SQLSERVER列出所有用戶權限
阿新 • • 發佈:2018-11-29
_id join inner cts reat from procedure 有用 access --服務器級權限
WITH CTE AS
(
SELECT u.name AS 用戶名,
u.is_disabled AS 是否禁用,
g.name as 服務器角色,
‘√‘ as ‘flag‘
FROM sys.server_principals u
INNER JOIN sys.server_role_members m ON u.principal_id = m.member_principal_id
INNER JOIN sys.server_principals g ON g.principal_id = m.role_principal_id
)
SELECT * FROM CTE PIVOT(MAX(flag) FOR 服務器角色 IN ([public],
[sysadmin],
[securityadmin],
[serveradmin],
[setupadmin],
[processadmin],
[diskadmin],
[dbcreator],
[bulkadmin])) AS T )
SELECT * FROM CTE PIVOT(MAX(flag) FOR 數據庫角色 IN ([public],
[db_owner],
[db_accessadmin],
[db_securityadmin],
[db_ddladmin],
[db_backupoperator],
[db_datareader],
[db_datawriter],
[db_denydatareader],
[db_denydatawriter])) AS T ELSE ‘OTHER‘
END AS 對象類型,
CASE WHEN a.ACTION = 26 AND a.PROTECTTYPE = 205 THEN ‘√‘ ELSE ‘‘ END AS ‘REFERENCES‘,
CASE WHEN a.ACTION = 193 AND a.PROTECTTYPE = 205 THEN ‘√‘ ELSE ‘‘ END AS ‘SELECT‘,
CASE WHEN a.ACTION = 195 AND a.PROTECTTYPE = 205 THEN ‘√‘ ELSE ‘‘ END AS ‘INSERT‘,
CASE WHEN a.ACTION = 197 AND a.PROTECTTYPE = 205 THEN ‘√‘ ELSE ‘‘ END AS ‘UPDATE‘,
CASE WHEN a.ACTION = 196 AND a.PROTECTTYPE = 205 THEN ‘√‘ ELSE ‘‘ END AS ‘DELETE‘,
CASE WHEN a.ACTION = 224 AND a.PROTECTTYPE = 205 THEN ‘√‘ ELSE ‘‘ END AS ‘EXECUTE‘,
CASE a.PROTECTTYPE
WHEN 204 THEN ‘GRANT_W_GRANT‘
WHEN 205 THEN ‘GRANT‘
WHEN 206 THEN ‘DENY‘
ELSE ‘OTHER‘
END AS PROTECTTYPE
from sysprotects a inner join sysobjects b on a.id = b.id
inner join sysusers c on a.uid = c.uid
WITH CTE AS
(
SELECT u.name AS 用戶名,
u.is_disabled AS 是否禁用,
g.name as 服務器角色,
‘√‘ as ‘flag‘
FROM sys.server_principals u
INNER JOIN sys.server_role_members m ON u.principal_id = m.member_principal_id
INNER JOIN sys.server_principals g ON g.principal_id = m.role_principal_id
)
SELECT * FROM CTE PIVOT(MAX(flag) FOR 服務器角色 IN ([public],
[securityadmin],
[serveradmin],
[setupadmin],
[processadmin],
[diskadmin],
[dbcreator],
[bulkadmin])) AS T
--數據庫級權限
WITH CTE AS
(
SELECT u.name AS 用戶名,
g.name AS 數據庫角色,
‘√‘ as ‘flag‘
FROM sys.database_principals u
INNER JOIN sys.database_role_members m ON u.principal_id = m.member_principal_id
INNER JOIN sys.database_principals g ON g.principal_id = m.role_principal_id
SELECT * FROM CTE PIVOT(MAX(flag) FOR 數據庫角色 IN ([public],
[db_owner],
[db_accessadmin],
[db_securityadmin],
[db_ddladmin],
[db_backupoperator],
[db_datareader],
[db_datawriter],
[db_denydatareader],
[db_denydatawriter])) AS T
--數據庫級單獨權限
select c.name as 用戶名,b.name as 對象名,
CASE b.type
WHEN ‘U‘ THEN ‘Table‘
WHEN ‘P‘ THEN ‘Procedure‘
END AS 對象類型,
CASE WHEN a.ACTION = 26 AND a.PROTECTTYPE = 205 THEN ‘√‘ ELSE ‘‘ END AS ‘REFERENCES‘,
CASE WHEN a.ACTION = 193 AND a.PROTECTTYPE = 205 THEN ‘√‘ ELSE ‘‘ END AS ‘SELECT‘,
CASE WHEN a.ACTION = 195 AND a.PROTECTTYPE = 205 THEN ‘√‘ ELSE ‘‘ END AS ‘INSERT‘,
CASE WHEN a.ACTION = 197 AND a.PROTECTTYPE = 205 THEN ‘√‘ ELSE ‘‘ END AS ‘UPDATE‘,
CASE WHEN a.ACTION = 196 AND a.PROTECTTYPE = 205 THEN ‘√‘ ELSE ‘‘ END AS ‘DELETE‘,
CASE WHEN a.ACTION = 224 AND a.PROTECTTYPE = 205 THEN ‘√‘ ELSE ‘‘ END AS ‘EXECUTE‘,
CASE a.PROTECTTYPE
WHEN 204 THEN ‘GRANT_W_GRANT‘
WHEN 205 THEN ‘GRANT‘
WHEN 206 THEN ‘DENY‘
ELSE ‘OTHER‘
END AS PROTECTTYPE
from sysprotects a inner join sysobjects b on a.id = b.id
inner join sysusers c on a.uid = c.uid
SQLSERVER列出所有用戶權限