如何找到需要提升特权的存储过程?
在使用数据库测试应用程序期间,我发现某些过程需要提升的特权才能运行。事实证明,存储过程中有GRANT语句。鉴于数据库具有600多个存储过程,我编写了以下代码以在存储过程中搜索任何GRANT语句。
/*
NOTE: This script requires a Database Compatibility Level of 130 or higher.
Use the following query to determine if your database meets the requirement
select NAME,compatibility_level
from sys.databases
You can update the database using the following query:
ALTER DATABASE database_name
SET COMPATIBILITY_LEVEL = 130
--*/
declare @process nvarchar(max)
, @text nvarchar(Max)
declare curProcs cursor
for (
select distinct
so.name
, sc.text
from sys.sysobjects so
inner join sys.syscomments sc
on sc.id = so.id
and so.type = 'P'
where
sc.text like '%grant[ ]%'
)
open curProcs
fetch next from curProcs into @process, @text
while @@FETCH_STATUS = 0
BEGIN
begin try
; with CTE as (
select @process [Process], value
from STRING_SPLIT( @text, char(13) )
)
select *
into #output
from cte
where
value like '%grant %'
and
value not like '%--%grant%'
end try
begin catch
; with CTE as (
select @process [Process], value
from STRING_SPLIT( @text, char(13) )
)
insert into #output
select [Process], value
from cte
where
value like '%grant %'
and
value not like '%--%grant%'
end catch
fetch next from curProcs into @process, @text
END
close curProcs
deallocate curProcs
select * from #output
drop table #output
希望您觉得这很有用。如果可以改进,请告诉我。