Jawaban:
Ini solusi kami (percayalah ini akan bekerja dengan sempurna!)
Setelah menyelidiki prosedur tentang bagaimana laporan eksekusi disimpan, kami menemukan bahwa setiap kali pekerjaan berjalan, tabel eksekusi internal di SSISDB akan diperbarui. Dan untuk melihat laporan eksekusi dari proses ini, kita perlu menjalankan sesuatu seperti di bawah ini:
EXEC SSISDB.catalog.grant_permission
@object_type = 4,
@object_id = @execution_id,
@principal_ID = 13,
@permission_type = 1;
Prosedur tersimpan ini akan memberikan peran / pengguna akses tertentu ke suatu objek dalam database. @object_type berarti pada jenis objek yang Anda butuhkan izin (operasi 4 berarti); @object_id berarti objek tertentu yang ingin kita akses; @principal_ID berarti siapa yang ingin mendapatkan akses; permit_type berarti jenis akses apa yang ingin kita miliki (1 berarti hanya baca). Untuk informasi lebih lanjut, silakan merujuk ke catalog.grant_permission (Database SSISDB)
Target kami adalah membuat pemicu bahwa setiap kali pekerjaan berjalan - artinya tabel internal.executions dimasukkan - menggunakan SP di atas untuk memberikan peran izin kepada informasi operasi itu.
Lalu, mari ikuti langkah-langkah di bawah ini untuk menyiapkan izin tampilan laporan eksekusi:
Buat pengguna pemicu akan dieksekusi sebagai. Pengguna ini harus dapat menjalankan pemicu di SSISDB dan memiliki akses ke Katalog SSIS. Dalam kasus kami, kami memberikannya peran db_owner dan ssis_admin di bawah SSISDB.
USE [master]
GO
CREATE LOGIN [ssis_job_viewer] FROM WINDOWS WITH DEFAULT_DATABASE=[master]
GO
USE [SSISDB]
GO
CREATE USER [ssis_job_viewer] FOR LOGIN [ssis_job_viewer]
GO
USE [SSISDB]
GO
ALTER ROLE [db_owner] ADD MEMBER [ssis_job_viewer]
GO
USE [SSISDB]
GO
ALTER ROLE [ssis_admin] ADD MEMBER [ssis_job_viewer]
GO
Buat peran [package_execution_viewer]. Peran ini akan digunakan dalam prosedur tersimpan yang kami sebutkan di atas.
USE [SSISDB]
GO
CREATE ROLE [package_execution_viewer]
GO
Tambahkan pengguna ke [package_execution_viewer]
USE [SSISDB]
GO
ALTER ROLE [package_execution_viewer] ADD MEMBER [user1]
GO
USE [SSISDB]
GO
ALTER ROLE [package_execution_viewer] ADD MEMBER [user2]
GO
Dapatkan peran principal_id dari package_execution_viewer. ID ini juga akan digunakan dalam SP di atas.
SELECT * from sys.database_principals
GO
Buat pemicu untuk memberikan izin bagi package_execution_viewer
USE [SSISDB]
GO
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
CREATE TRIGGER [internal].[update_viewer_perms]
ON [internal].[executions]
WITH EXECUTE AS 'ssis_job_viewer'
AFTER INSERT
AS
declare @execution_id bigint
BEGIN
select @execution_id = execution_id from inserted
EXEC SSISDB.catalog.grant_permission
@object_type = 4,
@object_id = @execution_id,
@principal_ID = 13,
@permission_type = 1 **--Note the principal_id needs to be changed**
END
GO
Siap. Dengan cara ini kita dapat membiarkan orang mengakses laporan eksekusi tanpa menjadikannya sebagai ssis_admin. Cobalah dan bagikan pemikiran apa pun ke pos ini!
Dengan peringatan bahwa saya bukan orang keamanan ...
Tidak ada peran basis data yang telah ditentukan selain ssis_adminyang khusus untuk SSISDB. Itu memungkinkan seseorang untuk melakukan semua hal SSIS tapi itu jelas lebih banyak kekuatan daripada yang seharusnya dimiliki orang yang mendukung.
Ada dua skema, internaldan catalog. Katalog dimaksudkan untuk kita, pengguna akhir untuk berinteraksi dengan SSISDB sementara internal adalah, mengutip manual yang bagus
IST NICHT UNTUK DER GEFINGERPOKEN UND MITTENGRABEN!
Saya menyalakan profiler dan menyaksikan ketika saya mengklik laporan eksekusi dan sub-laporan. Semua kueri adalah kueri in-line terhadap catalogskema. Procs dan fungsi yang ada dalam catalogskema semua tampaknya terkait dengan pemeliharaan dan administrasi paket jadi jika Anda membuat peran yang
Anda dapat menjalankan dengan jawaban Martin untuk memberikan akses ke semua tampilan berdasarkan katalog tetapi karena saya malas,
Saya akan mencoba sesuatu seperti ini. Saya Membuat peran yang disebut LookIt, menambahkan anggota saya ke dalamnya dan kemudian memberi mereka izin SELECT ke seluruh skema katalog
USE [SSISDB]
GO
CREATE ROLE [LookIt]
GO
USE [SSISDB]
GO
ALTER ROLE [LookIt] ADD MEMBER [MyPeople]
GO
use [SSISDB]
GO
GRANT SELECT ON SCHEMA::[catalog] TO [LookIt]
GO
Bersukacitalah, bagi Anda yang melihat SQL Server 2016. Ada peran SSIS baru yang akan memungkinkan pengguna yang tidak memiliki hak istimewa untuk menggunakan alat pelaporan asli. Peran itu disebut ssis_logreaderMemberi keanggotaan ke peran itu akan memungkinkan pengguna mengakses semua pelaporan tanpa memberi mereka kemampuan untuk mengelola instance SSIS atau seluruh server.
Sederhananya ... Komentari WHEREklausa dalam dua pandangan ini:
SSISDB.catalog.executions
SSISDB.catalog.event_messages
Selesai
Ubah tampilan catalog.event_messagesdengan mengomentari WHEREklausa:
--WHERE opmsg.[operation_id] in (SELECT [id] FROM [internal].
--[current_user_readable_operations]) OR (IS_MEMBER('ssis_admin') = 1) OR
--(IS_SRVROLEMEMBER('sysadmin') = 1)
Lakukan hal yang sama pada tampilan Catalog.executions.
Saya belum menemukan efek samping apa pun dan sudah menggunakannya selama 3 bulan di lingkungan PROD dan QA.
Mengomentari WHEREklausa dalam pandangan ini dari SSISDB:
SSISDB.catalog.executionsSSISDB.catalog.event_messagesSSISDB.Catalog.foldersdan memberikan DB_READERakses ke pengguna / grup di SSISDB. Divalidasi / Diverifikasi dalam SQL 2012/2014
Jadi ini adalah masalah yang saya temui selama beberapa hari terakhir, dan saya harus mengatakan posting ini benar-benar membantu, walaupun tidak ada jawaban yang benar-benar membantu.
Jadi seperti status pos ini, saya ingin memberikan akses untuk melihat laporan Katalog Layanan Integrasi kaleng, tanpa harus memberikan peran SSIS_admin dalam lingkungan yang tidak diperlukan. Dan terima kasih kepada billinkc karena membantu saya menemukan jawabannya. Seperti katanya, mereka memperbaiki masalah ini di SQL 2016 dengan menambahkan peran basis data yang memungkinkan Anda untuk melakukan apa yang kami inginkan. Itu memberi saya ide hanya menyalin apa yang SQL 2016 lakukan pada versi sebelumnya. Jadi inilah yang harus Anda lakukan:
OR (IS_MEMBER('ssis_logreader') = 1)dalam klausa di mana.[katalog]. [operasi]
[katalog]. [operasi_ pesan]
[katalog]. [event_message_context]
[katalog]. [event_messages]
[katalog]. [executable_statistics]
[katalog]. [executable]
[katalog]. [eksekusi_component_phases]
[katalog]. [eksekusi_ data_ statistik]
[katalog]. [eksekusi_data_taps]
[katalog]. [eksekusi_parameter_values]
[katalog]. [eksekusi_property_override_values]
[katalog]. [eksekusi]
[katalog]. [extended_operation_info]
[katalog]. [operasi_ pesan]
[katalog]. [operasi]
[katalog]. [paket]
[katalog]. [proyek]
[katalog]. [validasi]
Setelah Anda selesai melakukannya, itu harus mengurus masalah Anda.
Saya juga melampirkan skrip yang akan melakukan semua kecuali langkah terakhir. Berhati-hatilah, panjangnya hampir 700 baris
Terima kasih.
USE SSISDB
GO
CREATE ROLE [ssis_logreader]
GO
----------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[operations] Script Date: 10/5/2016 8:38:56 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[operations]
AS
SELECT [operation_id],
[operation_type],
[created_time],
[object_type],
[object_id],
[object_name],
[status],
[start_time],
[end_time],
[caller_sid],
[caller_name],
[process_id],
[stopped_by_sid],
[stopped_by_name],
[server_name],
[machine_name]
FROM internal.[operations]
WHERE [operation_id] in (SELECT [id] FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
-----------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[operation_messages] Script Date: 10/5/2016 8:38:32 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[operation_messages]
AS
SELECT [operation_message_id],
[operation_id],
[message_time],
[message_type],
[message_source_type],
[message],
[extended_info_id]
FROM [internal].[operation_messages]
WHERE [operation_id] in (SELECT [id] FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
-----------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[event_message_context] Script Date: 10/5/2016 8:12:27 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[event_message_context]
AS
SELECT [context_id],
[event_message_id],
[context_depth],
[package_path],
[context_type],
[context_source_name],
[context_source_id],
[property_name],
[property_value]
FROM [internal].[event_message_context]
WHERE [operation_id] IN (SELECT [id] FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
-----------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[event_messages] Script Date: 10/5/2016 8:13:44 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[event_messages]
AS
SELECT opmsg.[operation_message_id] AS [event_message_id],
opmsg.[operation_id],
opmsg.[message_time],
opmsg.[message_type],
opmsg.[message_source_type],
opmsg.[message],
opmsg.[extended_info_id],
eventmsg.[package_name],
eventmsg.[event_name],
message_source_name =
CASE
WHEN (opmsg.message_source_type = 10) THEN 'ISServerExec'
WHEN (opmsg.message_source_type = 20) THEN 'Transact-SQL stored procedure'
ELSE eventmsg.message_source_name
END,
eventmsg.[message_source_id],
eventmsg.[subcomponent_name],
eventmsg.[package_path],
eventmsg.[execution_path],
eventmsg.[threadID],
eventmsg.[message_code]
FROM [internal].[operation_messages] opmsg LEFT JOIN [internal].[event_messages] eventmsg
ON opmsg.[operation_message_id] = eventmsg.[event_message_id]
WHERE opmsg.[operation_id] IN (SELECT [id] FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
----------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[executable_statistics] Script Date: 10/5/2016 8:14:02 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[executable_statistics]
AS
SELECT [statistics_id],
[execution_id],
[executable_id],
[execution_path],
[start_time],
[end_time],
[execution_duration],
[execution_result],
[execution_value]
FROM [internal].[executable_statistics]
WHERE [execution_id] IN (SELECT id FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
----------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[executables] Script Date: 10/5/2016 8:14:22 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[executables]
AS
SELECT DISTINCT
execl.[executable_id],
execs.[execution_id],
execl.[executable_name],
execl.[executable_guid],
execl.[package_name],
execl.[package_path]
FROM ([internal].[executions] execs INNER JOIN [internal].[executable_statistics] stat
ON execs.[execution_id] = stat.[execution_id]) INNER JOIN [internal].[executables] execl
ON stat.[executable_id] = execl.[executable_id]
WHERE execs.[execution_id] IN (SELECT id FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
-------------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[execution_component_phases] Script Date: 10/5/2016 8:24:40 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[execution_component_phases]
AS
SELECT startPhase.[phase_stats_id] AS [phase_stats_id],
startPhase.[execution_id] AS [execution_id],
startPhase.[package_name] AS [package_name],
startPhase.[task_name] AS [task_name],
startPhase.[subcomponent_name] AS [subcomponent_name],
startPhase.[phase] AS [phase],
startPhase.[phase_time] AS [start_time],
endPhase.[phase_time] AS [end_time],
startPhase.[execution_path] AS [execution_path]
FROM [internal].[execution_component_phases] startPhase LEFT JOIN [internal].[execution_component_phases] endPhase
ON startPhase.[phase_stats_id] != endPhase.[phase_stats_id]
AND startPhase.[execution_id] = endPhase.[execution_id]
AND startPhase.[sequence_id] = endPhase.[sequence_id]
WHERE startPhase.[is_start] = 'True' AND (endPhase.[is_start] = 'False' OR endPhase.[is_start] IS NULL)
AND (startPhase.[execution_id] IN (SELECT [id] FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1))
OR (IS_MEMBER('ssis_logreader') = 1)
GO
--------------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[execution_data_statistics] Script Date: 10/5/2016 8:25:01 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[execution_data_statistics]
AS
SELECT [data_stats_id],
[execution_id],
[package_name],
[task_name],
[dataflow_path_id_string],
[dataflow_path_name],
[source_component_name],
[destination_component_name],
[rows_sent],
[created_time],
[execution_path]
FROM [internal].[execution_data_statistics]
WHERE [execution_id] IN (SELECT [id] FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
----------------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[execution_data_taps] Script Date: 10/5/2016 8:25:36 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[execution_data_taps]
AS
SELECT [data_tap_id],
[execution_id],
[package_path],
[dataflow_path_id_string],
[dataflow_task_guid],
[max_rows],
[filename]
FROM [internal].[execution_data_taps]
WHERE [execution_id] IN (SELECT [id] FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
--------------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[execution_parameter_values] Script Date: 10/5/2016 8:26:01 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[execution_parameter_values]
AS
SELECT [execution_parameter_id],
[execution_id],
[object_type],
[parameter_data_type],
[parameter_name],
[parameter_value],
[sensitive],
[required],
[value_set],
[runtime_override]
FROM [internal].[execution_parameter_values]
WHERE [execution_id] IN (SELECT [id] FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[execution_property_override_values] Script Date: 10/5/2016 8:26:24 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[execution_property_override_values]
AS
SELECT [property_id],
[execution_id],
[property_path],
[property_value],
[sensitive]
FROM [internal].[execution_property_override_values]
WHERE [execution_id] IN (SELECT [id] FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
--------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[executions] Script Date: 10/5/2016 8:26:52 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[executions]
AS
SELECT execs.[execution_id],
execs.[folder_name],
execs.[project_name],
execs.[package_name],
execs.[reference_id],
execs.[reference_type],
execs.[environment_folder_name],
execs.[environment_name],
execs.[project_lsn],
execs.[executed_as_sid],
execs.[executed_as_name],
execs.[use32bitruntime],
opers.[operation_type],
opers.[created_time],
opers.[object_type],
opers.[object_id],
opers.[status],
opers.[start_time],
opers.[end_time],
opers.[caller_sid],
opers.[caller_name],
opers.[process_id],
opers.[stopped_by_sid],
opers.[stopped_by_name],
opers.[operation_guid] AS [dump_id],
opers.[server_name],
opers.[machine_name],
ossysinfos.[total_physical_memory_kb],
ossysinfos.[available_physical_memory_kb],
ossysinfos.[total_page_file_kb],
ossysinfos.[available_page_file_kb],
ossysinfos.[cpu_count]
FROM [internal].[executions] execs INNER JOIN [internal].[operations] opers
ON execs.[execution_id]= opers.[operation_id]
LEFT JOIN [internal].[operation_os_sys_info] ossysinfos
ON ossysinfos.[operation_id]= execs.[execution_id]
WHERE opers.[operation_id] IN (SELECT id FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
--------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[extended_operation_info] Script Date: 10/5/2016 8:27:45 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[extended_operation_info]
AS
SELECT [info_id],
[operation_id],
[object_name],
[object_type],
[reference_id],
[status],
[start_time],
[end_time]
FROM [internal].[extended_operation_info]
WHERE [operation_id] IN (SELECT [id] FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
--------------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[operation_messages] Script Date: 10/5/2016 8:29:30 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[operation_messages]
AS
SELECT [operation_message_id],
[operation_id],
[message_time],
[message_type],
[message_source_type],
[message],
[extended_info_id]
FROM [internal].[operation_messages]
WHERE [operation_id] IN (SELECT [id] FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
-------------------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[operations] Script Date: 10/5/2016 8:29:55 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[operations]
AS
SELECT [operation_id],
[operation_type],
[created_time],
[object_type],
[object_id],
[object_name],
[status],
[start_time],
[end_time],
[caller_sid],
[caller_name],
[process_id],
[stopped_by_sid],
[stopped_by_name],
[server_name],
[machine_name]
FROM internal.[operations]
WHERE [operation_id] IN (SELECT [id] FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
----------------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[packages] Script Date: 10/5/2016 8:31:07 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[packages]
AS
SELECT pkgs.[package_id],
pkgs.[name],
pkgs.[package_guid],
pkgs.[description],
pkgs.[package_format_version],
pkgs.[version_major],
pkgs.[version_minor],
pkgs.[version_build],
pkgs.[version_comments],
pkgs.[version_guid],
pkgs.[project_id],
pkgs.[entry_point],
pkgs.[validation_status],
pkgs.[last_validation_time]
FROM [internal].[packages] pkgs INNER JOIN [internal].[projects] proj ON
(pkgs.[project_version_lsn] = proj.[object_version_lsn]
AND pkgs.[project_id] = proj.[project_id]) INNER JOIN
[internal].[object_versions] vers ON ( vers.[object_type] =20 AND
vers.[object_id] = proj.[project_id]
AND vers.[object_version_lsn] = proj.[object_version_lsn])
WHERE pkgs.[project_id] IN (SELECT [id] FROM [internal].[current_user_readable_projects])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
-------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[projects] Script Date: 10/5/2016 8:31:31 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[projects]
AS
SELECT proj.[project_id],
[internal].[folders].[folder_id],
proj.[name],
proj.[description],
proj.[project_format_version],
proj.[deployed_by_sid],
proj.[deployed_by_name],
proj.[last_deployed_time],
proj.[created_time],
proj.[object_version_lsn],
proj.[validation_status],
proj.[last_validation_time]
FROM [internal].[object_versions] ver INNER JOIN
[internal].[projects] proj ON (ver.[object_id] = proj.[project_id]
AND ver.[object_version_lsn] = proj.[object_version_lsn]) INNER JOIN
[internal].[folders] ON proj.[folder_id] = [internal].[folders].[folder_id]
WHERE (ver.[object_status] = 'C')
AND (ver.[object_type]= 20)
AND (
proj.[project_id] IN (SELECT [id] FROM [internal].[current_user_readable_projects])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
)
GO
-------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[validations] Script Date: 10/5/2016 8:31:54 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[validations]
AS
SELECT vals.[validation_id],
vals.[environment_scope],
vals.[validate_type],
vals.[folder_name],
vals.[project_name],
vals.[project_lsn],
vals.[use32bitruntime],
vals.[reference_id],
opers.[operation_type],
opers.[object_name],
opers.[object_type],
opers.[object_id],
opers.[start_time],
opers.[end_time],
opers.[status],
opers.[caller_sid],
opers.[caller_name],
opers.[process_id],
opers.[stopped_by_sid],
opers.[stopped_by_name],
opers.[operation_guid] AS [dump_id],
opers.[server_name],
opers.[machine_name]
FROM [internal].[validations] vals INNER JOIN [internal].[operations] opers
ON vals.[validation_id] = opers.[operation_id]
WHERE opers.[operation_id] IN (SELECT [id] FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
-------------------------------------------------------------------------------------------------------------------
Saya memiliki masalah yang sama. Setelah melihat permintaan yang digarisbawahi dengan fokus pada klausa di mana ..
WHERE opmsg.[operation_id] in (SELECT [id] FROM [internal]. [current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)Saat kueri memeriksa keanggotaan ke peran ssis_admin. Saya memutuskan untuk memberikan peran report_reader saya ke peran basis data ssis_admin.
Mengeksekusi kueri mandiri, saya diberi kesalahan izin pilih. Jadi, saya memberikan izin pilih peran untuk katalog dan skema internal.
GRANT SELECT ON SCHEMA::[catalog] TO ssis_admin;
GRANT SELECT ON SCHEMA::[internal] TO ssis_admin;Semoga ini bisa membantu seseorang.
Pada SQL Server 2014
Tampaknya ada solusi yang lebih sederhana.
Kamu sudah selesai.
Catatan: Saya telah menguji ini pada SQL Server 2014 dan berfungsi. Saya yakin ini akan berfungsi pada 2012 dan ke atas.
Ini memperbaiki masalah saya. Saya mendapat perbaikan dari Petemill66, jadi terima kasih
gunakan SSISDB
GRANT SELECT ON SCHEMA :: [katalog] TO ssis_admin;
GRANT SELECT ON SCHEMA :: [internal] TO ssis_admin;
PEMBERITAHUAN GRANT TENTANG SCHEMA :: [katalog] KE ssis_admin;
GRANT memperbarui PADA SCHEMA :: [internal] UNTUK ssis_admin;