Wednesday, December 14, 2016

ALL Database permissons 



user will already exist

SET NOCOUNT ON; 
SET TRANSACTION ISOLATION LEVEL READ UNCOMMITTED;


DECLARE @command nvarchar(4000), @database sysname, @counter int = 0;
      
      
IF OBJECT_ID('tempdb..#Permissions') IS NOT NULL DROP TABLE #Permissions;
CREATE TABLE #Permissions (DatabaseName sysname, ObjType nvarchar(50), SQLStmt nvarchar(4000));
      
IF OBJECT_ID('tempdb..#Databases') IS NOT NULL DROP TABLE #Databases;
CREATE TABLE #Databases (DB_Counter int, DatabaseName sysname);

INSERT #Databases (DB_Counter, DatabaseName)
SELECT 
    ROW_NUMBER() OVER (ORDER BY database_id) AS DB_Counter
 ,name AS DatabaseName
FROM sys.databases
WHERE state_desc = 'ONLINE' AND name NOT IN ('tempdb');
--SELECT * FROM #Databases

-- Loop through the databases
WHILE (SELECT MAX (DB_Counter) FROM #Databases ) > @counter
  BEGIN;
            SELECT @counter += 1;
            SELECT @database = QUOTENAME(DatabaseName) FROM  #Databases WHERE DB_Counter = @counter;


            -- Object Level Permissions
            SELECT
                @command = 'USE ' + @database + '; SELECT DB_NAME(), ''Object Level Permissions'', ''USE ' + @database + '; '' 
                + CASE WHEN perm.state <> ''W'' THEN perm.state_desc ELSE ''GRANT'' END + SPACE(1) + perm.permission_name + SPACE(1) + ''ON '' 
                + QUOTENAME(USER_NAME(obj.schema_id)) + ''.'' + QUOTENAME(obj.name) + CASE WHEN cl.column_id IS NULL THEN SPACE(0) ELSE ''('' + QUOTENAME(cl.name) + '')'' END    + SPACE(1) + ''TO'' + SPACE(1) 
                + QUOTENAME(USER_NAME(usr.principal_id)) COLLATE database_default 
                + CASE WHEN perm.state <> ''W'' THEN SPACE(0) ELSE SPACE(1) + ''WITH GRANT OPTION'' END + CHAR(10) + ''GO'' AS ''--Object Level Permissions''' + 'FROM sys.database_permissions AS perm    INNER JOIN sys.objects AS obj ON perm.major_id = obj.[object_id] INNER JOIN sys.database_principals AS usr ON perm.grantee_principal_id = usr.principal_id LEFT JOIN sys.columns AS cl ON cl.column_id = perm.minor_id AND cl.[object_id] = perm.major_id ORDER BY perm.permission_name ASC, perm.state_desc ASC;';
            PRINT @command;
            INSERT  INTO #Permissions EXEC (@command);
            
            
            -- Database Level Permissions
            SELECT
                @command = 'USE ' + @database + '; SELECT DB_NAME(), ''Database Level Permissions'',''USE ' + @database + '; '' +  CASE WHEN perm.state <> ''W'' THEN perm.state_desc ELSE ''GRANT'' END + SPACE(1) + perm.permission_name + SPACE(1)    + SPACE(1) + ''TO'' + SPACE(1) + QUOTENAME(USER_NAME(usr.principal_id)) COLLATE database_default + CASE WHEN perm.state <> ''W'' THEN SPACE(0) ELSE SPACE(1) + ''WITH GRANT OPTION'' END + CHAR(10) + ''GO'' AS ''--Database Level Permissions'' FROM sys.database_permissions AS perm INNER JOIN 
                sys.database_principals AS usr ON perm.grantee_principal_id = usr.principal_id WHERE perm.major_id = 0 ORDER BY perm.permission_name ASC, perm.state_desc ASC';
            PRINT @command;
            INSERT  INTO #Permissions EXEC (@command);


            -- Database Level Role Members
            SELECT
                @command = 'USE ' + @database + '; SELECT DB_NAME(), ''Database Level Role Members'',''USE ' + @database + '; '' +   ''EXEC sp_addrolemember @rolename ='' + SPACE(1) + QUOTENAME(usr1.name, '''') + '', @membername ='' + SPACE(1) + QUOTENAME(usr2.name, '''') + CHAR(10) + ''GO'' AS ''--Role Memberships'' FROM sys.database_principals AS usr1 INNER JOIN sys.database_role_members AS rm ON usr1.principal_id = rm.role_principal_id INNER JOIN sys.database_principals AS usr2 ON rm.member_principal_id = usr2.principal_id 
                ORDER BY rm.role_principal_id ASC';
            PRINT @command;
            INSERT  INTO #Permissions EXEC (@command);
  END;
        

        INSERT #Permissions (DatabaseName, ObjType, SQLStmt)
        -- Server Level Role Members 
    SELECT
       @@SERVERNAME
      ,'Server Level Role Members'
      ,'USE [master]; EXEC sp_addsrvrolemember @rolename =' + SPACE(1) + QUOTENAME(usr1.name, '''') + ', @loginame =' + SPACE(1) + QUOTENAME(usr2.name, '''') + CHAR(10) + 'GO' AS '--Role Memberships'
    FROM sys.server_principals AS usr1
    INNER JOIN sys.server_role_members AS rm ON usr1.principal_id = rm.role_principal_id
    INNER JOIN sys.server_principals AS usr2 ON rm.member_principal_id = usr2.principal_id
    ORDER BY rm.role_principal_id ASC;


        INSERT #Permissions (DatabaseName, ObjType, SQLStmt)
        -- Server Level Permissions 
    SELECT
       @@SERVERNAME
      ,'Server Level Permissions'
      ,'USE [master]; ' + server_permissions.state_desc COLLATE SQL_Latin1_General_CP1_CI_AS + ' ' + server_permissions.permission_name COLLATE SQL_Latin1_General_CP1_CI_AS + ' TO [' + server_principals.name COLLATE SQL_Latin1_General_CP1_CI_AS + ']; ' + CHAR(10) + 'GO' AS '--Server Level Permissions'
    FROM sys.server_permissions AS server_permissions WITH (NOLOCK)
    INNER JOIN sys.server_principals AS server_principals WITH (NOLOCK) ON server_permissions.grantee_principal_id = server_principals.principal_id
    WHERE server_principals.type IN ('S', 'U', 'G')
    ORDER BY server_principals.name ,server_permissions.state_desc ,server_permissions.permission_name;
 

-- Output
SELECT
   @@SERVERNAME AS ServerName
  ,DatabaseName
  ,ObjType
  ,SQLStmt
FROM #Permissions 
ORDER BY DatabaseName, ObjType;
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)