在 Azure 中检索用户创建的角色和用户信息
Retrieving user created roles and user info in Azure
我曾经按照以下步骤在 Azure SQL 数据库中创建角色,向角色授予权限并将角色分配给用户:
CREATE ROLE [DepartmentReadOnly] AUTHORIZATION [dbo]
GO
GRANT SELECT ON tblDepartment TO DepartmentReadOnly
CREATE USER [user1] FROM LOGIN [user1];
EXEC sp_addrolemember DepartmentReadOnly, user1;
现在sql我用什么从数据库中检索 DepartmentReadOnly 角色名称和权限以及 user1 用户信息,包括 user1 属于哪些角色?
Azure 中没有 sys.server_principals 系统视图,所以我迷路了。有人可以帮忙吗?
"select * from sys.sql_logins" 在 Azure 中用作 sys.server_principals,您必须 运行 在主数据库中查询
听起来您正在用户数据库中查找这些目录视图:
- sys.database_principals has the role (see the bottom of the page for an example to list all permissions by joining with sys.database_permissions).
- sys.database_role_members 具有角色成员资格。
这是有效的方法:
SELECT p.[name] as 'Principal_Name',
CASE WHEN p.[type_desc]='SQL_USER' THEN 'User'
WHEN p.[type_desc]='DATABASE_ROLE' THEN 'Role' END As 'Principal_Type',
--principals2.[name] as 'Grantor',
dbpermissions.[state_desc] As 'Permission_Type',
dbpermissions.[permission_name] As 'Permission',
CASE WHEN so.[type_desc]='USER_TABLE' THEN 'Table'
WHEN so.[type_desc]='SQL_STORED_PROCEDURE' THEN 'Stored Proc'
WHEN so.[type_desc]='VIEW' THEN 'View' END as 'Object_Type',
so.[Name] as 'Object_Name'
FROM [sys].[database_permissions] dbpermissions
LEFT JOIN [sys].[objects] so ON dbpermissions.[major_id] = so.[object_id]
LEFT JOIN [sys].[database_principals] p ON dbpermissions. [grantee_principal_id] = p.[principal_id]
LEFT JOIN [sys].[database_principals] principals2 ON dbpermissions.[grantor_principal_id] = principals2.[principal_id]
WHERE p.principal_id > 4
http://elena-sqldba.blogspot.com/2015/06/retrieving-all-user-created-users-roles.html
我曾经按照以下步骤在 Azure SQL 数据库中创建角色,向角色授予权限并将角色分配给用户:
CREATE ROLE [DepartmentReadOnly] AUTHORIZATION [dbo]
GO
GRANT SELECT ON tblDepartment TO DepartmentReadOnly
CREATE USER [user1] FROM LOGIN [user1];
EXEC sp_addrolemember DepartmentReadOnly, user1;
现在sql我用什么从数据库中检索 DepartmentReadOnly 角色名称和权限以及 user1 用户信息,包括 user1 属于哪些角色?
Azure 中没有 sys.server_principals 系统视图,所以我迷路了。有人可以帮忙吗?
"select * from sys.sql_logins" 在 Azure 中用作 sys.server_principals,您必须 运行 在主数据库中查询
听起来您正在用户数据库中查找这些目录视图:
- sys.database_principals has the role (see the bottom of the page for an example to list all permissions by joining with sys.database_permissions).
- sys.database_role_members 具有角色成员资格。
这是有效的方法:
SELECT p.[name] as 'Principal_Name',
CASE WHEN p.[type_desc]='SQL_USER' THEN 'User'
WHEN p.[type_desc]='DATABASE_ROLE' THEN 'Role' END As 'Principal_Type',
--principals2.[name] as 'Grantor',
dbpermissions.[state_desc] As 'Permission_Type',
dbpermissions.[permission_name] As 'Permission',
CASE WHEN so.[type_desc]='USER_TABLE' THEN 'Table'
WHEN so.[type_desc]='SQL_STORED_PROCEDURE' THEN 'Stored Proc'
WHEN so.[type_desc]='VIEW' THEN 'View' END as 'Object_Type',
so.[Name] as 'Object_Name'
FROM [sys].[database_permissions] dbpermissions
LEFT JOIN [sys].[objects] so ON dbpermissions.[major_id] = so.[object_id]
LEFT JOIN [sys].[database_principals] p ON dbpermissions. [grantee_principal_id] = p.[principal_id]
LEFT JOIN [sys].[database_principals] principals2 ON dbpermissions.[grantor_principal_id] = principals2.[principal_id]
WHERE p.principal_id > 4
http://elena-sqldba.blogspot.com/2015/06/retrieving-all-user-created-users-roles.html