我通过存储过程获取特定用户的数据库角色,其中包含以下内容:
USE SQLEXP_ALLEN
GO
SELECT
DP1.name AS RoleName,
ISNULL(DP2.name, 'No members') AS UserName
FROM
sys.database_role_members AS DRM
RIGHT OUTER JOIN
sys.database_principals AS DP1 ON DRM.role_principal_id = DP1.principal_id
LEFT OUTER JOIN
sys.database_principals AS DP2 ON DRM.member_principal_id = DP2.principal_id
WHERE
DP1.type = 'R'
AND DP2.name = @username
ORDER BY
DP1.name;
但我似乎无法弄清楚如何提出用户不属于的角色。帮助!
答案 0 :(得分:0)
我可能不需要这么多CTE,但它解释了逻辑: 1)选择所有角色 2)选择所有用户 3)交叉加入以获得所有组合。 4)左外连接到角色成员以查看哪些不是成员。 你可以调整每个CTE以获得你需要的东西。
WITH Roles ( RoleID, RoleName )
AS ( SELECT rol.principal_id,
rol.name
FROM sys.database_principals rol
WHERE type = 'R'
),
Users ( UserID, Username )
AS ( SELECT princ.principal_id ,
princ.name
FROM sys.database_principals princ
WHERE type IN ( 'U', 'G' )
),
UsersAllRoles ( UserID, UserName, RoleID, RoleName )
AS ( SELECT Users.UserID, Users.Username, Roles.RoleID,
Roles.RoleName
FROM Users
CROSS JOIN Roles
)
SELECT uar.UserID ,
uar.UserName ,
uar.RoleID ,
uar.RoleName ,
drm.role_principal_id
FROM UsersAllRoles uar
LEFT OUTER JOIN sys.database_role_members drm
ON uar.UserID =drm.member_principal_id
AND uar.RoleID = drm.role_principal_id
WHERE drm.member_principal_id IS NULL;