如何列出架构的权限?

Kim*_*imo 5 sql-server ssms

在 SSMS 中,如果您按照路径 [数据库] > 安全 > 模式并查看任何模式属性,您将看到一个选项卡“权限”,其中列出了每个用户对该特定模式拥有的所有权限。

我想进行一个查询,为我提供与该选项卡相同的输出。我尝试使用 sys.database_principals、database_permissions 和 sys_objects,但无法检索链接到模式的权限。

Sco*_*red 8

使用“列出架构权限”中接受的答案,这可能会给您带来您想要的结果。

--demo setup
CREATE DATABASE listschema
GO

USE listschema
GO

CREATE SCHEMA TestSchema
GO

CREATE USER TestUser WITHOUT LOGIN
GO

GRANT SELECT
    ON SCHEMA::TestSchema
    TO TestUser

DENY INSERT
    ON SCHEMA::TestSchema
    TO TestUser
GO

--The actual query
SELECT state_desc
    ,permission_name
    ,'ON'
    ,class_desc
    ,SCHEMA_NAME(major_id)
    ,'TO'
    ,USER_NAME(grantee_principal_id)
FROM sys.database_permissions AS PERM
JOIN sys.database_principals AS Prin
    ON PERM.major_ID = Prin.principal_id
        AND class_desc = 'SCHEMA'
WHERE major_id = SCHEMA_ID('TestSchema')
    AND grantee_principal_id = user_id('TestUser')
    --AND    permission_name = 'SELECT'
GO

--cleanup
USE tempdb
GO

DROP DATABASE listschema
Run Code Online (Sandbox Code Playgroud)
| state_desc | permission_name | (No column name) | class_desc | (No column name) | (No column name) | (No column name) |
|------------|-----------------|------------------|------------|------------------|------------------|------------------|
| DENY       | INSERT          | ON               | SCHEMA     | TestSchema       | TO               | TestUser         |
| GRANT      | SELECT          | ON               | SCHEMA     | TestSchema       | TO               | TestUser         |
Run Code Online (Sandbox Code Playgroud)