GRANT 端点权限 (Transact-SQL)GRANT Endpoint Permissions (Transact-SQL)
适用于:Applies to: 
SQL ServerSQL Server(所有支持的版本)SQL ServerSQL Server (all supported versions) 适用于:Applies to: SQL ServerSQL Server(所有支持的版本)SQL ServerSQL Server (all supported versions)
授予对端点的权限。Grants permissions on an endpoint.
Transact-SQL 语法约定 Transact-SQL Syntax Conventions
语法Syntax
GRANT permission [ ,...n ] ON ENDPOINT :: endpoint_name
TO < server_principal > [ ,...n ]
[ WITH GRANT OPTION ]
[ AS SQL_Server_login ]
<server_principal> ::=
SQL_Server_login
| SQL_Server_login_from_Windows_login
| SQL_Server_login_from_certificate
| SQL_Server_login_from_AsymKey
备注
若要查看 SQL Server 2014 及更早版本的 Transact-SQL 语法,请参阅早期版本文档。To view Transact-SQL syntax for SQL Server 2014 and earlier, see Previous versions documentation.
参数Arguments
permissionpermission
指定可对端点授予的权限。Specifies a permission that can be granted on an endpoint. 有关权限的列表,请参阅本主题后面的“备注”部分。For a list of the permissions, see the Remarks section later in this topic.
ON ENDPOINT ::endpoint_nameON ENDPOINT ::endpoint_name
指定要授予对其的权限的端点。Specifies the endpoint on which the permission is being granted. 需要使用作用域限定符 (::)。The scope qualifier (::) is required.
TO <server_principal>TO <server_principal>
指定要对其授予权限的 SQL ServerSQL Server 登录名。Specifies the SQL ServerSQL Server login to which the permission is being granted.
SQL_Server_loginSQL_Server_login
指定 SQL ServerSQL Server 登录帐户的名称。Specifies the name of a SQL ServerSQL Server login.
SQL_Server_login_from_Windows_loginSQL_Server_login_from_Windows_login
指定通过 Windows 登录帐户创建的 SQL ServerSQL Server 登录帐户的名称。Specifies the name of a SQL ServerSQL Server login created from a Windows login.
SQL_Server_login_from_certificateSQL_Server_login_from_certificate
指定映射到证书的 SQL ServerSQL Server 登录帐户的名称。Specifies the name of a SQL ServerSQL Server login mapped to a certificate.
SQL_Server_login_from_AsymKeySQL_Server_login_from_AsymKey
指定映射到非对称密钥的 SQL ServerSQL Server 登录帐户的名称。Specifies the name of a SQL ServerSQL Server login mapped to an asymmetric key.
WITH GRANT OPTIONWITH GRANT OPTION
指示该主体还可以向其他主体授予所指定的权限。Indicates that the principal will also be given the ability to grant the specified permission to other principals.
AS SQL_Server_loginAS SQL_Server_login
指定执行此查询的主体要从哪个 SQL ServerSQL Server 登录名派生其授予该权限的权限。Specifies the SQL ServerSQL Server login from which the principal executing this query derives its right to grant the permission.
备注Remarks
只有在当前数据库为 master 时,才可授予其服务器作用域内的权限。Permissions at the server scope can be granted only when the current database is master.
可以在 sys.endpoints 目录视图中查看终结点的相关信息。Information about endpoints is visible in the sys.endpoints catalog view. 可以在 sys.server_permissions 目录视图中查看服务器权限的相关信息,在 sys.server_principals 目录视图中查看服务器主体的相关信息。Information about server permissions is visible in the sys.server_permissions catalog view, and information about server principals is visible in the sys.server_principals catalog view.
端点为服务器级安全对象。An endpoint is a server-level securable. 下表列出了可授予的对端点最为具体的限定权限,以及隐含这些权限的更为通用的权限。The most specific and limited permissions that can be granted on an endpoint are listed in the following table, together with the more general permissions that include them by implication.
| 端点权限Endpoint permission | 端点权限隐含的权限Implied by endpoint permission | 服务器权限隐含的权限Implied by server permission |
|---|---|---|
| ALTERALTER | CONTROLCONTROL | ALTER ANY ENDPOINTALTER ANY ENDPOINT |
| CONNECTCONNECT | CONTROLCONTROL | CONTROL SERVERCONTROL SERVER |
| CONTROLCONTROL | CONTROLCONTROL | CONTROL SERVERCONTROL SERVER |
| TAKE OWNERSHIPTAKE OWNERSHIP | CONTROLCONTROL | CONTROL SERVERCONTROL SERVER |
| VIEW DEFINITIONVIEW DEFINITION | CONTROLCONTROL | VIEW ANY DEFINITIONVIEW ANY DEFINITION |
权限Permissions
需要对端点的 CONTROL 权限或对服务器的 ALTER ANY ENDPOINT 权限。Requires CONTROL permission on the endpoint or ALTER ANY ENDPOINT permission on the server.
示例Examples
A.A. 授予对端点的 VIEW DEFINITION 权限Granting VIEW DEFINITION permission on an endpoint
以下示例将对端点 VIEW DEFINITION 的 Mirror7 权限授予 SQL ServerSQL Server 登录名 ZArifin。The following example grants VIEW DEFINITION permission on endpoint Mirror7 to SQL ServerSQL Server login ZArifin.
USE master;
GRANT VIEW DEFINITION ON ENDPOINT::Mirror7 TO ZArifin;
GO
B.B. 使用 GRANT OPTION 授予 TAKE OWNERSHIP 权限Granting TAKE OWNERSHIP permission with the GRANT OPTION
以下示例使用 TAKE OWNERSHIP,将对端点 Shipping83 的 PKomosinski 权限授予 SQL ServerSQL Server 用户 GRANT OPTION。The following example grants TAKE OWNERSHIP permission on endpoint Shipping83 to SQL ServerSQL Server user PKomosinski with the GRANT OPTION.
USE master;
GRANT TAKE OWNERSHIP ON ENDPOINT::Shipping83 TO PKomosinski
WITH GRANT OPTION;
GO
另请参阅See Also
DENY 终结点权限 (Transact-SQL) DENY Endpoint Permissions (Transact-SQL)
REVOKE 终结点权限 (Transact-SQL) REVOKE Endpoint Permissions (Transact-SQL)
CREATE ENDPOINT (Transact-SQL) CREATE ENDPOINT (Transact-SQL)
终结点目录视图 (Transact-SQL) Endpoints Catalog Views (Transact-SQL)
sys.endpoints (Transact-SQL) sys.endpoints (Transact-SQL)
权限(数据库引擎) Permissions (Database Engine)
主体(数据库引擎)Principals (Database Engine)