对象的 SELECT 权限被拒绝
如果在 SqlServer 中创建了一个自定义角色,我将其添加到 db__denydatareader 和 db__denydatawriter 角色中。 我认为检查了数据库并向所有必要的存储过程授予了 exec 权限。
一切正常,调用那些 sps 就会正常运行。 一个例外是使用 sp_executesql 执行动态 sql 的存储过程。 这没有说
The SELECT permission was denied on the object 'listing_counter', database 'Cannla', schema 'dbo'.
是否有任何方法可以授予角色运行此查询的权限,而不授予其对基础表的选择访问权限?
我想我想做的是在 sys.sp_executesql 上授予 exec 但仅在某种情况下。
If have created a custom role within SqlServer which I added to the db__denydatareader and db__denydatawriter roles. I think went through the db and granted exec permission to all neccersary stored procedures.
Everything works fine, calling those sps will run fine. The one exception is a stored procedure which executes dynamic sql by using sp_executesql. This fails saying
The SELECT permission was denied on the object 'listing_counter', database 'Cannla', schema 'dbo'.
Is there any way to grant the role permission to run this query without giving it select access to the underlying tables?
I guess what I'm wanting to do is grant exec on sys.sp_executesql but only in a certain case.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
您可以仅为使用execute_sql 的存储过程创建一个新用户,授予他所需的权限,然后将WITH EXECUTE AS 'MyUser' 添加到过程定义中。
请参阅 MSDN。
You can create a new user just for your stored procedure that uses execute_sql, grant him the requires rights and then add to the procedure definition WITH EXECUTE AS 'MyUser'.
See MSDN.
使用以下语句来实现这一点。 这对我有用。
sp_addlinkedserver [ @server= ] '服务器' [ , [ @srvproduct= ] '产品名称' ]
[ , [ @provider= ] 'provider_name' ]
Use using the following statement for that . It worked for me.
sp_addlinkedserver [ @server= ] 'server' [ , [ @srvproduct= ] 'product_name' ]
[ , [ @provider= ] 'provider_name' ]