Tuesday, January 5, 2010

create a permition script on Sql Script

GO
USE DatabaseName
GO

--~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
--REMOVE EXISTING SECURITY
EXEC sp_dropuser 'UnWantedLoginName'
GO

--~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
--ADD DB SECURITY
--Add Users--------------
if not exists (select * from dbo.sysusers where name = N'NewLoginName' and uid < 16382)
EXEC sp_grantdbaccess N'NewLoginName', N'NewLoginName'
GO
EXEC sp_addrole N'ro_NewLoginName', N'NewLoginName'
GO
--Add Members-------------
exec sp_addrolemember N'ro_NewLoginName', N'NewLoginName'
GO

--~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
--ADD OBJECT SECURITY
--Security for Tables-------------------
DECLARE ETables CURSOR
READ_ONLY
FOR SELECT Name
FROM dbo.sysobjects
WHERE OBJECTPROPERTY(id, N'IsTable') = 1
AND Name like 'tbl%' OR Name = 'EmployeeStatus' OR Name = 'Holidays' OR Name = 'UserGroup'
ORDER BY Name
DECLARE @name varchar(200)

OPEN ETables
FETCH NEXT FROM ETables INTO @name
WHILE (@@fetch_status <> -1)
BEGIN
IF (@@fetch_status <> -2)
BEGIN
DECLARE @sSQL nvarchar(4000)
SET @sSQL = 'GRANT SELECT ON [' + @name + '] TO ro_NewLoginName'
EXEC sp_ExecuteSQL @sSQL
END
FETCH NEXT FROM ETables INTO @name
END
CLOSE ETables
DEALLOCATE ETables

--Security for Views--------------
DECLARE EViews CURSOR
READ_ONLY
FOR SELECT Name
FROM dbo.sysobjects
WHERE OBJECTPROPERTY(id, N'IsView') = 1
AND Name not like 'sys%'
ORDER BY Name
OPEN EViews

FETCH NEXT FROM EViews INTO @name
WHILE (@@fetch_status <> -1)
BEGIN
IF (@@fetch_status <> -2)
BEGIN
SET @sSQL = 'GRANT SELECT ON [' + @name + '] TO ro_NewLoginName'
EXEC sp_ExecuteSQL @sSQL
END
FETCH NEXT FROM EViews INTO @name
END

CLOSE EViews
DEALLOCATE EViews

--Security for SP's
DECLARE ESps CURSOR
READ_ONLY
FOR SELECT Name FROM dbo.sysobjects
WHERE OBJECTPROPERTY(id, N'IsProcedure') = 1
AND (name like 'usp%') OR name = 'DeleteUser' OR name = 'GetAllUsers' OR name = 'AddUser' OR name = 'UpdateUser'
ORDER BY Name
OPEN ESps

FETCH NEXT FROM ESps INTO @name
WHILE (@@fetch_status <> -1)
BEGIN
IF (@@fetch_status <> -2)
BEGIN
SET @sSQL = 'GRANT EXECUTE ON [' + @name + '] TO ro_NewLoginName'
EXEC sp_ExecuteSQL @sSQL
END
FETCH NEXT FROM ESps INTO @name
END
CLOSE ESps
DEALLOCATE ESps

--Security for Scaler Functions-----------
DECLARE EFns CURSOR
READ_ONLY
FOR SELECT Name
FROM dbo.sysobjects
WHERE OBJECTPROPERTY(id, N'IsScalarFunction') = 1
ORDER BY Name

--DECLARE @name varchar(40)
OPEN EFns

FETCH NEXT FROM EFns INTO @name
WHILE (@@fetch_status <> -1)
BEGIN
IF (@@fetch_status <> -2)
BEGIN
SET @sSQL = 'GRANT EXECUTE ON [' + @name + '] TO ro_NewLoginName'
EXEC sp_ExecuteSQL @sSQL
END
FETCH NEXT FROM EFns INTO @name
END
CLOSE EFns
DEALLOCATE EFns
Posted by at No comments:
Subscribe to: Posts (Atom)