数据库对象安全性 (Master Data Services)Database Object Security (Master Data Services)
适用于:Applies to: 
SQL ServerSQL Server(所有支持的版本)SQL ServerSQL Server (all supported versions) - 仅限 Windows Azure SQL 托管实例Azure SQL Managed InstanceAzure SQL 托管实例Azure SQL Managed Instance适用于:Applies to: SQL ServerSQL Server(所有支持的版本)SQL ServerSQL Server (all supported versions) - Windows only Azure SQL 托管实例Azure SQL Managed InstanceAzure SQL 托管实例Azure SQL Managed Instance
在 Master Data ServicesMaster Data Services 数据库中,数据存储在多个数据库表中并可以通过视图查看。In the Master Data ServicesMaster Data Services database, data is stored in multiple database tables and is visible in views. 您在 主数据管理器Master Data Manager Web 应用程序中受保护的信息对于具有 Master Data ServicesMaster Data Services 数据库访问权限的用户是可见的。Information that you might have secured in the 主数据管理器Master Data Manager Web application is visible to users with access to the Master Data ServicesMaster Data Services database.
例如,雇员薪金信息可能包含在 Employee 模型中,或公司财务信息可能包含在 Account 模型中。Specifically, employee salary information might be contained in an Employee model, or company financial information might be in an Account model. 您可以拒绝用户在 主数据管理器Master Data Manager 用户界面中访问这些模型,但是具有数据库访问权限的用户可以查看此数据。You can deny a user access to these models in the 主数据管理器Master Data Manager user interface, but users with access to the database can view this data.
您可以授予对数据库对象的权限以使特定数据对用户可用。You can grant permissions to database objects to make specific data available to users. 有关授予权限的详细信息,请参阅 GRANT 对象权限 (Transact-SQL)。For more information on granting permissions, see GRANT Object Permissions (Transact-SQL). 有关保护 SQL Server 的详细信息,请参阅 Securing SQL Server。For more information about securing SQL server, see Securing SQL Server.
以下任务需要访问 Master Data ServicesMaster Data Services 数据库:The following tasks require access to the Master Data ServicesMaster Data Services database:
临时处理数据Staging Data
在下表中,每个安全对象都将“name”作为名称的一部分。In the following table, each securable has "name" as part of the name. 这指示在创建实体时指定的临时表的名称。This indicates the name of the staging table that is specified when an entity is created. 有关详细信息,请参阅概述:导入表中数据 (Master Data Services)For more information, see Overview: Importing Data from Tables (Master Data Services)
| 操作Action | 安全对象Securables | 权限Permissions |
|---|---|---|
| 创建、更新和删除叶成员及其属性。Create, update, and delete leaf members and their attributes. | stg.name_Leafstg.name_Leaf | 必需:INSERTRequired: INSERT 可选:SELECT 和 UPDATEOptional: SELECT and UPDATE |
| 将数据从叶临时表加载到相应的 MDS 数据库表中。Load the data from the Leaf staging table into the appropriate MDS database tables. | stg.udp_name_Leafstg.udp_name_Leaf | EXECUTEEXECUTE |
| 创建、更新和删除合并成员及其属性。Create, update, and delete consolidated members and their attributes. | stg.name_Consolidatedstg.name_Consolidated | 必需:INSERTRequired: INSERT 可选:SELECT 和 UPDATEOptional: SELECT and UPDATE |
| 将数据从合并临时表加载到相应的 MDS 数据库表中。Load the data from the Consolidated staging table into the appropriate MDS database tables. | stg.udp_name_Consolidatedstg.udp_name_Consolidated | EXECUTEEXECUTE |
| 在一个显式层次结构中移动成员。Move members in an explicit hierarchy. | stg.name_Relationshipstg.name_Relationship | 必需:INSERTRequired: INSERT 可选:SELECT 和 UPDATEOptional: SELECT and UPDATE |
| 将数据从关系临时表加载到相应的 MDS 表中。Load the data from the Relationship staging table into the appropriate MDS tables. | stg.udp_name_Relationshipstg.udp_name_Relationship | EXECUTEEXECUTE |
| 查看在数据从临时表插入到 MDS 数据库表时发生的错误。View errors that occurred when data from the staging tables was being inserted into the MDS database tables. | stg.udp_name_Relationshipstg.udp_name_Relationship | SELECTSELECT |
有关详细信息,请参阅 概述:从表导入数据 (Master Data Services)。For more information, see Overview: Importing Data from Tables (Master Data Services).
根据业务规则对数据进行验证Validating Data Against Business Rules
| 操作Action | 安全对象Securable | 权限Permissions |
|---|---|---|
| 根据业务规则验证数据版本Validate a version of data against business rules | mdm.udpValidateModelmdm.udpValidateModel | EXECUTEEXECUTE |
有关详细信息,请参阅 验证存储过程 (Master Data Services)。For more information, see Validation Stored Procedure (Master Data Services).
删除版本Deleting Versions
| 操作Action | 安全对象Securables | 权限Permissions |
|---|---|---|
| 确定要删除的版本的 IDDetermine the ID of the version you want to delete | mdm.viw_SYSTEM_SCHEMA_VERSIONmdm.viw_SYSTEM_SCHEMA_VERSION | SELECTSELECT |
| 删除模型的版本Delete a version of a model | mdm.udpVersionDeletemdm.udpVersionDelete | EXECUTEEXECUTE |
有关详细信息,请参阅删除版本 (Master Data Services)。For more information, see Delete a Version (Master Data Services).
立即应用层次结构成员权限Immediately Applying Hierarchy Member Permissions
| 操作Action | 安全对象Securables | 权限Permissions |
|---|---|---|
| 立即应用成员权限Immediately apply member permissions | mdm.udpSecurityMemberProcessRebuildModelmdm.udpSecurityMemberProcessRebuildModel | EXECUTEEXECUTE |
有关详细信息,请参阅立即应用成员权限 (Master Data Services)。For more information, see Immediately Apply Member Permissions (Master Data Services).
配置系统设置Configuring System Settings
可以配置系统设置来控制 Master Data ServicesMaster Data Services中的行为。There are system settings that you can configure to control behavior in Master Data ServicesMaster Data Services. 可以在 Master Data Services 配置管理器Master Data Services Configuration Manager 中调整这些设置,或者如果具有 UPDATE 访问权限,可以直接在 mdm.tblSystemSetting 数据库表中调整这些设置。You can adjust these settings in Master Data Services 配置管理器Master Data Services Configuration Manager or if you have UPDATE access, you can adjust these settings directly in the mdm.tblSystemSetting database table. 有关详细信息,请参阅系统设置 (Master Data Services)。For more information, see System Settings (Master Data Services).