Question

我的目标是编写一个循环/转换，它将遍历每个容器（acucore_securitycontainer表）并根据下面的脚本清理所有权限（acucore_securitypermission桥表）。如果我最终得到两个脚本，我不在乎..这完全没问题。请注意，这两个清理查询之间的区别是“S：”与“H：”和“Saliva：”与“Hair：”。

查询＃1（针对头发应用程序上下文安全性）：

DELETE FROM dbo.acucore_securitypermission
WHERE 
    'ENTITYID:' + cast(dbo.acucore_securitypermission.entityid as VARCHAR(64)) + '|' 
    + 'ESID:' + cast(dbo.acucore_securitypermission.esid as VARCHAR(64)) IN
(
    SELECT 
        'ENTITYID:' + cast(dbo.acucore_securitypermission.entityid as VARCHAR(64)) + '|' 
        + 'ESID:' + cast(dbo.acucore_securitypermission.esid as VARCHAR(64))
    FROM dbo.acucore_securitypermission
    JOIN dbo.acucore_securitycontainer ON dbo.acucore_securitypermission.esid = dbo.acucore_securitycontainer.esid
    JOIN dbo.acucore_securitygroup ON dbo.acucore_securitypermission.entityid = dbo.acucore_securitygroup.entityid
    WHERE containername LIKE 'H:UI.Web.AccessioningDashboard'
    AND groupname NOT IN
    (
        SELECT 
            CASE WHEN groupname IN ('Accessioning', 'Screening', 'Positive Certify', 'Negative Certify', 'Confirmation') THEN 'Hair: ' + groupname ELSE groupname END AS 'custom groupname'
        FROM dbo.acucore_securitypermission
        JOIN dbo.acucore_securitycontainer ON dbo.acucore_securitypermission.esid = dbo.acucore_securitycontainer.esid
        JOIN dbo.acucore_securitygroup ON dbo.acucore_securitypermission.entityid = dbo.acucore_securitygroup.entityid
        WHERE containername = 'UI.Web.AccessioningDashboard'
        AND permissions = 1
    )
)

查询＃2（用于唾液应用程序上下文安全性）：

DELETE FROM dbo.acucore_securitypermission
WHERE 
    'ENTITYID:' + cast(dbo.acucore_securitypermission.entityid as VARCHAR(64)) + '|' 
    + 'ESID:' + cast(dbo.acucore_securitypermission.esid as VARCHAR(64)) IN
(
    SELECT 
        'ENTITYID:' + cast(dbo.acucore_securitypermission.entityid as VARCHAR(64)) + '|' 
        + 'ESID:' + cast(dbo.acucore_securitypermission.esid as VARCHAR(64))
    FROM dbo.acucore_securitypermission
    JOIN dbo.acucore_securitycontainer ON dbo.acucore_securitypermission.esid = dbo.acucore_securitycontainer.esid
    JOIN dbo.acucore_securitygroup ON dbo.acucore_securitypermission.entityid = dbo.acucore_securitygroup.entityid
    WHERE containername LIKE 'S:UI.Web.AccessioningDashboard'
    AND groupname NOT IN
    (
        SELECT 
            CASE WHEN groupname IN ('Accessioning', 'Screening', 'Positive Certify', 'Negative Certify', 'Confirmation') THEN 'Saliva: ' + groupname ELSE groupname END
        FROM dbo.acucore_securitypermission
        JOIN dbo.acucore_securitycontainer ON dbo.acucore_securitypermission.esid = dbo.acucore_securitycontainer.esid
        JOIN dbo.acucore_securitygroup ON dbo.acucore_securitypermission.entityid = dbo.acucore_securitygroup.entityid
        WHERE containername = 'UI.Web.AccessioningDashboard'
        AND permissions = 1
    )
)

Answer 1

想通了..我只是用2个唾液换出2个头发套装命令..所以我必须运行两次。

DROP TABLE #Temp
SELECT * 
INTO #Temp 
FROM dbo.acucore_securitycontainer 
WHERE containername LIKE 'UI.Web.%'

Declare @conversioncontainerid UNIQUEIDENTIFIER
Declare @conversioncontainername VARCHAR(64)

WHILE (SELECT Count(*) FROM #Temp) > 0 
BEGIN 

    SELECT TOP 1 @conversioncontainerid = containerid FROM #Temp 
    SELECT TOP 1 @conversioncontainername = containername FROM #Temp 

     ---- start processing for container ----

    DECLARE @containerprefix VARCHAR(10);
    DECLARE @groupprefix VARCHAR(10);
    DECLARE @sourcecontainername VARCHAR(64);  -- container from loop
    DECLARE @targetcontainername VARCHAR(64);
    SET @sourcecontainername = @conversioncontainername
    SET @targetcontainername = @conversioncontainername

    -- hair
    SET @containerprefix = 'H:'  -- no space at end!
    SET @groupprefix = 'Hair: '  -- space at end!

    -- saliva
    --SET @containerprefix = 'S:'  -- no space at end!
    --SET @groupprefix = 'Saliva: '  -- space at end!

    -- view exclusion groups (groups of a "good" container):

    --SELECT 
    --  CASE WHEN groupname IN ('Accessioning', 'Screening', 'Positive Certify', 'Negative Certify', 'Confirmation') THEN @groupprefix + groupname ELSE groupname END
    --FROM dbo.acucore_securitypermission
    --JOIN dbo.acucore_securitycontainer ON dbo.acucore_securitypermission.esid = dbo.acucore_securitycontainer.esid
    --JOIN dbo.acucore_securitygroup ON dbo.acucore_securitypermission.entityid = dbo.acucore_securitygroup.entityid
    --WHERE containername = @sourcecontainername
    --AND permissions = 1

    ---- rows to be deleted:

    --SELECT 
    --  groupname,
    --  containername,
    --  dbo.acucore_securitypermission.esid ,
    --  dbo.acucore_securitypermission.entityid ,
    --  dbo.acucore_securitypermission.permissions      
    --FROM dbo.acucore_securitypermission
    --JOIN dbo.acucore_securitycontainer ON dbo.acucore_securitypermission.esid = dbo.acucore_securitycontainer.esid
    --JOIN dbo.acucore_securitygroup ON dbo.acucore_securitypermission.entityid = dbo.acucore_securitygroup.entityid
    --WHERE containername LIKE @containerprefix + @targetcontainername
    --AND groupname NOT IN
    --(
    --  SELECT 
    --      CASE WHEN groupname IN ('Accessioning', 'Screening', 'Positive Certify', 'Negative Certify', 'Confirmation') THEN @groupprefix + groupname ELSE groupname END
    --  FROM dbo.acucore_securitypermission
    --  JOIN dbo.acucore_securitycontainer ON dbo.acucore_securitypermission.esid = dbo.acucore_securitycontainer.esid
    --  JOIN dbo.acucore_securitygroup ON dbo.acucore_securitypermission.entityid = dbo.acucore_securitygroup.entityid
    --  WHERE containername = @sourcecontainername
    --  AND permissions = 1
    --)

    DELETE FROM dbo.acucore_securitypermission
    WHERE 
        'ENTITYID:' + cast(dbo.acucore_securitypermission.entityid as VARCHAR(64)) + '|' 
        + 'ESID:' + cast(dbo.acucore_securitypermission.esid as VARCHAR(64)) IN
    (
        SELECT  
            'ENTITYID:' + cast(dbo.acucore_securitypermission.entityid as VARCHAR(64)) + '|' 
            + 'ESID:' + cast(dbo.acucore_securitypermission.esid as VARCHAR(64))
        FROM dbo.acucore_securitypermission
        JOIN dbo.acucore_securitycontainer ON dbo.acucore_securitypermission.esid = dbo.acucore_securitycontainer.esid
        JOIN dbo.acucore_securitygroup ON dbo.acucore_securitypermission.entityid = dbo.acucore_securitygroup.entityid
        WHERE containername LIKE @containerprefix + @targetcontainername
        AND groupname NOT IN
        (
            SELECT 
                CASE WHEN groupname IN ('Accessioning', 'Screening', 'Positive Certify', 'Negative Certify', 'Confirmation') THEN @groupprefix + groupname ELSE groupname END
            FROM dbo.acucore_securitypermission
            JOIN dbo.acucore_securitycontainer ON dbo.acucore_securitypermission.esid = dbo.acucore_securitycontainer.esid
            JOIN dbo.acucore_securitygroup ON dbo.acucore_securitypermission.entityid = dbo.acucore_securitygroup.entityid
            WHERE containername = @sourcecontainername
            AND permissions = 1
        )
    )      
    -- finish processing 
    DELETE #Temp Where containerid = @conversioncontainerid -- delete row so we don't loop over it again 
END

T-SQL转换脚本从权限桥表中删除不良数据

1 个答案: