如何确定使用TSQL哪些角色被授予对特定存储过程的执行权限？

Question

如何确定使用TSQL哪些角色被授予对特定存储过程的执行权限？有没有我可以使用的系统存储过程或系统视图？

Answer 1

你可以尝试这样的事情。请注意，我相信3是EXECUTE。

SELECT 
grantee_principal.name AS [Grantee], 
CASE grantee_principal.type WHEN 'R' THEN 3 WHEN 'A' THEN 4 ELSE 2 END - CASE 'database' WHEN 'database' THEN 0 ELSE 2 END AS [GranteeType] 
FROM 
sys.all_objects AS sp 
INNER JOIN sys.database_permissions AS prmssn ON prmssn.major_id=sp.object_id AND prmssn.minor_id=0 AND prmssn.class=1 
INNER JOIN sys.database_principals AS grantee_principal ON grantee_principal.principal_id = prmssn.grantee_principal_id 
WHERE 
(sp.type = N'P' OR sp.type = N'RF' OR sp.type='PC')and(sp.name=N'myProcedure' and SCHEMA_N 

我通过简单地使用SQL Profiler同时查看过程的权限来获得该示例。我希望有所帮助。

Answer 2

在7.0或2000，你可以修改和使用下面的代码：

SELECT convert(varchar(100), 
     'GRANT ' + 
     CASE   WHEN actadd & 32 = 32 THEN 'EXECUTE' 
       ELSE 
         CASE WHEN actadd & 1 = 1 THEN 'SELECT' + CASE WHEN actadd & (8|2|16) > 0 THEN ', ' ELSE '' END ELSE '' END + 
         CASE WHEN actadd & 8 = 8 THEN 'INSERT' + CASE WHEN actadd & (2|16) > 0 THEN ', ' ELSE '' END ELSE '' END + 
         CASE WHEN actadd & 2 = 2 THEN 'UPDATE' + CASE WHEN actadd & (16) > 0 THEN ', ' ELSE '' END ELSE '' END + 
         CASE WHEN actadd & 16 = 16 THEN 'DELETE' ELSE '' END 
     END + ' ON [' + o.name + '] TO [' + u.name + ']') AS '--Permissions--' 
FROM syspermissions p 
INNER JOIN sysusers u ON u.uid = p.grantee 
INNER JOIN sysobjects o ON p.id = o.id 
WHERE o.type <> 'S' 
AND o.name NOT LIKE 'dt%' 
--AND o.name = '<specific procedure/table>' 
--AND u.name = '<specific user>' 
ORDER BY u.name, o.name