Answers:
这是我们的解决方案(相信我,它将完美地工作!)
在研究了如何存储执行报告的过程之后,我们发现每次运行作业时,SSISDB中的internal.executions表都会被更新。为了查看此运行的执行报告,我们需要运行以下内容:
EXEC SSISDB.catalog.grant_permission
@object_type = 4,
@object_id = @execution_id,
@principal_ID = 13,
@permission_type = 1;该存储过程将向角色/用户授予对数据库中对象的特定访问权限。@object_type表示您需要对哪种类型的对象具有权限(4表示操作);@object_id表示我们要访问的特定对象;@principal_ID表示谁想获得访问权限;Permission_type表示我们希望拥有哪种访问权限(1表示只读)。有关更多信息,请参考catalog.grant_permission(SSISDB数据库)
我们的目标是创建一个触发器,该触发器在每次运行作业时(即插入了internal.executions表),使用上述SP向角色授予对该操作信息的许可。
然后,让我们按照以下步骤设置执行报告查看权限:
创建一个用户后,触发器将被执行为。该用户应该能够在SSISDB中执行触发器,并有权访问SSIS目录。在我们的例子中,我们在SSISDB下赋予它db_owner角色和ssis_admin。
USE [master]
GO
CREATE LOGIN [ssis_job_viewer] FROM WINDOWS WITH DEFAULT_DATABASE=[master]
GO
USE [SSISDB]
GO
CREATE USER [ssis_job_viewer] FOR LOGIN [ssis_job_viewer]
GO
USE [SSISDB]
GO
ALTER ROLE [db_owner] ADD MEMBER [ssis_job_viewer]
GO
USE [SSISDB]
GO
ALTER ROLE [ssis_admin] ADD MEMBER [ssis_job_viewer]
GO创建一个角色[package_execution_viewer]。我们将在上面提到的存储过程中使用此角色。
USE [SSISDB]
GO
CREATE ROLE [package_execution_viewer]
GO将用户添加到[package_execution_viewer]
USE [SSISDB]
GO
ALTER ROLE [package_execution_viewer] ADD MEMBER [user1]
GO
USE [SSISDB]
GO
ALTER ROLE [package_execution_viewer] ADD MEMBER [user2]
GO获取package_execution_viewer角色的Principle_id。此ID也将在上述SP中使用。
SELECT * from sys.database_principals
GO创建触发器以授予package_execution_viewer权限
USE [SSISDB]
GO
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
CREATE TRIGGER [internal].[update_viewer_perms]
ON [internal].[executions]
WITH EXECUTE AS 'ssis_job_viewer'
AFTER INSERT
AS
declare @execution_id bigint
BEGIN
select @execution_id = execution_id from inserted
EXEC SSISDB.catalog.grant_permission
@object_type = 4,
@object_id = @execution_id,
@principal_ID = 13,
@permission_type = 1 **--Note the principal_id needs to be changed**
END
GO搞定。这样,我们可以让人们访问执行报告,而无需将其设置为ssis_admin。尝试一下并分享对本帖子的任何想法!
请注意,我不是安全人员...
除了ssis_adminSSISDB专用的角色外,没有其他预定义的数据库角色。这可以使人们完成SSIS的所有工作,但显然比支持人员应有的力量更多。
有两种模式,internal和catalog。目录是给我们的,最终用户可以与SSISDB进行交互,而内部目录则是一本很棒的手册
IST NICHTFÜRDER GEFINGERPOKEN和MITTENGRABEN!
我启动了探查器,并在单击执行报告和子报告时进行了观察。所有查询都是针对catalog架构的内联查询。模式中的proc和函数catalog似乎都与软件包的维护和管理有关,因此,如果您创建了一个角色,
您可以使用Martin的答案来授予对所有基于目录的视图的访问权限,但是由于我很懒,
我会尝试这样的事情。我创建一个名为的角色LookIt,向其添加我的成员,然后向他们授予对整个目录架构的SELECT权限
USE [SSISDB]
GO
CREATE ROLE [LookIt]
GO
USE [SSISDB]
GO
ALTER ROLE [LookIt] ADD MEMBER [MyPeople]
GO
use [SSISDB]
GO
GRANT SELECT ON SCHEMA::[catalog] TO [LookIt]
GO对于那些使用SQL Server 2016的人来说,他们感到非常高兴。新的SSIS角色将使非特权用户能够使用本机报告工具。该角色称为“ ssis_logreader授予该角色成员身份”将允许用户访问所有报告,而无需授予他们管理SSIS实例或整个服务器的能力。
非常简单... WHERE在这两个视图中注释掉该子句:
SSISDB.catalog.executions
SSISDB.catalog.event_messages做完了
catalog.event_messages通过注释WHERE子句来更改视图:
--WHERE opmsg.[operation_id] in (SELECT [id] FROM [internal].
--[current_user_readable_operations]) OR (IS_MEMBER('ssis_admin') = 1) OR
--(IS_SRVROLEMEMBER('sysadmin') = 1)对视图执行相同操作Catalog.executions。
我还没有遇到任何副作用,并且已经在PROD和QA环境中使用了3个月。
WHERE从SSISDB 注释掉这些视图中的子句:
SSISDB.catalog.executionsSSISDB.catalog.event_messagesSSISDB.Catalog.folders并提供对DB_READERSSISDB中用户/组的访问权限。在SQL 2012/2014中验证/验证
所以这是我最近几天遇到的一个问题,我必须说这篇文章确实有所帮助,尽管没有一个答案是真正有帮助的。
因此,如本帖子所述,我想授予访问权限以查看罐装的Integration Services Catalog报告,而不必在不需要它的环境中授予SSIS_admin角色。并感谢billinkc帮助我找到了答案。就像他说的那样,他们通过添加数据库角色来允许您执行我们想要的操作,从而在SQL 2016中解决了此问题。那给了我只复制SQL 2016在早期版本中所做的想法。所以这是你要做的:
OR (IS_MEMBER('ssis_logreader') = 1)在where子句中。[目录]。[操作]
[目录]。[operation_messages]
[目录]。[event_message_context]
[目录]。[event_messages]
[目录]。[executable_statistics]
[目录]。[可执行文件]
[目录]。[execution_component_phases]
[目录]。[execution_data_statistics]
[目录]。[execution_data_taps]
[目录]。[execution_parameter_values]
[目录]。[execution_property_override_values]
[目录]。[执行]
[目录]。[extended_operation_info]
[目录]。[operation_messages]
[目录]。[操作]
[目录]。[包装]
[目录]。[项目]
[目录]。[验证]
完成此操作后,它应该解决您的问题。
我还附加了一个脚本,该脚本将执行除最后一步以外的所有操作。请注意,它有将近700行
谢谢。
USE SSISDB
GO
CREATE ROLE [ssis_logreader]
GO
----------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[operations] Script Date: 10/5/2016 8:38:56 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[operations]
AS
SELECT [operation_id],
[operation_type],
[created_time],
[object_type],
[object_id],
[object_name],
[status],
[start_time],
[end_time],
[caller_sid],
[caller_name],
[process_id],
[stopped_by_sid],
[stopped_by_name],
[server_name],
[machine_name]
FROM internal.[operations]
WHERE [operation_id] in (SELECT [id] FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
-----------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[operation_messages] Script Date: 10/5/2016 8:38:32 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[operation_messages]
AS
SELECT [operation_message_id],
[operation_id],
[message_time],
[message_type],
[message_source_type],
[message],
[extended_info_id]
FROM [internal].[operation_messages]
WHERE [operation_id] in (SELECT [id] FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
-----------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[event_message_context] Script Date: 10/5/2016 8:12:27 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[event_message_context]
AS
SELECT [context_id],
[event_message_id],
[context_depth],
[package_path],
[context_type],
[context_source_name],
[context_source_id],
[property_name],
[property_value]
FROM [internal].[event_message_context]
WHERE [operation_id] IN (SELECT [id] FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
-----------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[event_messages] Script Date: 10/5/2016 8:13:44 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[event_messages]
AS
SELECT opmsg.[operation_message_id] AS [event_message_id],
opmsg.[operation_id],
opmsg.[message_time],
opmsg.[message_type],
opmsg.[message_source_type],
opmsg.[message],
opmsg.[extended_info_id],
eventmsg.[package_name],
eventmsg.[event_name],
message_source_name =
CASE
WHEN (opmsg.message_source_type = 10) THEN 'ISServerExec'
WHEN (opmsg.message_source_type = 20) THEN 'Transact-SQL stored procedure'
ELSE eventmsg.message_source_name
END,
eventmsg.[message_source_id],
eventmsg.[subcomponent_name],
eventmsg.[package_path],
eventmsg.[execution_path],
eventmsg.[threadID],
eventmsg.[message_code]
FROM [internal].[operation_messages] opmsg LEFT JOIN [internal].[event_messages] eventmsg
ON opmsg.[operation_message_id] = eventmsg.[event_message_id]
WHERE opmsg.[operation_id] IN (SELECT [id] FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
----------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[executable_statistics] Script Date: 10/5/2016 8:14:02 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[executable_statistics]
AS
SELECT [statistics_id],
[execution_id],
[executable_id],
[execution_path],
[start_time],
[end_time],
[execution_duration],
[execution_result],
[execution_value]
FROM [internal].[executable_statistics]
WHERE [execution_id] IN (SELECT id FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
----------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[executables] Script Date: 10/5/2016 8:14:22 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[executables]
AS
SELECT DISTINCT
execl.[executable_id],
execs.[execution_id],
execl.[executable_name],
execl.[executable_guid],
execl.[package_name],
execl.[package_path]
FROM ([internal].[executions] execs INNER JOIN [internal].[executable_statistics] stat
ON execs.[execution_id] = stat.[execution_id]) INNER JOIN [internal].[executables] execl
ON stat.[executable_id] = execl.[executable_id]
WHERE execs.[execution_id] IN (SELECT id FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
-------------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[execution_component_phases] Script Date: 10/5/2016 8:24:40 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[execution_component_phases]
AS
SELECT startPhase.[phase_stats_id] AS [phase_stats_id],
startPhase.[execution_id] AS [execution_id],
startPhase.[package_name] AS [package_name],
startPhase.[task_name] AS [task_name],
startPhase.[subcomponent_name] AS [subcomponent_name],
startPhase.[phase] AS [phase],
startPhase.[phase_time] AS [start_time],
endPhase.[phase_time] AS [end_time],
startPhase.[execution_path] AS [execution_path]
FROM [internal].[execution_component_phases] startPhase LEFT JOIN [internal].[execution_component_phases] endPhase
ON startPhase.[phase_stats_id] != endPhase.[phase_stats_id]
AND startPhase.[execution_id] = endPhase.[execution_id]
AND startPhase.[sequence_id] = endPhase.[sequence_id]
WHERE startPhase.[is_start] = 'True' AND (endPhase.[is_start] = 'False' OR endPhase.[is_start] IS NULL)
AND (startPhase.[execution_id] IN (SELECT [id] FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1))
OR (IS_MEMBER('ssis_logreader') = 1)
GO
--------------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[execution_data_statistics] Script Date: 10/5/2016 8:25:01 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[execution_data_statistics]
AS
SELECT [data_stats_id],
[execution_id],
[package_name],
[task_name],
[dataflow_path_id_string],
[dataflow_path_name],
[source_component_name],
[destination_component_name],
[rows_sent],
[created_time],
[execution_path]
FROM [internal].[execution_data_statistics]
WHERE [execution_id] IN (SELECT [id] FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
----------------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[execution_data_taps] Script Date: 10/5/2016 8:25:36 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[execution_data_taps]
AS
SELECT [data_tap_id],
[execution_id],
[package_path],
[dataflow_path_id_string],
[dataflow_task_guid],
[max_rows],
[filename]
FROM [internal].[execution_data_taps]
WHERE [execution_id] IN (SELECT [id] FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
--------------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[execution_parameter_values] Script Date: 10/5/2016 8:26:01 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[execution_parameter_values]
AS
SELECT [execution_parameter_id],
[execution_id],
[object_type],
[parameter_data_type],
[parameter_name],
[parameter_value],
[sensitive],
[required],
[value_set],
[runtime_override]
FROM [internal].[execution_parameter_values]
WHERE [execution_id] IN (SELECT [id] FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[execution_property_override_values] Script Date: 10/5/2016 8:26:24 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[execution_property_override_values]
AS
SELECT [property_id],
[execution_id],
[property_path],
[property_value],
[sensitive]
FROM [internal].[execution_property_override_values]
WHERE [execution_id] IN (SELECT [id] FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
--------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[executions] Script Date: 10/5/2016 8:26:52 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[executions]
AS
SELECT execs.[execution_id],
execs.[folder_name],
execs.[project_name],
execs.[package_name],
execs.[reference_id],
execs.[reference_type],
execs.[environment_folder_name],
execs.[environment_name],
execs.[project_lsn],
execs.[executed_as_sid],
execs.[executed_as_name],
execs.[use32bitruntime],
opers.[operation_type],
opers.[created_time],
opers.[object_type],
opers.[object_id],
opers.[status],
opers.[start_time],
opers.[end_time],
opers.[caller_sid],
opers.[caller_name],
opers.[process_id],
opers.[stopped_by_sid],
opers.[stopped_by_name],
opers.[operation_guid] AS [dump_id],
opers.[server_name],
opers.[machine_name],
ossysinfos.[total_physical_memory_kb],
ossysinfos.[available_physical_memory_kb],
ossysinfos.[total_page_file_kb],
ossysinfos.[available_page_file_kb],
ossysinfos.[cpu_count]
FROM [internal].[executions] execs INNER JOIN [internal].[operations] opers
ON execs.[execution_id]= opers.[operation_id]
LEFT JOIN [internal].[operation_os_sys_info] ossysinfos
ON ossysinfos.[operation_id]= execs.[execution_id]
WHERE opers.[operation_id] IN (SELECT id FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
--------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[extended_operation_info] Script Date: 10/5/2016 8:27:45 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[extended_operation_info]
AS
SELECT [info_id],
[operation_id],
[object_name],
[object_type],
[reference_id],
[status],
[start_time],
[end_time]
FROM [internal].[extended_operation_info]
WHERE [operation_id] IN (SELECT [id] FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
--------------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[operation_messages] Script Date: 10/5/2016 8:29:30 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[operation_messages]
AS
SELECT [operation_message_id],
[operation_id],
[message_time],
[message_type],
[message_source_type],
[message],
[extended_info_id]
FROM [internal].[operation_messages]
WHERE [operation_id] IN (SELECT [id] FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
-------------------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[operations] Script Date: 10/5/2016 8:29:55 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[operations]
AS
SELECT [operation_id],
[operation_type],
[created_time],
[object_type],
[object_id],
[object_name],
[status],
[start_time],
[end_time],
[caller_sid],
[caller_name],
[process_id],
[stopped_by_sid],
[stopped_by_name],
[server_name],
[machine_name]
FROM internal.[operations]
WHERE [operation_id] IN (SELECT [id] FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
----------------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[packages] Script Date: 10/5/2016 8:31:07 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[packages]
AS
SELECT pkgs.[package_id],
pkgs.[name],
pkgs.[package_guid],
pkgs.[description],
pkgs.[package_format_version],
pkgs.[version_major],
pkgs.[version_minor],
pkgs.[version_build],
pkgs.[version_comments],
pkgs.[version_guid],
pkgs.[project_id],
pkgs.[entry_point],
pkgs.[validation_status],
pkgs.[last_validation_time]
FROM [internal].[packages] pkgs INNER JOIN [internal].[projects] proj ON
(pkgs.[project_version_lsn] = proj.[object_version_lsn]
AND pkgs.[project_id] = proj.[project_id]) INNER JOIN
[internal].[object_versions] vers ON ( vers.[object_type] =20 AND
vers.[object_id] = proj.[project_id]
AND vers.[object_version_lsn] = proj.[object_version_lsn])
WHERE pkgs.[project_id] IN (SELECT [id] FROM [internal].[current_user_readable_projects])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
-------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[projects] Script Date: 10/5/2016 8:31:31 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[projects]
AS
SELECT proj.[project_id],
[internal].[folders].[folder_id],
proj.[name],
proj.[description],
proj.[project_format_version],
proj.[deployed_by_sid],
proj.[deployed_by_name],
proj.[last_deployed_time],
proj.[created_time],
proj.[object_version_lsn],
proj.[validation_status],
proj.[last_validation_time]
FROM [internal].[object_versions] ver INNER JOIN
[internal].[projects] proj ON (ver.[object_id] = proj.[project_id]
AND ver.[object_version_lsn] = proj.[object_version_lsn]) INNER JOIN
[internal].[folders] ON proj.[folder_id] = [internal].[folders].[folder_id]
WHERE (ver.[object_status] = 'C')
AND (ver.[object_type]= 20)
AND (
proj.[project_id] IN (SELECT [id] FROM [internal].[current_user_readable_projects])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
)
GO
-------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[validations] Script Date: 10/5/2016 8:31:54 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[validations]
AS
SELECT vals.[validation_id],
vals.[environment_scope],
vals.[validate_type],
vals.[folder_name],
vals.[project_name],
vals.[project_lsn],
vals.[use32bitruntime],
vals.[reference_id],
opers.[operation_type],
opers.[object_name],
opers.[object_type],
opers.[object_id],
opers.[start_time],
opers.[end_time],
opers.[status],
opers.[caller_sid],
opers.[caller_name],
opers.[process_id],
opers.[stopped_by_sid],
opers.[stopped_by_name],
opers.[operation_guid] AS [dump_id],
opers.[server_name],
opers.[machine_name]
FROM [internal].[validations] vals INNER JOIN [internal].[operations] opers
ON vals.[validation_id] = opers.[operation_id]
WHERE opers.[operation_id] IN (SELECT [id] FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
-------------------------------------------------------------------------------------------------------------------我遇到过同样的问题。在查看带下划线的查询之后,重点放在where子句。
WHERE opmsg.[operation_id] in (SELECT [id] FROM [internal]. [current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)当查询检查ssis_admin角色的成员身份时。我决定将report_reader角色授予ssis_admin数据库角色。
独立执行查询时,出现选择权限错误。因此,我授予角色对目录和内部架构的选择权限。
GRANT SELECT ON SCHEMA::[catalog] TO ssis_admin;
GRANT SELECT ON SCHEMA::[internal] TO ssis_admin;希望这对某人有帮助。
这解决了我的问题。我得到了Petemill66的修复,所以谢谢
使用SSISDB
在SCHEMA上进行GRANT SELECT :: [catalog] TO ssis_admin;
在SCHEMA上进行GRANT SELECT :: [internal] TO ssis_admin;
将SCHEMA :: [目录]更新为ssis_admin;
在SCHEMA :: [内部] GRANT更新到ssis_admin;