sql_cmd 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/LICENSE +201 -0
- data/lib/optional_dependencies.rb +30 -0
- data/lib/sql_cmd/agent.rb +32 -0
- data/lib/sql_cmd/always_on.rb +267 -0
- data/lib/sql_cmd/azure.rb +80 -0
- data/lib/sql_cmd/backups.rb +276 -0
- data/lib/sql_cmd/config.rb +62 -0
- data/lib/sql_cmd/database.rb +618 -0
- data/lib/sql_cmd/format.rb +124 -0
- data/lib/sql_cmd/query.rb +350 -0
- data/lib/sql_cmd/security.rb +21 -0
- data/lib/sql_cmd/sql_helper.ps1 +89 -0
- data/lib/sql_cmd.rb +44 -0
- data/sql_scripts/Agent/CreateSQLJob.sql +81 -0
- data/sql_scripts/Agent/JobLastRunInfo.sql +70 -0
- data/sql_scripts/Agent/JobRunStatus.sql +21 -0
- data/sql_scripts/Agent/SQLAgentStatus.sql +8 -0
- data/sql_scripts/AlwaysOn/AddDatabaseToAvailabilityGroupOnSecondary.sql +72 -0
- data/sql_scripts/AlwaysOn/AddDatabaseToPrimaryAvailabilityGroup.sql +16 -0
- data/sql_scripts/AlwaysOn/AutomaticSeedingProgress.sql +34 -0
- data/sql_scripts/AlwaysOn/ConfigurePrimaryForAutomaticSeeding.sql +2 -0
- data/sql_scripts/AlwaysOn/ConfigurePrimaryForManualSeeding.sql +2 -0
- data/sql_scripts/AlwaysOn/ConfigureSecondaryForAutomaticSeeding.sql +1 -0
- data/sql_scripts/AlwaysOn/DropSecondary.sql +58 -0
- data/sql_scripts/AlwaysOn/RemoveDatabaseFromGroup.sql +2 -0
- data/sql_scripts/AlwaysOn/SynchronizationState.sql +14 -0
- data/sql_scripts/Database/BackupDatabase.sql +95 -0
- data/sql_scripts/Database/CompressAllTables.sql +100 -0
- data/sql_scripts/Database/CreateLogin.sql +16 -0
- data/sql_scripts/Database/DropDatabase.sql +51 -0
- data/sql_scripts/Database/GetBackupFiles.sql +31 -0
- data/sql_scripts/Database/GetBackupHeaders.sql +94 -0
- data/sql_scripts/Database/GetFileInfoFromBackup.sql +9 -0
- data/sql_scripts/Database/RestoreDatabase.sql +185 -0
- data/sql_scripts/Database/SetFullRecovery.sql +19 -0
- data/sql_scripts/Database/SetSQLCompatibility.sql +33 -0
- data/sql_scripts/Security/AssignDatabaseRoles.sql +44 -0
- data/sql_scripts/Security/CreateOrUpdateCredential.sql +11 -0
- data/sql_scripts/Security/CreateSqlLogin.sql +20 -0
- data/sql_scripts/Security/ExportDatabasePermissions.sql +757 -0
- data/sql_scripts/Security/GenerateCreateLoginsScript.sql +144 -0
- data/sql_scripts/Security/GenerateValidateLoginsScript.sql +83 -0
- data/sql_scripts/Security/GetUserSID.sql +3 -0
- data/sql_scripts/Security/UpdateSqlPassword.sql +24 -0
- data/sql_scripts/Security/ValidateDatabaseRoles.sql +12 -0
- data/sql_scripts/Status/ANSINullsOffTableCount.sql +13 -0
- data/sql_scripts/Status/ANSINullsOffTables.sql +9 -0
- data/sql_scripts/Status/BackupProgress.sql +17 -0
- data/sql_scripts/Status/DatabaseInfo.sql +199 -0
- data/sql_scripts/Status/DatabaseSize.sql +26 -0
- data/sql_scripts/Status/DiskSpace.sql +14 -0
- data/sql_scripts/Status/RestoreProgress.sql +17 -0
- data/sql_scripts/Status/SQLSettings.sql +182 -0
- data/sql_scripts/Status/UncompressedTableCount.sql +27 -0
- metadata +224 -0
@@ -0,0 +1,757 @@
|
|
1
|
+
DECLARE @DBName sysname = NULL,
|
2
|
+
@Principal sysname = NULL,
|
3
|
+
@Role sysname = NULL,
|
4
|
+
@Type nvarchar(30) = NULL,
|
5
|
+
@ObjectName sysname = NULL,
|
6
|
+
@Permission sysname = NULL,
|
7
|
+
@LoginName sysname = NULL,
|
8
|
+
@UseLikeSearch bit = 1,
|
9
|
+
@IncludeMSShipped bit = 1,
|
10
|
+
@DropTempTables bit = 1,
|
11
|
+
@Output varchar(30) = 'Default',
|
12
|
+
@Print bit = 0,
|
13
|
+
@IncludeTablePermissions bit = 0,
|
14
|
+
@newline nvarchar(2) = CHAR(13)+CHAR(10),
|
15
|
+
@sql_script nvarchar(max) = NULL
|
16
|
+
|
17
|
+
SET @sql_script = 'USE [$(' + 'databasename)]' + @newline -- Split up variable syntax in order to pass it through as a variable.
|
18
|
+
|
19
|
+
SET NOCOUNT ON
|
20
|
+
|
21
|
+
SET @DBName = '$(databasename)'
|
22
|
+
SET @Output = '$(output)' -- 'CreateOnly', 'DropOnly', 'ScriptOnly', 'Report', 'Default'
|
23
|
+
SET @IncludeTablePermissions = $(includetablepermissions)
|
24
|
+
|
25
|
+
DECLARE @Collation nvarchar(75)
|
26
|
+
SET @Collation = N' COLLATE ' + CAST(SERVERPROPERTY('Collation') AS nvarchar(50))
|
27
|
+
|
28
|
+
DECLARE @sql nvarchar(max)
|
29
|
+
DECLARE @sql2 nvarchar(max)
|
30
|
+
DECLARE @ObjectList nvarchar(max)
|
31
|
+
DECLARE @use nvarchar(500)
|
32
|
+
DECLARE @AllDBNames sysname
|
33
|
+
|
34
|
+
IF @DBName IS NULL OR @DBName = N'All'
|
35
|
+
BEGIN
|
36
|
+
SET @use = ''
|
37
|
+
IF @DBName IS NULL
|
38
|
+
SET @DBName = DB_NAME()
|
39
|
+
END
|
40
|
+
ELSE
|
41
|
+
-- IF EXISTS (SELECT 1 FROM sys.databases WHERE name = @DBName)
|
42
|
+
IF db_id(@DBName) IS NOT NULL
|
43
|
+
SET @use = N'USE ' + QUOTENAME(@DBName) + N';' + NCHAR(13)
|
44
|
+
ELSE
|
45
|
+
BEGIN
|
46
|
+
RAISERROR (N'%s is not a valid database name.',
|
47
|
+
16,
|
48
|
+
1,
|
49
|
+
@DBName)
|
50
|
+
RETURN
|
51
|
+
END
|
52
|
+
|
53
|
+
DECLARE @LikeOperator nvarchar(4)
|
54
|
+
|
55
|
+
IF @UseLikeSearch = 1
|
56
|
+
SET @LikeOperator = N'LIKE'
|
57
|
+
ELSE
|
58
|
+
SET @LikeOperator = N'='
|
59
|
+
|
60
|
+
IF @UseLikeSearch = 1
|
61
|
+
BEGIN
|
62
|
+
IF LEN(ISNULL(@Principal,'')) > 0
|
63
|
+
SET @Principal = N'%' + @Principal + N'%'
|
64
|
+
|
65
|
+
IF LEN(ISNULL(@Role,'')) > 0
|
66
|
+
SET @Role = N'%' + @Role + N'%'
|
67
|
+
|
68
|
+
IF LEN(ISNULL(@ObjectName,'')) > 0
|
69
|
+
SET @ObjectName = N'%' + @ObjectName + N'%'
|
70
|
+
|
71
|
+
IF LEN(ISNULL(@LoginName,'')) > 0
|
72
|
+
SET @LoginName = N'%' + @LoginName + N'%'
|
73
|
+
END
|
74
|
+
|
75
|
+
IF @Print = 1 AND @DBName = N'All'
|
76
|
+
BEGIN
|
77
|
+
PRINT 'DECLARE @AllDBNames sysname'
|
78
|
+
PRINT 'SET @AllDBNames = ''master'''
|
79
|
+
PRINT ''
|
80
|
+
END
|
81
|
+
--=========================================================================
|
82
|
+
-- Database Principals
|
83
|
+
SET @sql =
|
84
|
+
N'SELECT ' + CASE WHEN @DBName = 'All' THEN N'@AllDBNames' ELSE N'''' + @DBName + N'''' END + N' AS DBName,' +
|
85
|
+
N' DBPrincipals.principal_id AS DBPrincipalId, DBPrincipals.name AS DBPrincipal, SrvPrincipals.name AS SrvPrincipal, ' + NCHAR(13) +
|
86
|
+
N' DBPrincipals.type, DBPrincipals.type_desc, DBPrincipals.default_schema_name, DBPrincipals.create_date, ' + NCHAR(13) +
|
87
|
+
N' DBPrincipals.modify_date, DBPrincipals.is_fixed_role, ' + NCHAR(13) +
|
88
|
+
N' Authorizations.name AS RoleAuthorization, DBPrincipals.sid, ' + NCHAR(13) +
|
89
|
+
N' CASE WHEN DBPrincipals.is_fixed_role = 0 AND DBPrincipals.name NOT IN (''dbo'',''guest'', ''INFORMATION_SCHEMA'', ''public'', ''sys'') THEN ' + NCHAR(13) +
|
90
|
+
CASE WHEN @DBName = 'All' THEN N' ''USE '' + QUOTENAME(@AllDBNames) + ''; '' + ' + NCHAR(13) ELSE N'' END +
|
91
|
+
N' ''IF DATABASE_PRINCIPAL_ID('''''' + DBPrincipals.name + '''''') IS NOT NULL '' + ' + NCHAR(13) +
|
92
|
+
N' ''DROP '' + CASE DBPrincipals.[type] WHEN ''C'' THEN NULL ' + NCHAR(13) +
|
93
|
+
N' WHEN ''K'' THEN NULL ' + NCHAR(13) +
|
94
|
+
N' WHEN ''R'' THEN ''ROLE'' ' + NCHAR(13) +
|
95
|
+
N' WHEN ''A'' THEN ''APPLICATION ROLE'' ' + NCHAR(13) +
|
96
|
+
N' ELSE ''USER'' END + ' + NCHAR(13) +
|
97
|
+
N' '' ''+QUOTENAME(DBPrincipals.name' + @Collation + N') + '';'' ELSE NULL END AS DropScript, ' + NCHAR(13) +
|
98
|
+
N' CASE WHEN DBPrincipals.is_fixed_role = 0 AND DBPrincipals.name NOT IN (''dbo'',''guest'', ''INFORMATION_SCHEMA'', ''public'', ''sys'') THEN ' + NCHAR(13) +
|
99
|
+
CASE WHEN @DBName = 'All' THEN N' ''USE '' + QUOTENAME(@AllDBNames) + ''; '' + ' +NCHAR(13) ELSE N'' END +
|
100
|
+
N' ''IF DATABASE_PRINCIPAL_ID('''''' + DBPrincipals.name + '''''') IS NULL '' + ' + NCHAR(13) +
|
101
|
+
N' ''CREATE '' + CASE DBPrincipals.[type] WHEN ''C'' THEN NULL ' + NCHAR(13) +
|
102
|
+
N' WHEN ''K'' THEN NULL ' + NCHAR(13) +
|
103
|
+
N' WHEN ''R'' THEN ''ROLE'' ' + NCHAR(13) +
|
104
|
+
N' WHEN ''A'' THEN ''APPLICATION ROLE'' ' + NCHAR(13) +
|
105
|
+
N' ELSE ''USER'' END + ' + NCHAR(13) +
|
106
|
+
N' '' ''+QUOTENAME(DBPrincipals.name' + @Collation + N') END + ' + NCHAR(13) +
|
107
|
+
N' CASE WHEN DBPrincipals.[type] = ''R'' THEN ' + NCHAR(13) +
|
108
|
+
N' ISNULL('' AUTHORIZATION ''+QUOTENAME(Authorizations.name' + @Collation + N'),'''') ' + NCHAR(13) +
|
109
|
+
N' WHEN DBPrincipals.[type] = ''A'' THEN ' + NCHAR(13) +
|
110
|
+
N' '''' ' + NCHAR(13) +
|
111
|
+
N' WHEN DBPrincipals.[type] NOT IN (''C'',''K'') THEN ' + NCHAR(13) +
|
112
|
+
N' ISNULL('' FOR LOGIN '' +
|
113
|
+
QUOTENAME(SrvPrincipals.name' + @Collation + N'),'' WITHOUT LOGIN'') + ' + NCHAR(13) +
|
114
|
+
N' ISNULL('' WITH DEFAULT_SCHEMA = ''+
|
115
|
+
QUOTENAME(DBPrincipals.default_schema_name' + @Collation + N'),'''') ' + NCHAR(13) +
|
116
|
+
N' ELSE '''' ' + NCHAR(13) +
|
117
|
+
N' END + '';'' + ' + NCHAR(13) +
|
118
|
+
N' CASE WHEN DBPrincipals.[type] NOT IN (''C'',''K'',''R'',''A'') ' + NCHAR(13) +
|
119
|
+
N' AND SrvPrincipals.name IS NULL ' + NCHAR(13) +
|
120
|
+
N' AND DBPrincipals.sid IS NOT NULL ' + NCHAR(13) +
|
121
|
+
N' AND DBPrincipals.sid NOT IN (0x00, 0x01) ' + NCHAR(13) +
|
122
|
+
N' THEN '' -- Possible missing server principal'' ' + NCHAR(13) +
|
123
|
+
N' ELSE '''' END ' + NCHAR(13) +
|
124
|
+
N' AS CreateScript ' + NCHAR(13) +
|
125
|
+
N'FROM sys.database_principals DBPrincipals ' + NCHAR(13) +
|
126
|
+
N'LEFT OUTER JOIN sys.database_principals Authorizations ' + NCHAR(13) +
|
127
|
+
N' ON DBPrincipals.owning_principal_id = Authorizations.principal_id ' + NCHAR(13) +
|
128
|
+
N'LEFT OUTER JOIN sys.server_principals SrvPrincipals ' + NCHAR(13) +
|
129
|
+
N' ON DBPrincipals.sid = SrvPrincipals.sid ' + NCHAR(13) +
|
130
|
+
N' AND DBPrincipals.sid NOT IN (0x00, 0x01) ' + NCHAR(13) +
|
131
|
+
N'WHERE 1=1 '
|
132
|
+
|
133
|
+
IF LEN(ISNULL(@Principal,@Role)) > 0
|
134
|
+
IF @Print = 1
|
135
|
+
SET @sql = @sql + NCHAR(13) + N' AND DBPrincipals.name ' + @LikeOperator + N' ' +
|
136
|
+
ISNULL(QUOTENAME(@Principal,N''''),QUOTENAME(@Role,''''))
|
137
|
+
ELSE
|
138
|
+
SET @sql = @sql + NCHAR(13) + N' AND DBPrincipals.name ' + @LikeOperator + N' ISNULL(@Principal,@Role) '
|
139
|
+
|
140
|
+
IF LEN(@Type) > 0
|
141
|
+
IF @Print = 1
|
142
|
+
SET @sql = @sql + NCHAR(13) + N' AND DBPrincipals.type ' + @LikeOperator + N' ' + QUOTENAME(@Type,'''')
|
143
|
+
ELSE
|
144
|
+
SET @sql = @sql + NCHAR(13) + N' AND DBPrincipals.type ' + @LikeOperator + N' @Type'
|
145
|
+
|
146
|
+
IF LEN(@LoginName) > 0
|
147
|
+
IF @Print = 1
|
148
|
+
SET @sql = @sql + NCHAR(13) + N' AND SrvPrincipals.name ' + @LikeOperator + N' ' + QUOTENAME(@LoginName,'''')
|
149
|
+
ELSE
|
150
|
+
SET @sql = @sql + NCHAR(13) + N' AND SrvPrincipals.name ' + @LikeOperator + N' @LoginName'
|
151
|
+
|
152
|
+
IF LEN(@ObjectName) > 0
|
153
|
+
BEGIN
|
154
|
+
SET @sql = @sql + NCHAR(13) +
|
155
|
+
N' AND EXISTS (SELECT 1 ' + NCHAR(13) +
|
156
|
+
N' FROM sys.all_objects [Objects] ' + NCHAR(13) +
|
157
|
+
N' INNER JOIN sys.database_permissions Permission ' + NCHAR(13) +
|
158
|
+
N' ON Permission.major_id = [Objects].object_id ' + NCHAR(13) +
|
159
|
+
N' WHERE Permission.major_id = [Objects].object_id ' + NCHAR(13) +
|
160
|
+
N' AND Permission.grantee_principal_id = DBPrincipals.principal_id ' + NCHAR(13)
|
161
|
+
|
162
|
+
IF @Print = 1
|
163
|
+
SET @sql = @sql + N' AND [Objects].name ' + @LikeOperator + N' ' + QUOTENAME(@ObjectName,'''')
|
164
|
+
ELSE
|
165
|
+
SET @sql = @sql + N' AND [Objects].name ' + @LikeOperator + N' @ObjectName'
|
166
|
+
|
167
|
+
SET @sql = @sql + N')'
|
168
|
+
END
|
169
|
+
|
170
|
+
IF LEN(@Permission) > 0
|
171
|
+
BEGIN
|
172
|
+
SET @sql = @sql + NCHAR(13) +
|
173
|
+
N' AND EXISTS (SELECT 1 ' + NCHAR(13) +
|
174
|
+
N' FROM sys.database_permissions Permission ' + NCHAR(13) +
|
175
|
+
N' WHERE Permission.grantee_principal_id = DBPrincipals.principal_id ' + NCHAR(13)
|
176
|
+
|
177
|
+
IF @Print = 1
|
178
|
+
SET @sql = @sql + N' AND Permission.permission_name ' + @LikeOperator + N' ' + QUOTENAME(@Permission,'''')
|
179
|
+
ELSE
|
180
|
+
SET @sql = @sql + N' AND Permission.permission_name ' + @LikeOperator + N' @Permission'
|
181
|
+
|
182
|
+
SET @sql = @sql + N')'
|
183
|
+
END
|
184
|
+
|
185
|
+
IF @IncludeMSShipped = 0
|
186
|
+
SET @sql = @sql + NCHAR(13) + N' AND DBPrincipals.is_fixed_role = 0 ' + NCHAR(13) +
|
187
|
+
' AND DBPrincipals.name NOT IN (''dbo'',''public'',''INFORMATION_SCHEMA'',''guest'',''sys'') '
|
188
|
+
|
189
|
+
IF @Print = 1
|
190
|
+
BEGIN
|
191
|
+
PRINT N'-- Database Principals'
|
192
|
+
PRINT CAST(@sql AS nvarchar(max))
|
193
|
+
PRINT '' -- Spacing before the next print
|
194
|
+
PRINT ''
|
195
|
+
END
|
196
|
+
ELSE
|
197
|
+
BEGIN
|
198
|
+
IF object_id('tempdb..#DBPrincipals') IS NOT NULL
|
199
|
+
DROP TABLE #DBPrincipals
|
200
|
+
|
201
|
+
-- Create temp table to store the data in
|
202
|
+
CREATE TABLE #DBPrincipals (
|
203
|
+
DBName sysname NULL,
|
204
|
+
DBPrincipalId int NULL,
|
205
|
+
DBPrincipal sysname NULL,
|
206
|
+
SrvPrincipal sysname NULL,
|
207
|
+
type char(1) NULL,
|
208
|
+
type_desc nchar(60) NULL,
|
209
|
+
default_schema_name sysname NULL,
|
210
|
+
create_date datetime NULL,
|
211
|
+
modify_date datetime NULL,
|
212
|
+
is_fixed_role bit NULL,
|
213
|
+
RoleAuthorization sysname NULL,
|
214
|
+
sid varbinary(85) NULL,
|
215
|
+
DropScript nvarchar(max) NULL,
|
216
|
+
CreateScript nvarchar(max) NULL
|
217
|
+
)
|
218
|
+
|
219
|
+
SET @sql = @use + N'INSERT INTO #DBPrincipals ' + NCHAR(13) + @sql
|
220
|
+
|
221
|
+
IF @DBName = 'All'
|
222
|
+
BEGIN
|
223
|
+
-- Declare a READ_ONLY cursor to loop through the databases
|
224
|
+
DECLARE cur_DBList CURSOR
|
225
|
+
READ_ONLY
|
226
|
+
FOR SELECT name FROM sys.databases ORDER BY name
|
227
|
+
|
228
|
+
OPEN cur_DBList
|
229
|
+
|
230
|
+
FETCH NEXT FROM cur_DBList INTO @AllDBNames
|
231
|
+
WHILE (@@fetch_status <> -1)
|
232
|
+
BEGIN
|
233
|
+
IF (@@fetch_status <> -2)
|
234
|
+
BEGIN
|
235
|
+
SET @sql2 = N'USE ' + QUOTENAME(@AllDBNames) + N';' + NCHAR(13) + @sql
|
236
|
+
EXEC sp_executesql @sql2,
|
237
|
+
N'@Principal sysname, @Role sysname, @Type nvarchar(30), @ObjectName sysname,
|
238
|
+
@AllDBNames sysname, @Permission sysname, @LoginName sysname',
|
239
|
+
@Principal, @Role, @Type, @ObjectName, @AllDBNames, @Permission, @LoginName
|
240
|
+
END
|
241
|
+
FETCH NEXT FROM cur_DBList INTO @AllDBNames
|
242
|
+
END
|
243
|
+
|
244
|
+
CLOSE cur_DBList
|
245
|
+
DEALLOCATE cur_DBList
|
246
|
+
END
|
247
|
+
ELSE
|
248
|
+
EXEC sp_executesql @sql, N'@Principal sysname, @Role sysname, @Type nvarchar(30),
|
249
|
+
@ObjectName sysname, @Permission sysname, @LoginName sysname',
|
250
|
+
@Principal, @Role, @Type, @ObjectName, @Permission, @LoginName
|
251
|
+
END
|
252
|
+
--=========================================================================
|
253
|
+
-- Database Role Members
|
254
|
+
SET @sql =
|
255
|
+
N'SELECT ' + CASE WHEN @DBName = 'All' THEN N'@AllDBNames' ELSE N'''' + @DBName + N'''' END + N' AS DBName,' +
|
256
|
+
N' Users.principal_id AS UserPrincipalId, Users.name AS UserName, Roles.name AS RoleName, ' + NCHAR(13) +
|
257
|
+
CASE WHEN @DBName = 'All' THEN N' ''USE '' + QUOTENAME(@AllDBNames) + ''; '' + ' + NCHAR(13) ELSE N'' END +
|
258
|
+
N' CASE WHEN Users.is_fixed_role = 0 AND Users.name <> ''dbo'' THEN ' + NCHAR(13) +
|
259
|
+
N' ''EXEC sp_droprolemember @rolename = ''+QUOTENAME(Roles.name' + @Collation +
|
260
|
+
N','''''''')+'', @membername = ''+QUOTENAME(CASE WHEN Users.name = ''dbo'' THEN NULL
|
261
|
+
ELSE Users.name END' + @Collation +
|
262
|
+
N','''''''')+'';'' END AS DropScript, ' + NCHAR(13) +
|
263
|
+
CASE WHEN @DBName = 'All' THEN N' ''USE '' + QUOTENAME(@AllDBNames) + ''; '' + ' + NCHAR(13) ELSE N'' END +
|
264
|
+
N' CASE WHEN Users.is_fixed_role = 0 AND Users.name <> ''dbo'' THEN ' + NCHAR(13) +
|
265
|
+
N' ''EXEC sp_addrolemember @rolename = ''+QUOTENAME(Roles.name' + @Collation +
|
266
|
+
N','''''''')+'', @membername = ''+QUOTENAME(CASE WHEN Users.name = ''dbo'' THEN NULL
|
267
|
+
ELSE Users.name END' + @Collation +
|
268
|
+
N','''''''')+'';'' END AS AddScript ' + NCHAR(13) +
|
269
|
+
N'FROM sys.database_role_members RoleMembers ' + NCHAR(13) +
|
270
|
+
N'JOIN sys.database_principals Users ' + NCHAR(13) +
|
271
|
+
N' ON RoleMembers.member_principal_id = Users.principal_id ' + NCHAR(13) +
|
272
|
+
N'JOIN sys.database_principals Roles ' + NCHAR(13) +
|
273
|
+
N' ON RoleMembers.role_principal_id = Roles.principal_id ' + NCHAR(13) +
|
274
|
+
N'WHERE 1=1 '
|
275
|
+
|
276
|
+
IF LEN(ISNULL(@Principal,'')) > 0
|
277
|
+
IF @Print = 1
|
278
|
+
SET @sql = @sql + NCHAR(13) + N' AND Users.name ' + @LikeOperator + N' '+QUOTENAME(@Principal,'''')
|
279
|
+
ELSE
|
280
|
+
SET @sql = @sql + NCHAR(13) + N' AND Users.name ' + @LikeOperator + N' @Principal'
|
281
|
+
|
282
|
+
IF LEN(ISNULL(@Role,'')) > 0
|
283
|
+
IF @Print = 1
|
284
|
+
SET @sql = @sql + NCHAR(13) + N' AND Roles.name ' + @LikeOperator + N' '+QUOTENAME(@Role,'''')
|
285
|
+
ELSE
|
286
|
+
SET @sql = @sql + NCHAR(13) + N' AND Roles.name ' + @LikeOperator + N' @Role'
|
287
|
+
|
288
|
+
IF LEN(@Type) > 0
|
289
|
+
IF @Print = 1
|
290
|
+
SET @sql = @sql + NCHAR(13) + N' AND Users.type ' + @LikeOperator + N' ' + QUOTENAME(@Type,'''')
|
291
|
+
ELSE
|
292
|
+
SET @sql = @sql + NCHAR(13) + N' AND Users.type ' + @LikeOperator + N' @Type'
|
293
|
+
|
294
|
+
IF LEN(@LoginName) > 0
|
295
|
+
BEGIN
|
296
|
+
SET @sql = @sql + NCHAR(13) +
|
297
|
+
N' AND EXISTS (SELECT 1 ' + NCHAR(13) +
|
298
|
+
N' FROM sys.server_principals SrvPrincipals ' + NCHAR(13) +
|
299
|
+
N' WHERE Users.sid NOT IN (0x00, 0x01) ' + NCHAR(13) +
|
300
|
+
N' AND SrvPrincipals.sid = Users.sid ' + NCHAR(13) +
|
301
|
+
N' AND Users.type NOT IN (''R'') ' + NCHAR(13)
|
302
|
+
IF @Print = 1
|
303
|
+
SET @sql = @sql + NCHAR(13) + ' AND SrvPrincipals.name ' + @LikeOperator + N' ' + QUOTENAME(@LoginName,'''')
|
304
|
+
ELSE
|
305
|
+
SET @sql = @sql + NCHAR(13) + ' AND SrvPrincipals.name ' + @LikeOperator + N' @LoginName'
|
306
|
+
|
307
|
+
SET @sql = @sql + N')'
|
308
|
+
END
|
309
|
+
|
310
|
+
IF LEN(@ObjectName) > 0
|
311
|
+
BEGIN
|
312
|
+
SET @sql = @sql + NCHAR(13) +
|
313
|
+
N' AND EXISTS (SELECT 1 ' + NCHAR(13) +
|
314
|
+
N' FROM sys.all_objects [Objects] ' + NCHAR(13) +
|
315
|
+
N' INNER JOIN sys.database_permissions Permission ' + NCHAR(13) +
|
316
|
+
N' ON Permission.major_id = [Objects].object_id ' + NCHAR(13) +
|
317
|
+
N' WHERE Permission.major_id = [Objects].object_id ' + NCHAR(13) +
|
318
|
+
N' AND Permission.grantee_principal_id = Users.principal_id ' + NCHAR(13)
|
319
|
+
|
320
|
+
IF @Print = 1
|
321
|
+
SET @sql = @sql + N' AND [Objects].name ' + @LikeOperator + N' ' + QUOTENAME(@ObjectName,'''')
|
322
|
+
ELSE
|
323
|
+
SET @sql = @sql + N' AND [Objects].name ' + @LikeOperator + N' @ObjectName'
|
324
|
+
|
325
|
+
SET @sql = @sql + N')'
|
326
|
+
END
|
327
|
+
|
328
|
+
IF LEN(@Permission) > 0
|
329
|
+
BEGIN
|
330
|
+
SET @sql = @sql + NCHAR(13) +
|
331
|
+
N' AND EXISTS (SELECT 1 ' + NCHAR(13) +
|
332
|
+
N' FROM sys.database_permissions Permission ' + NCHAR(13) +
|
333
|
+
N' WHERE Permission.grantee_principal_id = Users.principal_id ' + NCHAR(13)
|
334
|
+
|
335
|
+
IF @Print = 1
|
336
|
+
SET @sql = @sql + N' AND Permission.permission_name ' + @LikeOperator + N' ' + QUOTENAME(@Permission,'''')
|
337
|
+
ELSE
|
338
|
+
SET @sql = @sql + N' AND Permission.permission_name ' + @LikeOperator + N' @Permission'
|
339
|
+
|
340
|
+
SET @sql = @sql + N')'
|
341
|
+
END
|
342
|
+
|
343
|
+
IF @IncludeMSShipped = 0
|
344
|
+
SET @sql = @sql + NCHAR(13) + N' AND Users.is_fixed_role = 0 ' + NCHAR(13) +
|
345
|
+
' AND Users.name NOT IN (''dbo'',''public'',''INFORMATION_SCHEMA'',''guest'',''sys'') '
|
346
|
+
|
347
|
+
IF @Print = 1
|
348
|
+
BEGIN
|
349
|
+
PRINT N'-- Database Role Members'
|
350
|
+
PRINT CAST(@sql AS nvarchar(max))
|
351
|
+
PRINT '' -- Spacing before the next print
|
352
|
+
PRINT ''
|
353
|
+
END
|
354
|
+
ELSE
|
355
|
+
BEGIN
|
356
|
+
IF object_id('tempdb..#DBRoles') IS NOT NULL
|
357
|
+
DROP TABLE #DBRoles
|
358
|
+
|
359
|
+
-- Create temp table to store the data in
|
360
|
+
CREATE TABLE #DBRoles (
|
361
|
+
DBName sysname NULL,
|
362
|
+
UserPrincipalId int NULL,
|
363
|
+
UserName sysname NULL,
|
364
|
+
RoleName sysname NULL,
|
365
|
+
DropScript nvarchar(max) NULL,
|
366
|
+
AddScript nvarchar(max) NULL
|
367
|
+
)
|
368
|
+
|
369
|
+
SET @sql = @use + NCHAR(13) + 'INSERT INTO #DBRoles ' + NCHAR(13) + @sql
|
370
|
+
|
371
|
+
IF @DBName = 'All'
|
372
|
+
BEGIN
|
373
|
+
-- Declare a READ_ONLY cursor to loop through the databases
|
374
|
+
DECLARE cur_DBList CURSOR
|
375
|
+
READ_ONLY
|
376
|
+
FOR SELECT name FROM sys.databases ORDER BY name
|
377
|
+
|
378
|
+
OPEN cur_DBList
|
379
|
+
|
380
|
+
FETCH NEXT FROM cur_DBList INTO @AllDBNames
|
381
|
+
WHILE (@@fetch_status <> -1)
|
382
|
+
BEGIN
|
383
|
+
IF (@@fetch_status <> -2)
|
384
|
+
BEGIN
|
385
|
+
SET @sql2 = 'USE ' + QUOTENAME(@AllDBNames) + ';' + NCHAR(13) + @sql
|
386
|
+
EXEC sp_executesql @sql2,
|
387
|
+
N'@Principal sysname, @Role sysname, @Type nvarchar(30), @ObjectName sysname,
|
388
|
+
@AllDBNames sysname, @Permission sysname, @LoginName sysname',
|
389
|
+
@Principal, @Role, @Type, @ObjectName, @AllDBNames, @Permission, @LoginName
|
390
|
+
END
|
391
|
+
FETCH NEXT FROM cur_DBList INTO @AllDBNames
|
392
|
+
END
|
393
|
+
|
394
|
+
CLOSE cur_DBList
|
395
|
+
DEALLOCATE cur_DBList
|
396
|
+
END
|
397
|
+
ELSE
|
398
|
+
EXEC sp_executesql @sql, N'@Principal sysname, @Role sysname, @Type nvarchar(30),
|
399
|
+
@ObjectName sysname, @Permission sysname, @LoginName sysname',
|
400
|
+
@Principal, @Role, @Type, @ObjectName, @Permission, @LoginName
|
401
|
+
END
|
402
|
+
|
403
|
+
--=========================================================================
|
404
|
+
-- Database & object Permissions
|
405
|
+
SET @ObjectList =
|
406
|
+
N'; WITH ObjectList AS (' + NCHAR(13) +
|
407
|
+
N' SELECT NULL AS SchemaName , ' + NCHAR(13) +
|
408
|
+
N' name ' + @Collation + ' AS name, ' + NCHAR(13) +
|
409
|
+
N' database_id AS id, ' + NCHAR(13) +
|
410
|
+
N' ''DATABASE'' AS class_desc,' + NCHAR(13) +
|
411
|
+
N' '''' AS class ' + NCHAR(13) +
|
412
|
+
N' FROM master.sys.databases' + NCHAR(13) +
|
413
|
+
N' UNION ALL' + NCHAR(13) +
|
414
|
+
N' SELECT SCHEMA_NAME(sys.all_objects.schema_id) ' + @Collation + N' AS SchemaName,' + NCHAR(13) +
|
415
|
+
N' name ' + @Collation + N' AS name, ' + NCHAR(13) +
|
416
|
+
N' object_id AS id, ' + NCHAR(13) +
|
417
|
+
N' ''OBJECT_OR_COLUMN'' AS class_desc,' + NCHAR(13) +
|
418
|
+
N' ''OBJECT'' AS class ' + NCHAR(13) +
|
419
|
+
N' FROM sys.all_objects' + NCHAR(13) +
|
420
|
+
N' UNION ALL' + NCHAR(13) +
|
421
|
+
N' SELECT name ' + @Collation + N' AS SchemaName, ' + NCHAR(13) +
|
422
|
+
N' NULL AS name, ' + NCHAR(13) +
|
423
|
+
N' schema_id AS id, ' + NCHAR(13) +
|
424
|
+
N' ''SCHEMA'' AS class_desc,' + NCHAR(13) +
|
425
|
+
N' ''SCHEMA'' AS class ' + NCHAR(13) +
|
426
|
+
N' FROM sys.schemas' + NCHAR(13) +
|
427
|
+
N' UNION ALL' + NCHAR(13) +
|
428
|
+
N' SELECT NULL AS SchemaName, ' + NCHAR(13) +
|
429
|
+
N' name ' + @Collation + N' AS name, ' + NCHAR(13) +
|
430
|
+
N' principal_id AS id, ' + NCHAR(13) +
|
431
|
+
N' ''DATABASE_PRINCIPAL'' AS class_desc,' + NCHAR(13) +
|
432
|
+
N' CASE type_desc ' + NCHAR(13) +
|
433
|
+
N' WHEN ''APPLICATION_ROLE'' THEN ''APPLICATION ROLE'' ' + NCHAR(13) +
|
434
|
+
N' WHEN ''DATABASE_ROLE'' THEN ''ROLE'' ' + NCHAR(13) +
|
435
|
+
N' ELSE ''USER'' END AS class ' + NCHAR(13) +
|
436
|
+
N' FROM sys.database_principals' + NCHAR(13) +
|
437
|
+
N' UNION ALL' + NCHAR(13) +
|
438
|
+
N' SELECT NULL AS SchemaName, ' + NCHAR(13) +
|
439
|
+
N' name ' + @Collation + N' AS name, ' + NCHAR(13) +
|
440
|
+
N' assembly_id AS id, ' + NCHAR(13) +
|
441
|
+
N' ''ASSEMBLY'' AS class_desc,' + NCHAR(13) +
|
442
|
+
N' ''ASSEMBLY'' AS class ' + NCHAR(13) +
|
443
|
+
N' FROM sys.assemblies' + NCHAR(13) +
|
444
|
+
N' UNION ALL' + NCHAR(13)
|
445
|
+
|
446
|
+
SET @ObjectList = @ObjectList +
|
447
|
+
N' SELECT SCHEMA_NAME(sys.types.schema_id) ' + @Collation + N' AS SchemaName, ' + NCHAR(13) +
|
448
|
+
N' name ' + @Collation + N' AS name, ' + NCHAR(13) +
|
449
|
+
N' user_type_id AS id, ' + NCHAR(13) +
|
450
|
+
N' ''TYPE'' AS class_desc,' + NCHAR(13) +
|
451
|
+
N' ''TYPE'' AS class ' + NCHAR(13) +
|
452
|
+
N' FROM sys.types' + NCHAR(13) +
|
453
|
+
N' UNION ALL' + NCHAR(13) +
|
454
|
+
N' SELECT SCHEMA_NAME(schema_id) ' + @Collation + N' AS SchemaName, ' + NCHAR(13) +
|
455
|
+
N' name ' + @Collation + N' AS name, ' + NCHAR(13) +
|
456
|
+
N' xml_collection_id AS id, ' + NCHAR(13) +
|
457
|
+
N' ''XML_SCHEMA_COLLECTION'' AS class_desc,' + NCHAR(13) +
|
458
|
+
N' ''XML SCHEMA COLLECTION'' AS class ' + NCHAR(13) +
|
459
|
+
N' FROM sys.xml_schema_collections' + NCHAR(13) +
|
460
|
+
N' UNION ALL' + NCHAR(13) +
|
461
|
+
N' SELECT NULL AS SchemaName, ' + NCHAR(13) +
|
462
|
+
N' name ' + @Collation + N' AS name, ' + NCHAR(13) +
|
463
|
+
N' message_type_id AS id, ' + NCHAR(13) +
|
464
|
+
N' ''MESSAGE_TYPE'' AS class_desc,' + NCHAR(13) +
|
465
|
+
N' ''MESSAGE TYPE'' AS class ' + NCHAR(13) +
|
466
|
+
N' FROM sys.service_message_types' + NCHAR(13) +
|
467
|
+
N' UNION ALL' + NCHAR(13) +
|
468
|
+
N' SELECT NULL AS SchemaName, ' + NCHAR(13) +
|
469
|
+
N' name ' + @Collation + N' AS name, ' + NCHAR(13) +
|
470
|
+
N' service_contract_id AS id, ' + NCHAR(13) +
|
471
|
+
N' ''SERVICE_CONTRACT'' AS class_desc,' + NCHAR(13) +
|
472
|
+
N' ''CONTRACT'' AS class ' + NCHAR(13) +
|
473
|
+
N' FROM sys.service_contracts' + NCHAR(13) +
|
474
|
+
N' UNION ALL' + NCHAR(13) +
|
475
|
+
N' SELECT NULL AS SchemaName, ' + NCHAR(13) +
|
476
|
+
N' name ' + @Collation + N' AS name, ' + NCHAR(13) +
|
477
|
+
N' service_id AS id, ' + NCHAR(13) +
|
478
|
+
N' ''SERVICE'' AS class_desc,' + NCHAR(13) +
|
479
|
+
N' ''SERVICE'' AS class ' + NCHAR(13) +
|
480
|
+
N' FROM sys.services' + NCHAR(13) +
|
481
|
+
N' UNION ALL' + NCHAR(13) +
|
482
|
+
N' SELECT NULL AS SchemaName, ' + NCHAR(13) +
|
483
|
+
N' name ' + @Collation + N' AS name, ' + NCHAR(13) +
|
484
|
+
N' remote_service_binding_id AS id, ' + NCHAR(13) +
|
485
|
+
N' ''REMOTE_SERVICE_BINDING'' AS class_desc,' + NCHAR(13) +
|
486
|
+
N' ''REMOTE SERVICE BINDING'' AS class ' + NCHAR(13) +
|
487
|
+
N' FROM sys.remote_service_bindings' + NCHAR(13) +
|
488
|
+
N' UNION ALL' + NCHAR(13) +
|
489
|
+
N' SELECT NULL AS SchemaName, ' + NCHAR(13) +
|
490
|
+
N' name ' + @Collation + N' AS name, ' + NCHAR(13) +
|
491
|
+
N' route_id AS id, ' + NCHAR(13) +
|
492
|
+
N' ''ROUTE'' AS class_desc,' + NCHAR(13) +
|
493
|
+
N' ''ROUTE'' AS class ' + NCHAR(13) +
|
494
|
+
N' FROM sys.routes' + NCHAR(13) +
|
495
|
+
N' UNION ALL' + NCHAR(13) +
|
496
|
+
N' SELECT NULL AS SchemaName, ' + NCHAR(13) +
|
497
|
+
N' name ' + @Collation + N' AS name, ' + NCHAR(13) +
|
498
|
+
N' fulltext_catalog_id AS id, ' + NCHAR(13) +
|
499
|
+
N' ''FULLTEXT_CATALOG'' AS class_desc,' + NCHAR(13) +
|
500
|
+
N' ''FULLTEXT CATALOG'' AS class ' + NCHAR(13) +
|
501
|
+
N' FROM sys.fulltext_catalogs' + NCHAR(13) +
|
502
|
+
N' UNION ALL' + NCHAR(13) +
|
503
|
+
N' SELECT NULL AS SchemaName, ' + NCHAR(13) +
|
504
|
+
N' name ' + @Collation + N' AS name, ' + NCHAR(13) +
|
505
|
+
N' symmetric_key_id AS id, ' + NCHAR(13) +
|
506
|
+
N' ''SYMMETRIC_KEYS'' AS class_desc,' + NCHAR(13) +
|
507
|
+
N' ''SYMMETRIC KEY'' AS class ' + NCHAR(13) +
|
508
|
+
N' FROM sys.symmetric_keys' + NCHAR(13) +
|
509
|
+
N' UNION ALL' + NCHAR(13) +
|
510
|
+
N' SELECT NULL AS SchemaName, ' + NCHAR(13) +
|
511
|
+
N' name ' + @Collation + N' AS name, ' + NCHAR(13) +
|
512
|
+
N' certificate_id AS id, ' + NCHAR(13) +
|
513
|
+
N' ''CERTIFICATE'' AS class_desc,' + NCHAR(13) +
|
514
|
+
N' ''CERTIFICATE'' AS class ' + NCHAR(13) +
|
515
|
+
N' FROM sys.certificates' + NCHAR(13) +
|
516
|
+
N' UNION ALL' + NCHAR(13) +
|
517
|
+
N' SELECT NULL AS SchemaName, ' + NCHAR(13) +
|
518
|
+
N' name ' + @Collation + N' AS name, ' + NCHAR(13) +
|
519
|
+
N' asymmetric_key_id AS id, ' + NCHAR(13) +
|
520
|
+
N' ''ASYMMETRIC_KEY'' AS class_desc,' + NCHAR(13) +
|
521
|
+
N' ''ASYMMETRIC KEY'' AS class ' + NCHAR(13) +
|
522
|
+
N' FROM sys.asymmetric_keys' + NCHAR(13) +
|
523
|
+
N' ) ' + NCHAR(13)
|
524
|
+
|
525
|
+
SET @sql =
|
526
|
+
N'SELECT ' + CASE WHEN @DBName = 'All' THEN N'@AllDBNames' ELSE N'''' + @DBName + N'''' END + N' AS DBName,' + NCHAR(13) +
|
527
|
+
N' Grantee.principal_id AS GranteePrincipalId, Grantee.name AS GranteeName, Grantor.name AS GrantorName, ' + NCHAR(13) +
|
528
|
+
N' Permission.class_desc, Permission.permission_name, ' + NCHAR(13) +
|
529
|
+
N' ObjectList.name AS ObjectName, ' + NCHAR(13) +
|
530
|
+
N' ObjectList.SchemaName, ' + NCHAR(13) +
|
531
|
+
N' Permission.state_desc, ' + NCHAR(13) +
|
532
|
+
N' CASE WHEN Grantee.is_fixed_role = 0 AND Grantee.name <> ''dbo'' THEN ' + NCHAR(13) +
|
533
|
+
CASE WHEN @DBName = 'All' THEN N' ''USE '' + QUOTENAME(@AllDBNames) + ''; '' + ' + NCHAR(13) ELSE N'' END +
|
534
|
+
N' ''REVOKE '' + ' + NCHAR(13) +
|
535
|
+
N' CASE WHEN Permission.[state] = ''W'' THEN ''GRANT OPTION FOR '' ELSE '''' END + ' + NCHAR(13) +
|
536
|
+
N' '' '' + Permission.permission_name' + @Collation + N' + ' + NCHAR(13) +
|
537
|
+
N' CASE WHEN Permission.major_id <> 0 THEN '' ON '' + ' + NCHAR(13) +
|
538
|
+
N' ObjectList.class + ''::'' + ' + NCHAR(13) +
|
539
|
+
N' ISNULL(QUOTENAME(ObjectList.SchemaName),'''') + ' + NCHAR(13) +
|
540
|
+
N' CASE WHEN ObjectList.SchemaName + ObjectList.name IS NULL THEN '''' ELSE ''.'' END + ' + NCHAR(13) +
|
541
|
+
N' ISNULL(QUOTENAME(ObjectList.name),'''') ' + NCHAR(13) +
|
542
|
+
N' ' + @Collation + ' + '' '' ELSE '''' END + ' + NCHAR(13) +
|
543
|
+
N' '' FROM '' + QUOTENAME(Grantee.name' + @Collation + N') + ''; '' END AS RevokeScript, ' + NCHAR(13) +
|
544
|
+
N' CASE WHEN Grantee.is_fixed_role = 0 AND Grantee.name <> ''dbo'' THEN ' + NCHAR(13) +
|
545
|
+
CASE WHEN @DBName = 'All' THEN N' ''USE '' + QUOTENAME(@AllDBNames) + ''; '' + ' + NCHAR(13) ELSE N'' END +
|
546
|
+
N' CASE WHEN Permission.[state] = ''W'' THEN ''GRANT'' ELSE Permission.state_desc' + @Collation +
|
547
|
+
N' END + ' + NCHAR(13) +
|
548
|
+
N' '' '' + Permission.permission_name' + @Collation + N' + ' + NCHAR(13) +
|
549
|
+
N' CASE WHEN Permission.major_id <> 0 THEN '' ON '' + ' + NCHAR(13) +
|
550
|
+
N' ObjectList.class + ''::'' + ' + NCHAR(13) +
|
551
|
+
N' ISNULL(QUOTENAME(ObjectList.SchemaName),'''') + ' + NCHAR(13) +
|
552
|
+
N' CASE WHEN ObjectList.SchemaName + ObjectList.name IS NULL THEN '''' ELSE ''.'' END + ' + NCHAR(13) +
|
553
|
+
N' ISNULL(QUOTENAME(ObjectList.name),'''') ' + NCHAR(13) +
|
554
|
+
N' ' + @Collation + N' + '' '' ELSE '''' END + ' + NCHAR(13) +
|
555
|
+
N' '' TO '' + QUOTENAME(Grantee.name' + @Collation + N') + '' '' + ' + NCHAR(13) +
|
556
|
+
N' CASE WHEN Permission.[state] = ''W'' THEN '' WITH GRANT OPTION '' ELSE '''' END + ' + NCHAR(13) +
|
557
|
+
N' '' AS ''+ QUOTENAME(Grantor.name' + @Collation + N')+'';'' END AS GrantScript ' + NCHAR(13) +
|
558
|
+
N'FROM sys.database_permissions Permission ' + NCHAR(13) +
|
559
|
+
N'JOIN sys.database_principals Grantee ' + NCHAR(13) +
|
560
|
+
N' ON Permission.grantee_principal_id = Grantee.principal_id ' + NCHAR(13) +
|
561
|
+
N'JOIN sys.database_principals Grantor ' + NCHAR(13) +
|
562
|
+
N' ON Permission.grantor_principal_id = Grantor.principal_id ' + NCHAR(13) +
|
563
|
+
N'LEFT OUTER JOIN ObjectList ' + NCHAR(13) +
|
564
|
+
N' ON Permission.major_id = ObjectList.id ' + NCHAR(13) +
|
565
|
+
N' AND Permission.class_desc = ObjectList.class_desc ' + NCHAR(13) +
|
566
|
+
N'WHERE 1=1 '
|
567
|
+
|
568
|
+
IF LEN(ISNULL(@Principal,@Role)) > 0
|
569
|
+
IF @Print = 1
|
570
|
+
SET @sql = @sql + NCHAR(13) + N' AND Grantee.name ' + @LikeOperator + N' ' + ISNULL(QUOTENAME(@Principal,''''),QUOTENAME(@Role,''''))
|
571
|
+
ELSE
|
572
|
+
SET @sql = @sql + NCHAR(13) + N' AND Grantee.name ' + @LikeOperator + N' ISNULL(@Principal,@Role) '
|
573
|
+
|
574
|
+
IF LEN(@Type) > 0
|
575
|
+
IF @Print = 1
|
576
|
+
SET @sql = @sql + NCHAR(13) + N' AND Grantee.type ' + @LikeOperator + N' ' + QUOTENAME(@Type,'''')
|
577
|
+
ELSE
|
578
|
+
SET @sql = @sql + NCHAR(13) + N' AND Grantee.type ' + @LikeOperator + N' @Type'
|
579
|
+
|
580
|
+
IF LEN(@ObjectName) > 0
|
581
|
+
IF @Print = 1
|
582
|
+
SET @sql = @sql + NCHAR(13) + N' AND ObjectList.name ' + @LikeOperator + N' ' + QUOTENAME(@ObjectName,'''')
|
583
|
+
ELSE
|
584
|
+
SET @sql = @sql + NCHAR(13) + N' AND ObjectList.name ' + @LikeOperator + N' @ObjectName '
|
585
|
+
|
586
|
+
IF LEN(@Permission) > 0
|
587
|
+
IF @Print = 1
|
588
|
+
SET @sql = @sql + NCHAR(13) + N' AND Permission.permission_name ' + @LikeOperator + N' ' + QUOTENAME(@Permission,'''')
|
589
|
+
ELSE
|
590
|
+
SET @sql = @sql + NCHAR(13) + N' AND Permission.permission_name ' + @LikeOperator + N' @Permission'
|
591
|
+
|
592
|
+
IF LEN(@LoginName) > 0
|
593
|
+
BEGIN
|
594
|
+
SET @sql = @sql + NCHAR(13) +
|
595
|
+
N' AND EXISTS (SELECT 1 ' + NCHAR(13) +
|
596
|
+
N' FROM sys.server_principals SrvPrincipals ' + NCHAR(13) +
|
597
|
+
N' WHERE SrvPrincipals.sid = Grantee.sid ' + NCHAR(13) +
|
598
|
+
N' AND Grantee.sid NOT IN (0x00, 0x01) ' + NCHAR(13) +
|
599
|
+
N' AND Grantee.type NOT IN (''R'') ' + NCHAR(13)
|
600
|
+
IF @Print = 1
|
601
|
+
SET @sql = @sql + NCHAR(13) + N' AND SrvPrincipals.name ' + @LikeOperator + N' ' + QUOTENAME(@LoginName,'''')
|
602
|
+
ELSE
|
603
|
+
SET @sql = @sql + NCHAR(13) + N' AND SrvPrincipals.name ' + @LikeOperator + N' @LoginName'
|
604
|
+
|
605
|
+
SET @sql = @sql + ')'
|
606
|
+
END
|
607
|
+
|
608
|
+
IF @IncludeMSShipped = 0
|
609
|
+
SET @sql = @sql + NCHAR(13) + N' AND Grantee.is_fixed_role = 0 ' + NCHAR(13) +
|
610
|
+
' AND Grantee.name NOT IN (''dbo'',''public'',''INFORMATION_SCHEMA'',''guest'',''sys'') '
|
611
|
+
|
612
|
+
IF @Print = 1
|
613
|
+
BEGIN
|
614
|
+
PRINT '-- Database & object Permissions'
|
615
|
+
PRINT CAST(@use AS nvarchar(max))
|
616
|
+
PRINT CAST(@ObjectList AS nvarchar(max))
|
617
|
+
PRINT CAST(@sql AS nvarchar(max))
|
618
|
+
END
|
619
|
+
ELSE
|
620
|
+
BEGIN
|
621
|
+
IF object_id('tempdb..#DBPermissions') IS NOT NULL
|
622
|
+
DROP TABLE #DBPermissions
|
623
|
+
|
624
|
+
-- Create temp table to store the data in
|
625
|
+
CREATE TABLE #DBPermissions (
|
626
|
+
DBName sysname NULL,
|
627
|
+
GranteePrincipalId int NULL,
|
628
|
+
GranteeName sysname NULL,
|
629
|
+
GrantorName sysname NULL,
|
630
|
+
class_desc nvarchar(60) NULL,
|
631
|
+
permission_name nvarchar(128) NULL,
|
632
|
+
ObjectName sysname NULL,
|
633
|
+
SchemaName sysname NULL,
|
634
|
+
state_desc nvarchar(60) NULL,
|
635
|
+
RevokeScript nvarchar(max) NULL,
|
636
|
+
GrantScript nvarchar(max) NULL
|
637
|
+
)
|
638
|
+
|
639
|
+
-- Add insert statement to @sql
|
640
|
+
SET @sql = @use + @ObjectList +
|
641
|
+
N'INSERT INTO #DBPermissions ' + NCHAR(13) +
|
642
|
+
@sql
|
643
|
+
|
644
|
+
IF @DBName = 'All'
|
645
|
+
BEGIN
|
646
|
+
-- Declare a READ_ONLY cursor to loop through the databases
|
647
|
+
DECLARE cur_DBList CURSOR
|
648
|
+
READ_ONLY
|
649
|
+
FOR SELECT name FROM sys.databases ORDER BY name
|
650
|
+
|
651
|
+
OPEN cur_DBList
|
652
|
+
|
653
|
+
FETCH NEXT FROM cur_DBList INTO @AllDBNames
|
654
|
+
WHILE (@@fetch_status <> -1)
|
655
|
+
BEGIN
|
656
|
+
IF (@@fetch_status <> -2)
|
657
|
+
BEGIN
|
658
|
+
SET @sql2 = 'USE ' + QUOTENAME(@AllDBNames) + ';' + NCHAR(13) + @sql
|
659
|
+
EXEC sp_executesql @sql2,
|
660
|
+
N'@Principal sysname, @Role sysname, @Type nvarchar(30), @ObjectName sysname,
|
661
|
+
@AllDBNames sysname, @Permission sysname, @LoginName sysname',
|
662
|
+
@Principal, @Role, @Type, @ObjectName, @AllDBNames, @Permission, @LoginName
|
663
|
+
END
|
664
|
+
FETCH NEXT FROM cur_DBList INTO @AllDBNames
|
665
|
+
END
|
666
|
+
|
667
|
+
CLOSE cur_DBList
|
668
|
+
DEALLOCATE cur_DBList
|
669
|
+
END
|
670
|
+
ELSE
|
671
|
+
BEGIN
|
672
|
+
EXEC sp_executesql @sql, N'@Principal sysname, @Role sysname, @Type nvarchar(30),
|
673
|
+
@ObjectName sysname, @Permission sysname, @LoginName sysname',
|
674
|
+
@Principal, @Role, @Type, @ObjectName, @Permission, @LoginName
|
675
|
+
END
|
676
|
+
END
|
677
|
+
|
678
|
+
IF @Print <> 1
|
679
|
+
BEGIN
|
680
|
+
IF @Output = 'None'
|
681
|
+
PRINT ''
|
682
|
+
ELSE IF @Output = 'CreateOnly'
|
683
|
+
BEGIN
|
684
|
+
SELECT @sql_script += CreateScript + @newline FROM #DBPrincipals WHERE CreateScript IS NOT NULL
|
685
|
+
SELECT @sql_script += AddScript + @newline FROM #DBRoles WHERE AddScript IS NOT NULL
|
686
|
+
SELECT @sql_script += GrantScript + @newline FROM #DBPermissions WHERE GrantScript IS NOT NULL AND class_desc != CASE WHEN @IncludeTablePermissions = 0 THEN 'OBJECT_OR_COLUMN' ELSE '' END
|
687
|
+
SELECT @sql_script AS [RestorePermissionsScript]
|
688
|
+
END
|
689
|
+
ELSE IF @Output = 'DropOnly'
|
690
|
+
BEGIN
|
691
|
+
SELECT @sql_script += DropScript + @newline FROM #DBPrincipals WHERE DropScript IS NOT NULL
|
692
|
+
SELECT @sql_script += DropScript + @newline FROM #DBRoles WHERE DropScript IS NOT NULL
|
693
|
+
SELECT @sql_script += RevokeScript + @newline FROM #DBPermissions WHERE RevokeScript IS NOT NULL AND class_desc != CASE WHEN @IncludeTablePermissions = 0 THEN 'OBJECT_OR_COLUMN' ELSE '' END
|
694
|
+
SELECT @sql_script AS [RestorePermissionsScript]
|
695
|
+
END
|
696
|
+
ELSE IF @Output = 'ScriptOnly'
|
697
|
+
BEGIN
|
698
|
+
SELECT DropScript, CreateScript FROM #DBPrincipals WHERE DropScript IS NOT NULL OR CreateScript IS NOT NULL
|
699
|
+
SELECT DropScript, AddScript FROM #DBRoles WHERE DropScript IS NOT NULL OR AddScript IS NOT NULL
|
700
|
+
SELECT RevokeScript, GrantScript FROM #DBPermissions WHERE RevokeScript IS NOT NULL OR GrantScript IS NOT NULL AND class_desc != CASE WHEN @IncludeTablePermissions = 0 THEN 'OBJECT_OR_COLUMN' ELSE '' END
|
701
|
+
SELECT @sql_script AS [RestorePermissionsScript]
|
702
|
+
END
|
703
|
+
ELSE IF @Output = 'Report'
|
704
|
+
BEGIN
|
705
|
+
SELECT DBName, DBPrincipal, SrvPrincipal, type, type_desc,
|
706
|
+
STUFF((SELECT ', ' + #DBRoles.RoleName
|
707
|
+
FROM #DBRoles
|
708
|
+
WHERE #DBPrincipals.DBName = #DBRoles.DBName
|
709
|
+
AND #DBPrincipals.DBPrincipalId = #DBRoles.UserPrincipalId
|
710
|
+
ORDER BY #DBRoles.RoleName
|
711
|
+
FOR XML PATH(''),TYPE).value('.','VARCHAR(MAX)')
|
712
|
+
, 1, 2, '') AS RoleMembership,
|
713
|
+
STUFF((SELECT ', ' + #DBPermissions.state_desc + ' ' + #DBPermissions.permission_name + ' on ' +
|
714
|
+
ISNULL('OBJECT:'+#DBPermissions.ObjectName, 'DATABASE:'+#DBPermissions.DBName)
|
715
|
+
FROM #DBPermissions
|
716
|
+
WHERE #DBPrincipals.DBName = #DBPermissions.DBName
|
717
|
+
AND #DBPrincipals.DBPrincipalId = #DBPermissions.GranteePrincipalId
|
718
|
+
ORDER BY #DBPermissions.state_desc, ISNULL(#DBPermissions.ObjectName, #DBPermissions.DBName), #DBPermissions.permission_name
|
719
|
+
FOR XML PATH(''),TYPE).value('.','VARCHAR(MAX)')
|
720
|
+
, 1, 2, '') AS DirectPermissions
|
721
|
+
FROM #DBPrincipals
|
722
|
+
ORDER BY DBName, type, DBPrincipal
|
723
|
+
END
|
724
|
+
ELSE -- 'Default' or no match
|
725
|
+
BEGIN
|
726
|
+
SELECT DBName, DBPrincipal, SrvPrincipal, type, type_desc, default_schema_name,
|
727
|
+
create_date, modify_date, is_fixed_role, RoleAuthorization, sid,
|
728
|
+
DropScript, CreateScript
|
729
|
+
FROM #DBPrincipals ORDER BY DBName, DBPrincipal
|
730
|
+
IF LEN(@Role) > 0
|
731
|
+
SELECT DBName, UserName, RoleName, DropScript, AddScript
|
732
|
+
FROM #DBRoles ORDER BY DBName, RoleName, UserName
|
733
|
+
ELSE
|
734
|
+
SELECT DBName, UserName, RoleName, DropScript, AddScript
|
735
|
+
FROM #DBRoles ORDER BY DBName, UserName, RoleName
|
736
|
+
|
737
|
+
IF LEN(@ObjectName) > 0
|
738
|
+
SELECT DBName, GranteeName, GrantorName, class_desc, permission_name, ObjectName,
|
739
|
+
SchemaName, state_desc, RevokeScript, GrantScript
|
740
|
+
FROM #DBPermissions
|
741
|
+
WHERE class_desc != CASE WHEN @IncludeTablePermissions = 0 THEN 'OBJECT_OR_COLUMN' ELSE '' END
|
742
|
+
ORDER BY DBName, ObjectName, GranteeName
|
743
|
+
ELSE
|
744
|
+
SELECT DBName, GranteeName, GrantorName, class_desc, permission_name, ObjectName,
|
745
|
+
SchemaName, state_desc, RevokeScript, GrantScript
|
746
|
+
FROM #DBPermissions
|
747
|
+
WHERE class_desc != CASE WHEN @IncludeTablePermissions = 0 THEN 'OBJECT_OR_COLUMN' ELSE '' END
|
748
|
+
ORDER BY DBName, GranteeName, ObjectName
|
749
|
+
END
|
750
|
+
|
751
|
+
IF @DropTempTables = 1
|
752
|
+
BEGIN
|
753
|
+
DROP TABLE #DBPrincipals
|
754
|
+
DROP TABLE #DBRoles
|
755
|
+
DROP TABLE #DBPermissions
|
756
|
+
END
|
757
|
+
END
|