION = 224 
                            AND a.PROTECTTYPE = 205 THEN
                                \'\' ELSE \'\' 
                                END AS \'EXECUTE\',
                        CASE
                                a.PROTECTTYPE 
                                WHEN 204 THEN
                                \'GRANT_W_GRANT\' 
                                WHEN 205 THEN
                                \'GRANT\' 
                                WHEN 206 THEN
                                \'DENY\' ELSE \'OTHER\' 
                            END AS PROTECTTYPE 
                        FROM
                            sysprotects a
                        INNER JOIN sysobjects b ON a.id = b.id
    INNER JOIN sysusers c ON a.uid = c.uid;

以上是关于SQL Server用户权限查询的主要内容,如果未能解决你的问题,请参考以下文章

SQL Server用户权限查询

SQL Server 查询以查找数据库中所有用户的所有权限/访问权限

SQL Server表上的跨服务器查询的行丢失,可能是由于用户权限

SQL SERVER 建好了,如何创建用户以及赋予所有权限?

sql server 2000 单用户如何设置?

SQL Server用户权限问题