堆栈内存溢出
  繁体   English   中英

Dynamics CRM 2011安全角色SQL查询

[英]Dynamics CRM 2011 Security Role SQL query

 原文  2014-08-08 10:47:38       sql/ dynamics-crm-2011/ crm

问题描述

我是Dynamics CRM的新手,我正在尝试从CRM的SQL后端导出安全角色,以创建每个安全角色的读取,写入,创建等权限的报告。 之前有人做过这个,因为CRM表格很模糊。

2 个解决方案

解决方案1
 9 已采纳  2014-08-08 10:55:21

以下将列出每个安全角色,与其相关的实体 - 特权和访问级别: 

SELECT  DISTINCT
        r.Name
        ,COALESCE(e.OriginalLocalizedName, e.Name) AS [EntityName]
        ,CASE p.AccessRight
             WHEN 32     THEN 'Create' /* or hex value 0x20*/
             WHEN 1      THEN 'Read'
             WHEN 2      THEN 'Write'
             WHEN 65536  THEN 'Delete' /* or hex value 0x10000*/
             WHEN 4      THEN 'Append'
             WHEN 16     THEN 'AppendTo'
             WHEN 524288 THEN 'Assign' /* or hex value 0x80000*/
             WHEN 262144 THEN 'Share' /* or hex value 0x40000*/
             ELSE 'None'
        END AS [Privilege]
        ,CASE (rp.PrivilegeDepthMask % 0x0F)
             WHEN 1 THEN 'User (Basic)'
             WHEN 2 THEN 'Business Unit (Local)'
             WHEN 4 THEN 'Parental (Deep)'
             WHEN 8 THEN 'Organization (Global)'
             ELSE 'Unknown'
        END AS [PrivilegeLevel]
        ,(rp.PrivilegeDepthMask % 0x0F) as [PrivilegeDepthMask]
        ,CASE WHEN e.IsCustomEntity = 1 THEN 'Yes' ELSE 'No' END AS [IsCustomEntity]
FROM    Role AS r
INNER   JOIN RolePrivileges AS rp 
        ON r.RoleId = rp.RoleId
INNER   JOIN Privilege AS p 
        ON rp.PrivilegeId = p.PrivilegeId
INNER   JOIN PrivilegeObjectTypeCodes AS potc 
        ON potc.PrivilegeId = p.PrivilegeId
INNER   JOIN MetadataSchema.Entity AS e
        ON e.ObjectTypeCode = potc.ObjectTypeCode
ORDER   BY r.Name, [EntityName]

解决方案2
 3  2016-12-12 11:58:16

以防有人发现自己在我的位置。 我接受了Donal的回答并进一步发展了它。 第一个查询将为您提供特定于实体的用户访问角色,类似于UI中的格式化。 但是,它不会打印UI中页面底部显示的麦克风权限,因为它们未链接到实体。 使用第二个查询来获取这些。 我添加了一个显示当前环境的列,这允许在CRM的不同实例之间进行快速比较。

有关实体的用户角色权限: 

With groupRights AS (

SELECT  DISTINCT
        [MSCRM_CONFIG].[dbo].[Organization].friendlyname AS Environment, 
        COALESCE(e.OriginalLocalizedName, e.Name) AS [Entity],
        r.Name as [Role],
        CASE p.AccessRight
             WHEN 32     THEN 'Create' /* or hex value 0x20*/
             WHEN 1      THEN 'Read'
             WHEN 2      THEN 'Write'
             WHEN 65536  THEN 'Delete' /* or hex value 0x10000*/
             WHEN 4      THEN 'Append'
             WHEN 16     THEN 'AppendTo'
             WHEN 524288 THEN 'Assign' /* or hex value 0x80000*/
             WHEN 262144 THEN 'Share' /* or hex value 0x40000*/
             ELSE 'None'
        END AS [Privilege]
        ,(rp.PrivilegeDepthMask % 0x0F) as [PrivilegeDepthMask]
        ,CASE WHEN e.IsCustomEntity = 1 THEN 'Yes' ELSE 'No' END AS [IsCustomEntity]
FROM    Role AS r
INNER   JOIN RolePrivileges AS rp 
        ON r.RoleId = rp.RoleId
INNER   JOIN Privilege AS p 
        ON rp.PrivilegeId = p.PrivilegeId
INNER   JOIN PrivilegeObjectTypeCodes AS potc 
        ON potc.PrivilegeId = p.PrivilegeId
INNER   JOIN MetadataSchema.Entity AS e
        ON e.ObjectTypeCode = potc.ObjectTypeCode
INNER   JOIN dbo.RoleBase 
        ON dbo.RoleBase.RoleId = rp.RoleId
INNER   JOIN [MSCRM_CONFIG].[dbo].[Organization] 
        ON dbo.RoleBase.OrganizationId = [MSCRM_CONFIG].[dbo].[Organization].Id
)
SELECT * FROM groupRights

PIVOT
(
    avg(PrivilegeDepthMask)
    FOR Privilege 
    IN ([Create], [Read], [Write], [Delete], [Append], [AppendTo], [Assign], [Share], [Error])
) p

ORDER   BY [Environment], [Entity], [Role]--, [PrivilegeLevel]

和MISC权利: 

SELECT  DISTINCT
        [MSCRM_CONFIG].[dbo].[Organization].friendlyname AS Environment, 
        r.Name as [Role],
        p.name as [Privilege Name],

        CASE p.AccessRight
             WHEN 32     THEN 'Create' /* or hex value 0x20*/
             WHEN 1      THEN 'Read'
             WHEN 2      THEN 'Write'
             WHEN 65536  THEN 'Delete' /* or hex value 0x10000*/
             WHEN 4      THEN 'Append'
             WHEN 16     THEN 'AppendTo'
             WHEN 524288 THEN 'Assign' /* or hex value 0x80000*/
             WHEN 262144 THEN 'Share' /* or hex value 0x40000*/
             ELSE 'None'
        END AS [Privilege]
        ,CASE (rp.PrivilegeDepthMask % 0x0F)
             WHEN 1 THEN 'User (Basic)'
             WHEN 2 THEN 'Business Unit (Local)'
             WHEN 4 THEN 'Parental (Deep)'
             WHEN 8 THEN 'Organization (Global)'
             ELSE 'Unknown'
        END AS [PrivilegeLevel]
        ,CASE WHEN e.IsCustomEntity = 1 THEN 'Yes' ELSE 'No' END AS [IsCustomEntity]
FROM    Role AS r
INNER   JOIN RolePrivileges AS rp 
        ON r.RoleId = rp.RoleId
Left outer JOIN Privilege AS p 
        ON rp.PrivilegeId = p.PrivilegeId
Left outer JOIN PrivilegeObjectTypeCodes AS potc 
        ON potc.PrivilegeId = p.PrivilegeId
Left outer JOIN MetadataSchema.Entity AS e
        ON e.ObjectTypeCode = potc.ObjectTypeCode
INNER   JOIN dbo.RoleBase 
        ON dbo.RoleBase.RoleId = rp.RoleId
INNER   JOIN [MSCRM_CONFIG].[dbo].[Organization] 
        ON dbo.RoleBase.OrganizationId = [MSCRM_CONFIG].[dbo].[Organization].Id

where e.OriginalLocalizedName is null
and e.Name is null

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 CRM Dynamics SQL查询 CRM 2011数据库查询 Dynamics CRM 2011自定义实体:创建与我的SQL Server外键和主键关系匹配的模型 CRM 2011-使用SQL查询检索选项集的文本吗? CRM 2011:LINQ查询未执行 使用Dynamics CRM的SQL报表时遇到问题 如何从SSRS报表在Dynamics CRM 2011中启动搜索 CRM 报表中的 SQL 查询 用于确定是否正在导入CRM 2011解决方案的SQL脚本 在CRM 2011 SQL中哪里可以找到帐户的所有活动
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM