View all securables for roles in SQL Server database?
-
19-09-2019 - |
Question
How can we show all the securable that is added in any particular role in script?
Solution
SELECT
OBJECT_NAME(major_id), USER_NAME(grantee_principal_id), permission_name
FROM
sys.database_permissions p
WHERE
p.class = 1 AND
OBJECTPROPERTY(major_id, 'IsMSSHipped') = 0
ORDER BY
OBJECT_NAME(major_id), USER_NAME(grantee_principal_id), permission_name
OTHER TIPS
Here is another one I'm using to do database refactorings, updates or backups. It also supports column level permissions. That statement generates GRANT statements. But it's fairly easy to adapt.
SELECT 'GRANT ' + database_permissions.permission_name + ' ON ' +
CASE database_permissions.class_desc
WHEN 'SCHEMA' THEN schema_name(major_id)
WHEN 'OBJECT_OR_COLUMN' THEN
CASE WHEN minor_id = 0 THEN object_name(major_id) COLLATE Latin1_General_CI_AS_KS_WS
ELSE (SELECT object_name(object_id) + ' ('+ name + ')'
FROM sys.columns
WHERE object_id = database_permissions.major_id
AND column_id = database_permissions.minor_id) end
ELSE 'other'
END +
' TO ' + database_principals.name COLLATE Latin1_General_CI_AS_KS_WS
FROM sys.database_permissions
JOIN sys.database_principals
ON database_permissions.grantee_principal_id = database_principals.principal_id
LEFT JOIN sys.objects -- consider schemas
ON objects.object_id = database_permissions.major_id
WHERE database_permissions.major_id > 0
AND permission_name in ('SELECT','INSERT','UPDATE','DELETE')
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow