<legend id='hnvvR'><style id='hnvvR'><dir id='hnvvR'><q id='hnvvR'></q></dir></style></legend>
  • <i id='hnvvR'><tr id='hnvvR'><dt id='hnvvR'><q id='hnvvR'><span id='hnvvR'><b id='hnvvR'><form id='hnvvR'><ins id='hnvvR'></ins><ul id='hnvvR'></ul><sub id='hnvvR'></sub></form><legend id='hnvvR'></legend><bdo id='hnvvR'><pre id='hnvvR'><center id='hnvvR'></center></pre></bdo></b><th id='hnvvR'></th></span></q></dt></tr></i><div id='hnvvR'><tfoot id='hnvvR'></tfoot><dl id='hnvvR'><fieldset id='hnvvR'></fieldset></dl></div>
      <bdo id='hnvvR'></bdo><ul id='hnvvR'></ul>

      1. <small id='hnvvR'></small><noframes id='hnvvR'>

        <tfoot id='hnvvR'></tfoot>

        存储过程和权限 - EXECUTE 足够了吗?

        时间:2023-10-26

        <tfoot id='2v0BD'></tfoot>
      2. <legend id='2v0BD'><style id='2v0BD'><dir id='2v0BD'><q id='2v0BD'></q></dir></style></legend>

        <small id='2v0BD'></small><noframes id='2v0BD'>

            • <bdo id='2v0BD'></bdo><ul id='2v0BD'></ul>
                <i id='2v0BD'><tr id='2v0BD'><dt id='2v0BD'><q id='2v0BD'><span id='2v0BD'><b id='2v0BD'><form id='2v0BD'><ins id='2v0BD'></ins><ul id='2v0BD'></ul><sub id='2v0BD'></sub></form><legend id='2v0BD'></legend><bdo id='2v0BD'><pre id='2v0BD'><center id='2v0BD'></center></pre></bdo></b><th id='2v0BD'></th></span></q></dt></tr></i><div id='2v0BD'><tfoot id='2v0BD'></tfoot><dl id='2v0BD'><fieldset id='2v0BD'></fieldset></dl></div>
                  <tbody id='2v0BD'></tbody>

                  本文介绍了存储过程和权限 - EXECUTE 足够了吗?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着跟版网的小编来一起学习吧!

                  问题描述

                  我有一个 SQL Server 2008 数据库,其中对基础表的所有访问都是通过存储过程完成的.一些存储过程只是从表中 SELECT 记录,而其他存储过程则是 UPDATE、INSERT 和 DELETE.

                  I have a SQL Server 2008 database where all access to the underlying tables is done through stored procedures. Some stored procedures simply SELECT records from the tables while others UPDATE, INSERT, and DELETE.

                  如果存储过程更新表,执行存储过程的用户是否也需要受影响表的更新权限,或者他们对存储过程具有执行权限的事实就足够了?

                  If a stored procedure UPDATES a table does the user executing the stored procedure also need UPDATE permissions to the affected tables or is the fact that they have EXECUTE permissions to the stored procedure enough?

                  基本上,我想知道是否授予用户对存储过程的 EXECUTE 权限就足够了,或者我是否需要向他们授予对表的 SELECT、UPDATE、DELETE 和 INSERT 权限才能使存储过程正常工作.谢谢.

                  Basically I am wondering if giving the user EXECUTE permissions to the stored procedures is enough or do I need to give them SELECT, UPDATE, DELETE, and INSERT permissions to the tables in order for the stored procedures to work. Thank you.

                  在我的大多数存储过程中,确实看起来 EXECUTE 就足够了.但是,我确实发现在使用Execute sp_Executesql"的存储过程中,EXECUTE 是不够的.所涉及的表需要具有在sp_Executesql"中执行的操作的权限.

                  In most of my stored procedures it does indeed appear that EXECUTE is enough. However, I did find that in stored procedures where "Execute sp_Executesql" was used that EXECUTE was not enough. The tables involved needed to have permissions for the actions being performed within "sp_Executesql".

                  推荐答案

                  对存储过程的执行权限就足够了.

                  Execute permissions on the stored procedure is sufficient.

                  CREATE TABLE dbo.Temp(n int)
                  
                  GO
                  DENY INSERT ON dbo.Temp TO <your role>
                  GO
                  CREATE PROCEDURE dbo.SPTemp(@Int int)
                  AS
                  
                  INSERT dbo.Temp
                  SELECT  @Int 
                  
                  GO
                  
                  GRANT EXEC ON dbo.SPTemp TO <your role>
                  
                  GO
                  

                  那么(非db_owner)用户将拥有以下权限:

                  Then the (non-db_owner) user will have the following rights:

                  EXEC dbo.SPTemp 10
                  GO
                  
                  INSERT dbo.Temp --INSERT permission was denied on the object 'Temp'
                  SELECT  10
                  

                  但是,如果 dbo.SPTemp 中有动态 SQL 尝试插入到 dbo.Temp 中,则会失败.在这种情况下,需要授予对该表的直接权限.

                  However, if there is dynamic SQL inside dbo.SPTemp that attempts to insert into dbo.Temp then that will fail. In this case direct permission on the table will need to be granted.

                  这篇关于存储过程和权限 - EXECUTE 足够了吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持跟版网!

                  上一篇:MySQL 存储过程错误处理 下一篇:从java调用带有表值参数的存储过程

                  相关文章

                1. <i id='HM1RX'><tr id='HM1RX'><dt id='HM1RX'><q id='HM1RX'><span id='HM1RX'><b id='HM1RX'><form id='HM1RX'><ins id='HM1RX'></ins><ul id='HM1RX'></ul><sub id='HM1RX'></sub></form><legend id='HM1RX'></legend><bdo id='HM1RX'><pre id='HM1RX'><center id='HM1RX'></center></pre></bdo></b><th id='HM1RX'></th></span></q></dt></tr></i><div id='HM1RX'><tfoot id='HM1RX'></tfoot><dl id='HM1RX'><fieldset id='HM1RX'></fieldset></dl></div>
                  <legend id='HM1RX'><style id='HM1RX'><dir id='HM1RX'><q id='HM1RX'></q></dir></style></legend>
                    <tfoot id='HM1RX'></tfoot>
                    • <bdo id='HM1RX'></bdo><ul id='HM1RX'></ul>

                    1. <small id='HM1RX'></small><noframes id='HM1RX'>