MSSQL: mudanças entre as edições

De Wiki Clusterlab.com.br
Ir para navegação Ir para pesquisar
Sem resumo de edição
Sem resumo de edição
 
(3 revisões intermediárias pelo mesmo usuário não estão sendo mostradas)
Linha 1: Linha 1:
=Basic Commands=
=Basic Commands=
==Azure SQL Database==
==Azure SQL Database==
Create LOGIN/USER
===Create LOGIN/USER===
<syntaxhighlight lang=sql>
<syntaxhighlight lang=sql>
-- Create LOGIN
-- Create LOGIN
Linha 19: Linha 19:
-- CREATE USER WITHOUT LOGIN
-- CREATE USER WITHOUT LOGIN
CREATE USER readonlyuser WITH PASSWORD = '1231!#ASDF!a';
CREATE USER readonlyuser WITH PASSWORD = '1231!#ASDF!a';
-- CREATE USER ON THE DATABASE
CREATE USER username WITH PASSWORD = 'MySuperS3cretP@ssw0rd';
ALTER ROLE [db_datareader] ADD MEMBER [username];
ALTER ROLE [db_datawriter] ADD MEMBER [username];
ALTER ROLE [db_owner] ADD MEMBER [username];
</syntaxhighlight>
</syntaxhighlight>
Set Permission
===Drop User===
<syntaxhighlight lang=sql>
DROP USER username;
</syntaxhighlight>
===Set Permission===
<syntaxhighlight lang=sql>
<syntaxhighlight lang=sql>
-- ADD ROLE MEMBER
-- ADD ROLE MEMBER
Linha 31: Linha 41:
GO
GO
</syntaxhighlight>
</syntaxhighlight>
Get Permissions
===Get Permissions===
<syntaxhighlight lang=sql>
<syntaxhighlight lang=sql>
-- GET ALL PERMISSIONS EXPLICITLY GRANTED OR DENIED
-- GET ALL PERMISSIONS EXPLICITLY GRANTED OR DENIED
Linha 40: Linha 50:
     ON pe.grantee_principal_id = pr.principal_id;
     ON pe.grantee_principal_id = pr.principal_id;
</syntaxhighlight>
</syntaxhighlight>
Get Detailed Permissions
===Get Detailed Permissions===
<syntaxhighlight lang=sql>
<syntaxhighlight lang=sql>
-- GET DETAILED PERMISSIONS
-- GET DETAILED PERMISSIONS
Linha 80: Linha 90:
OPTION(MAXRECURSION 10);
OPTION(MAXRECURSION 10);
</syntaxhighlight>
</syntaxhighlight>
Delete User
===Delete User===
<syntaxhighlight lang=sql>
<syntaxhighlight lang=sql>
-- DELETE/REMOVE USER
-- DELETE/REMOVE USER
DROP USER readonlyuser;
DROP USER readonlyuser;
</syntaxhighlight>
</syntaxhighlight>
Get All databases
===Get All databases===
<syntaxhighlight lang=sql>
<syntaxhighlight lang=sql>
-- LIST ALL DATABASES
-- LIST ALL DATABASES
Linha 94: Linha 104:
order by name
order by name
</syntaxhighlight>
</syntaxhighlight>
Get all tables
===Get all tables===
<syntaxhighlight lang=sql>
<syntaxhighlight lang=sql>
-- LIST ALL TABLES
-- LIST ALL TABLES
Linha 104: Linha 114:
order by schema_name,
order by schema_name,
         table_name;
         table_name;
</syntaxhighlight>
===Describe Table columns===
<syntaxhighlight lang=sql>
exec sp_columns Employee;
</syntaxhighlight>
</syntaxhighlight>


===Delete All data on a table===
<syntaxhighlight lang=sql>
truncate table Employee;
</syntaxhighlight>
===[https://dataedo.com/kb/query/azure-sql/list-database-sessions Get Sessions]===
<syntaxhighlight lang=sql>
exec sp_who2;
</syntaxhighlight>
=Docs=
=Docs=
*[https://docs.microsoft.com/en-us/sql/relational-databases/security/authentication-access/database-level-roles?view=sql-server-ver15 Database-Level Roles]
*[https://docs.microsoft.com/en-us/sql/relational-databases/security/authentication-access/database-level-roles?view=sql-server-ver15 Database-Level Roles]

Edição atual tal como às 14h35min de 13 de julho de 2022

Basic Commands

Azure SQL Database

Create LOGIN/USER

-- Create LOGIN
CREATE LOGIN readonlylogin WITH password='1231!#ASDF!a';
-- OR
USE [master]
GO
CREATE LOGIN [readonlylogin] WITH PASSWORD=N'1231!#ASDF!a', DEFAULT_DATABASE=[TESTDATABASE], CHECK_EXPIRATION=OFF, CHECK_POLICY=OFF
GO

-- Create USER
USE TESTDATABASE
GO
CREATE USER readonlyuser FROM LOGIN readonlylogin;
GO

-- CREATE USER WITHOUT LOGIN
CREATE USER readonlyuser WITH PASSWORD = '1231!#ASDF!a';

-- CREATE USER ON THE DATABASE
CREATE USER username WITH PASSWORD = 'MySuperS3cretP@ssw0rd';
ALTER ROLE [db_datareader] ADD MEMBER [username];
ALTER ROLE [db_datawriter] ADD MEMBER [username];
ALTER ROLE [db_owner] ADD MEMBER [username];

Drop User

DROP USER username;

Set Permission

-- ADD ROLE MEMBER
EXEC sp_addrolemember 'db_datareader', 'readonlyuser';

-- OR
USE TESTDATABASE
GO
ALTER ROLE [db_datareader] ADD MEMBER [readonlyuser];
GO

Get Permissions

-- GET ALL PERMISSIONS EXPLICITLY GRANTED OR DENIED
SELECT DISTINCT pr.principal_id, pr.name, pr.type_desc, 
    pr.authentication_type_desc, pe.state_desc, pe.permission_name
FROM sys.database_principals AS pr
JOIN sys.database_permissions AS pe
    ON pe.grantee_principal_id = pr.principal_id;

Get Detailed Permissions

-- GET DETAILED PERMISSIONS
;WITH 
[explicit] AS (
   SELECT [p].[principal_id], [p].[name], [p].[type_desc], [p].[create_date],
         [dbp].[permission_name] COLLATE SQL_Latin1_General_CP1_CI_AS [permission],
         CAST('' AS SYSNAME) [grant_through]
   FROM [sys].[database_permissions] [dbp]
   INNER JOIN [sys].[database_principals] [p] ON [dbp].[grantee_principal_id] = [p].[principal_id]
   WHERE ([dbp].[type] IN ('IN','UP','DL','CL','DABO','IM','SL','TO') OR [dbp].[type] LIKE 'AL%' OR [dbp].[type] LIKE 'CR%')
     AND [dbp].[state] IN ('G','W')
   UNION ALL
   SELECT [dp].[principal_id], [dp].[name], [dp].[type_desc], [dp].[create_date], [p].[permission], [p].[name] [grant_through]
   FROM [sys].[database_principals] [dp]
   INNER JOIN [sys].[database_role_members] [rm] ON [rm].[member_principal_id] = [dp].[principal_id]
   INNER JOIN [explicit] [p] ON [p].[principal_id] = [rm].[role_principal_id]
   ),
[fixed] AS (
   SELECT [dp].[principal_id], [dp].[name], [dp].[type_desc], [dp].[create_date], [p].[name] [permission], CAST('' AS SYSNAME) [grant_through]
   FROM [sys].[database_principals] [dp]
   INNER JOIN [sys].[database_role_members] [rm] ON [rm].[member_principal_id] = [dp].[principal_id]
   INNER JOIN [sys].[database_principals] [p] ON [p].[principal_id] = [rm].[role_principal_id]
   WHERE [p].[name] IN ('db_owner','db_datareader','db_datawriter','db_ddladmin','db_securityadmin','db_accessadmin','dbmanager','loginmanager')
   UNION ALL
   SELECT [dp].[principal_id], [dp].[name], [dp].[type_desc], [dp].[create_date], [p].[permission], [p].[name] [grant_through]
   FROM [sys].[database_principals] [dp]
   INNER JOIN [sys].[database_role_members] [rm] ON [rm].[member_principal_id] = [dp].[principal_id]
   INNER JOIN [fixed] [p] ON [p].[principal_id] = [rm].[role_principal_id]
   )
SELECT DISTINCT DB_NAME() [database], [name] [username], [type_desc], [create_date], [permission], [grant_through]
  FROM [explicit]
 WHERE [type_desc] NOT IN ('DATABASE_ROLE')
UNION ALL
SELECT DISTINCT DB_NAME(), [name], [type_desc], [create_date], [permission], [grant_through]
  FROM [fixed]
 WHERE [type_desc] NOT IN ('DATABASE_ROLE')
ORDER BY 1, 2
OPTION(MAXRECURSION 10);

Delete User

-- DELETE/REMOVE USER
DROP USER readonlyuser;

Get All databases

-- LIST ALL DATABASES
select [name] as database_name,
    database_id,
    create_date
from sys.databases
order by name

Get all tables

-- LIST ALL TABLES
select schema_name(t.schema_id) as schema_name,
       t.name as table_name,
       t.create_date,
       t.modify_date
from sys.tables t
order by schema_name,
         table_name;

Describe Table columns

exec sp_columns Employee;

Delete All data on a table

truncate table Employee;

Get Sessions

exec sp_who2;

Docs