如何确定使用TSQL哪些角色被授予对特定存储过程的执行权限?

时间:2022-03-24 09:35:27

How do I determine using TSQL what roles are granted execute permissions on a specific stored procedure? Is there a system stored procedure or a system view I can use?

如何确定使用TSQL哪些角色被授予对特定存储过程的执行权限?我可以使用系统存储过程或系统视图吗?

2 个解决方案

#1


1  

In 7.0 or 2000, you can modify and use the following code:

在7.0或2000中,您可以修改并使用以下代码:

SELECT convert(varchar(100),
        'GRANT ' +
        CASE         WHEN actadd & 32 = 32 THEN 'EXECUTE'
                ELSE
                        CASE WHEN actadd & 1 = 1   THEN 'SELECT' + CASE WHEN actadd & (8|2|16) > 0  THEN ', ' ELSE '' END ELSE '' END +
                        CASE WHEN actadd & 8 = 8   THEN 'INSERT' + CASE WHEN actadd & (2|16) > 0  THEN ', ' ELSE '' END ELSE '' END +
                        CASE WHEN actadd & 2 = 2   THEN 'UPDATE' + CASE WHEN actadd & (16) > 0  THEN ', ' ELSE '' END ELSE '' END +
                        CASE WHEN actadd & 16 = 16 THEN 'DELETE' ELSE '' END
        END + ' ON [' + o.name + '] TO [' + u.name + ']') AS '--Permissions--'
FROM syspermissions p
INNER JOIN sysusers u ON u.uid = p.grantee
INNER JOIN sysobjects o ON p.id = o.id
WHERE o.type <> 'S'
AND o.name NOT LIKE 'dt%'
--AND o.name = '<specific procedure/table>'
--AND u.name = '<specific user>'
ORDER BY u.name, o.name 

#2


0  

You can try something like this. Note, I believe 3 is EXECUTE.

你可以尝试这样的事情。注意,我相信3是EXECUTE。

SELECT
grantee_principal.name AS [Grantee],
CASE grantee_principal.type WHEN 'R' THEN 3 WHEN 'A' THEN 4 ELSE 2 END - CASE 'database' WHEN  'database' THEN 0 ELSE 2 END AS [GranteeType]
FROM
sys.all_objects AS sp
INNER JOIN sys.database_permissions AS prmssn ON prmssn.major_id=sp.object_id AND prmssn.minor_id=0 AND prmssn.class=1
INNER JOIN sys.database_principals AS grantee_principal ON grantee_principal.principal_id = prmssn.grantee_principal_id
WHERE
(sp.type = N'P' OR sp.type = N'RF' OR sp.type='PC')and(sp.name=N'myProcedure' and SCHEMA_N

I got that example by simply using SQL Profiler while looking at the permissions on a procedure. I hope that helps.

我在查看过程的权限时只使用SQL事件探查器就得到了这个例子。我希望有所帮助。

#1


1  

In 7.0 or 2000, you can modify and use the following code:

在7.0或2000中,您可以修改并使用以下代码:

SELECT convert(varchar(100),
        'GRANT ' +
        CASE         WHEN actadd & 32 = 32 THEN 'EXECUTE'
                ELSE
                        CASE WHEN actadd & 1 = 1   THEN 'SELECT' + CASE WHEN actadd & (8|2|16) > 0  THEN ', ' ELSE '' END ELSE '' END +
                        CASE WHEN actadd & 8 = 8   THEN 'INSERT' + CASE WHEN actadd & (2|16) > 0  THEN ', ' ELSE '' END ELSE '' END +
                        CASE WHEN actadd & 2 = 2   THEN 'UPDATE' + CASE WHEN actadd & (16) > 0  THEN ', ' ELSE '' END ELSE '' END +
                        CASE WHEN actadd & 16 = 16 THEN 'DELETE' ELSE '' END
        END + ' ON [' + o.name + '] TO [' + u.name + ']') AS '--Permissions--'
FROM syspermissions p
INNER JOIN sysusers u ON u.uid = p.grantee
INNER JOIN sysobjects o ON p.id = o.id
WHERE o.type <> 'S'
AND o.name NOT LIKE 'dt%'
--AND o.name = '<specific procedure/table>'
--AND u.name = '<specific user>'
ORDER BY u.name, o.name 

#2


0  

You can try something like this. Note, I believe 3 is EXECUTE.

你可以尝试这样的事情。注意,我相信3是EXECUTE。

SELECT
grantee_principal.name AS [Grantee],
CASE grantee_principal.type WHEN 'R' THEN 3 WHEN 'A' THEN 4 ELSE 2 END - CASE 'database' WHEN  'database' THEN 0 ELSE 2 END AS [GranteeType]
FROM
sys.all_objects AS sp
INNER JOIN sys.database_permissions AS prmssn ON prmssn.major_id=sp.object_id AND prmssn.minor_id=0 AND prmssn.class=1
INNER JOIN sys.database_principals AS grantee_principal ON grantee_principal.principal_id = prmssn.grantee_principal_id
WHERE
(sp.type = N'P' OR sp.type = N'RF' OR sp.type='PC')and(sp.name=N'myProcedure' and SCHEMA_N

I got that example by simply using SQL Profiler while looking at the permissions on a procedure. I hope that helps.

我在查看过程的权限时只使用SQL事件探查器就得到了这个例子。我希望有所帮助。