sql 查询的权限被拒绝
我正在尝试通过经典的 asp 记录集执行以下查询 -
SQL = "Select P_Name as P_Name, P_Description as P_Description
from L_PagePermission
inner join A_Permission on p_permissionID = pp_PermissionID
inner join A_Page on P_PageID = PP_PageID
where P_PageID = 85
order by p_Name"
尽管我遇到了权限问题。所以我收到的错误是 -
用于 ODBC 的 Microsoft OLE DB 提供程序 驱动程序错误“80040e09”
[Microsoft][ODBC SQL Server 驱动程序][SQL Server]SELECT 权限 拒绝对象“A_Permission”, 数据库“HRWB_3_0”,架构“dbo”。
我将如何在不更改权限设置的情况下执行此查询。我如何使用存储过程来做到这一点? (有人也可以提供一个例子)
我无法更改数据库设置,我必须处理我得到的内容。我浏览了很多网站文件,它似乎主要依赖于存储过程。
I'm trying to execute the following query through classic asp recordset -
SQL = "Select P_Name as P_Name, P_Description as P_Description
from L_PagePermission
inner join A_Permission on p_permissionID = pp_PermissionID
inner join A_Page on P_PageID = PP_PageID
where P_PageID = 85
order by p_Name"
Although I've ran into a problem with permissions. So the error that i am receiving is -
Microsoft OLE DB Provider for ODBC
Drivers error '80040e09'[Microsoft][ODBC SQL Server
Driver][SQL Server]SELECT permission
denied on object 'A_Permission',
database 'HRWB_3_0', schema 'dbo'.
How would I go about executing this query without changing permission settings. How can I do this with a stored procedure? (Can someone provide an example too)
I can't change the database settings I have to deal with what I got. I've looked through a lot of the websites files and it seems to be mostly dependent on stored procedures.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
您将无法解决该权限错误,除非您向用于连接到的登录名授予对
L_PagePermission和A_Permission表的选择访问权限数据库,或者除非您使用已经对这些表具有选择访问权限的其他登录名。另一种方法是编写一个新的存储过程并授予对该存储过程的 EXECUTE 访问权限。在这两种情况下授予权限的 SQL 都很简单:
授予对表的 SELECT 访问权限:
GRANT SELECT ON [TableName] TO [loginName]要授予对存储过程的 EXECUTE 访问权限:
GRANT EXECUTE ON [procedureName] TO [loginName]另一种可行但具有明显安全隐患的方法是将您正在使用的登录名添加到该数据库的 db_owner 角色。这应该可行,但不建议这样做,除非您对所带来的安全风险感到满意。
You're not going to be able to get around that permissions error unless you grant select access on the
L_PagePermissionandA_Permissiontables to the login that you are using to connect to the database, or unless you use a different login that already has select access to those tables.Another approach would be to write a new stored procedure and grant EXECUTE access to that stored procedure. The SQL to grant permissions in either case is simple:
To grant SELECT access to a table:
GRANT SELECT ON [TableName] TO [loginName]To grant EXECUTE access to a stored procedure:
GRANT EXECUTE ON [procedureName] TO [loginName]One more approach that could work but has obvious security implications is to add the login you are using to the db_owner role for that database. That should work, but is NOT recommended unless you are comfortable with the security risks that presents.
如果您无权从表中进行选择,则除了以有权从表中进行选择的用户身份连接到 DBMS 之外,没有任何方法可以解决权限缺失的问题。这就是权限系统的目的——防止未经授权的人做他们不被允许做的事情。
If you don't have permission to select from the table, there won't be any way to work around the absence of permission other than connecting to the DBMS as a user who has permission to select from the table. That's the point of the permissions system - to prevent the unauthorized from doing what they are not allowed to do.