当前位置:Gxlcms > 数据库问题 > SQL Server用户权限查询

SQL Server用户权限查询

时间:2021-07-01 10:21:17 帮助过:12人阅读

服务器级权限 WITH CTE AS ( SELECT u.name AS 用户名, u.is_disabled AS 是否禁用, g.name AS 服务器角色, AS flag FROM sys.server_principals u INNER JOIN sys.server_role_members m ON u.principal_id = m.member_principal_id INNER JOIN sys.server_principals g ON g.principal_id = m.role_principal_id ) SELECT * FROM CTE PIVOT ( MAX ( flag ) FOR 服务器角色 IN ( [public], [sysadmin], [securityadmin], [serveradmin], [setupadmin], [processadmin], [diskadmin], [dbcreator], [bulkadmin] ) ) AS T;

技术图片

--数据库级权限
WITH CTE AS (
    SELECT
        u.name AS 用户名,
        g.name AS 数据库角色,
         AS flag 
    FROM
        sys.database_principals u
        INNER JOIN sys.database_role_members m ON u.principal_id = m.member_principal_id
        INNER JOIN sys.database_principals g ON g.principal_id = m.role_principal_id 
    ) SELECT
    * 
FROM
    CTE PIVOT (
    MAX ( flag ) FOR 数据库角色 IN ( [public], [db_owner], [db_accessadmin], [db_securityadmin], [db_ddladmin], [db_backupoperator], [db_datareader], [db_datawriter], [db_denydatareader], [db_denydatawriter] ) 
    ) AS T;

技术图片

--数据库级单独权限
SELECT
    c.name AS 用户名,
    b.name AS 对象名,
CASE
        b.type 
        WHEN U THEN
        Table 
        WHEN P THEN
        Procedure ELSE OTHER 
    END AS 对象类型,
CASE
        
        WHEN a.ACTION = 26 
        AND a.PROTECTTYPE = 205 THEN
             ELSE ‘‘ 
            END AS REFERENCES,
    CASE
            
            WHEN a.ACTION = 193 
            AND a.PROTECTTYPE = 205 THEN
                 ELSE ‘‘ 
                END AS SELECT,
        CASE
                
                WHEN a.ACTION = 195 
                AND a.PROTECTTYPE = 205 THEN
                     ELSE ‘‘ 
                    END AS INSERT,
            CASE
                    
                    WHEN a.ACTION = 197 
                    AND a.PROTECTTYPE = 205 THEN
                         ELSE ‘‘ 
                        END AS UPDATE,
                CASE
                        
                        WHEN a.ACTION = 196 
                        AND a.PROTECTTYPE = 205 THEN
                             ELSE ‘‘ 
                            END AS DELETE,
                    CASE
                            
                            WHEN a.ACTION = 224 
                            AND a.PROTECTTYPE = 205 THEN
                                 ELSE ‘‘ 
                                END AS EXECUTE,
                        CASE
                                a.PROTECTTYPE 
                                WHEN 204 THEN
                                GRANT_W_GRANT 
                                WHEN 205 THEN
                                GRANT 
                                WHEN 206 THEN
                                DENY ELSE OTHER 
                            END AS PROTECTTYPE 
                        FROM
                            sysprotects a
                        INNER JOIN sysobjects b ON a.id = b.id
    INNER JOIN sysusers c ON a.uid = c.uid;

技术图片

SQL Server用户权限查询

标签:服务器   disk   base   select   operator   join   数据库角色   write   creat   

人气教程排行