Tsql 角色权限筛选视图t-sql_Tsql

Tsql 角色权限筛选视图t-sql

tsql

Tsql 角色权限筛选视图t-sql,tsql,Tsql,是否可以根据分配给最终用户数据库角色的选择授权筛选t-sql视图的内容，而不生成选择权限异常如果是，怎么做伪： CREATE TABLE Beer(a(x), b(y)); GRANT SELECT ON Beer to BeerOnlyRole; CREATE TABLE Wine(a(x), b(y)); GRANT SELECT ON Wine to WineAndBeerRole; GRANT SELECT ON Beer to WineAndBeerRole; CREATE V

是否可以根据分配给最终用户数据库角色的选择授权筛选t-sql视图的内容，而不生成选择权限异常

如果是，怎么做

伪：

CREATE TABLE Beer(a(x), b(y)); GRANT SELECT ON Beer to BeerOnlyRole;
CREATE TABLE Wine(a(x), b(y)); GRANT SELECT ON Wine to WineAndBeerRole; 
GRANT SELECT ON Beer to WineAndBeerRole;

CREATE VIEW SimpleAlcoholSearch
 (
    SELECT  a  AS BrandName
           ,b  AS Strength
    FROM Beer

    UNION

    SELECT  a  AS BrandName
           ,b  AS Strength
     FROM Wine
 )

 GRANT SELECT ON SimpleAlcoholSearch to BeerOnlyRole;
 GRANT SELECT ON SimpleAlcoholSearch to WineAndBeerRole;

正如BeerOnlyRole：从SimpleAllocholSearch中选择*：啤酒1% 啤酒2%

作为WineAndBeerRole：从SimpleAllocholSearch中选择*：啤酒1% 啤酒2% 葡萄酒1.10% 葡萄酒2.11%

感谢您阅读此…

我通过对每个表的各种目录视图进行快速脏检，解决了此问题：

SELECT  a  AS BrandName
           ,b  AS Strength
    FROM Beer   

WHERE 1 = 

    (
         SELECT TOP 1 1
         FROM sys.database_permissions sy_dpe

         JOIN sys.objects sy_o ON sy_dpe.major_id = sy_o.object_id
         JOIN sys.schemas sy_sc ON sy_o.schema_id = sy_sc.schema_id
         JOIN sys.database_principals sy_dpr ON sy_dpe.grantee_principal_id = sy_dpr.principal_id
         JOIN sys.database_role_members sy_drm ON sy_drm.role_principal_id = sy_dpr.principal_id
         JOIN sys.database_principals sy_dpr2 ON sy_dpr2.principal_id = sy_drm.member_principal_id

         WHERE sy_dpr2.name = SYSTEM_USER
         AND sy_o.name = 'Beer'
         AND sy_sc.name = '[n]'
         AND sy_dpe.type = 'SL'
         AND sy_dpe.state = 'G'
    )

UNION

....

有人有更整洁的方法吗

谢谢