SQL Server：获取包含列级权限的用户的权限

Question

我发现以下非常有用的 SQL Server 代码可以获取 SQL Server 数据库中用户（此处为 testuser）的所有权限：

EXECUTE AS USER = 'DOMAIN\testuser'; 

-- Server rights
SELECT * FROM fn_my_permissions(NULL, 'SERVER');

-- Database rights
SELECT * FROM fn_my_permissions(NULL, 'DATABASE');

-- Specific per object rights
SELECT 
    T.TABLE_TYPE AS OBJECT_TYPE, T.TABLE_SCHEMA AS [SCHEMA_NAME], 
    T.TABLE_NAME AS [OBJECT_NAME], P.PERMISSION_NAME 
FROM 
    INFORMATION_SCHEMA.TABLES T
CROSS APPLY 
    fn_my_permissions(T.TABLE_SCHEMA + '.' + T.TABLE_NAME, 'OBJECT') P
WHERE 
    P.subentity_name = ''

UNION

SELECT 
    R.ROUTINE_TYPE AS OBJECT_TYPE, R.ROUTINE_SCHEMA AS [SCHEMA_NAME], 
    R.ROUTINE_NAME AS [OBJECT_NAME], P.PERMISSION_NAME
FROM 
    INFORMATION_SCHEMA.ROUTINES R
CROSS APPLY 
    fn_my_permissions(R.ROUTINE_SCHEMA + '.' + R.ROUTINE_NAME, 'OBJECT') P
ORDER BY 
    OBJECT_TYPE, [SCHEMA_NAME], [OBJECT_NAME], P.PERMISSION_NAME

REVERT;
GO

但我还需要此代码未显示的列级权限。

任何人都可以扩展代码，使其也返回列级权限吗？

非常感谢，

Answer 1

fn_my_permissions 中的 subentity_name 列应该可以满足您的需求。

-- Specific per object rigths
SELECT T.TABLE_TYPE AS OBJECT_TYPE, T.TABLE_SCHEMA AS [SCHEMA_NAME], T.TABLE_NAME AS [OBJECT_NAME], NULLIF(P.subentity_name, '') as COLUMN_NAME, P.PERMISSION_NAME FROM INFORMATION_SCHEMA.TABLES T
CROSS APPLY fn_my_permissions(T.TABLE_SCHEMA + '.' + T.TABLE_NAME, 'OBJECT') P
UNION
SELECT R.ROUTINE_TYPE AS OBJECT_TYPE, R.ROUTINE_SCHEMA AS [SCHEMA_NAME], R.ROUTINE_NAME AS [OBJECT_NAME], NULLIF(P.subentity_name, '') as COLUMN_NAME, P.PERMISSION_NAME
FROM INFORMATION_SCHEMA.ROUTINES R
CROSS APPLY fn_my_permissions(R.ROUTINE_SCHEMA + '.' + R.ROUTINE_NAME, 'OBJECT') P
ORDER BY OBJECT_TYPE, [SCHEMA_NAME], [OBJECT_NAME], COLUMN_NAME, P.PERMISSION_NAME