GRANT 端点权限 (Transact-SQL)GRANT Endpoint Permissions (Transact-SQL)

适用于:Applies to: 是SQL ServerSQL Server(所有支持的版本)yesSQL ServerSQL Server (all supported versions) 适用于:Applies to: 是SQL ServerSQL Server(所有支持的版本)yesSQL ServerSQL Server (all supported versions)

授予对端点的权限。Grants permissions on an endpoint.

主题链接图标 Transact-SQL 语法约定Topic link icon Transact-SQL Syntax Conventions

语法Syntax

GRANT permission  [ ,...n ] ON ENDPOINT :: endpoint_name  
        TO < server_principal >  [ ,...n ]  
    [ WITH GRANT OPTION ]  
    [ AS SQL_Server_login ]   
  
<server_principal> ::=   
        SQL_Server_login  
    | SQL_Server_login_from_Windows_login   
    | SQL_Server_login_from_certificate   
    | SQL_Server_login_from_AsymKey  

备注

若要查看 SQL Server 2014 及更早版本的 Transact-SQL 语法,请参阅早期版本文档To view Transact-SQL syntax for SQL Server 2014 and earlier, see Previous versions documentation.

参数Arguments

permissionpermission
指定可对端点授予的权限。Specifies a permission that can be granted on an endpoint. 有关权限的列表,请参阅本主题后面的“备注”部分。For a list of the permissions, see the Remarks section later in this topic.

ON ENDPOINT ::endpoint_nameON ENDPOINT ::endpoint_name
指定要授予对其的权限的端点。Specifies the endpoint on which the permission is being granted. 需要使用作用域限定符 (::)。The scope qualifier (::) is required.

TO <server_principal>TO <server_principal>
指定要对其授予权限的 SQL ServerSQL Server 登录名。Specifies the SQL ServerSQL Server login to which the permission is being granted.

SQL_Server_loginSQL_Server_login
指定 SQL ServerSQL Server 登录帐户的名称。Specifies the name of a SQL ServerSQL Server login.

SQL_Server_login_from_Windows_loginSQL_Server_login_from_Windows_login
指定通过 Windows 登录帐户创建的 SQL ServerSQL Server 登录帐户的名称。Specifies the name of a SQL ServerSQL Server login created from a Windows login.

SQL_Server_login_from_certificateSQL_Server_login_from_certificate
指定映射到证书的 SQL ServerSQL Server 登录帐户的名称。Specifies the name of a SQL ServerSQL Server login mapped to a certificate.

SQL_Server_login_from_AsymKeySQL_Server_login_from_AsymKey
指定映射到非对称密钥的 SQL ServerSQL Server 登录帐户的名称。Specifies the name of a SQL ServerSQL Server login mapped to an asymmetric key.

WITH GRANT OPTIONWITH GRANT OPTION
指示该主体还可以向其他主体授予所指定的权限。Indicates that the principal will also be given the ability to grant the specified permission to other principals.

AS SQL_Server_loginAS SQL_Server_login
指定执行此查询的主体要从哪个 SQL ServerSQL Server 登录名派生其授予该权限的权限。Specifies the SQL ServerSQL Server login from which the principal executing this query derives its right to grant the permission.

备注Remarks

只有在当前数据库为 master 时,才可授予其服务器作用域内的权限。Permissions at the server scope can be granted only when the current database is master.

可以在 sys.endpoints 目录视图中查看终结点的相关信息。Information about endpoints is visible in the sys.endpoints catalog view. 可以在 sys.server_permissions 目录视图中查看服务器权限的相关信息,在 sys.server_principals 目录视图中查看服务器主体的相关信息。Information about server permissions is visible in the sys.server_permissions catalog view, and information about server principals is visible in the sys.server_principals catalog view.

端点为服务器级安全对象。An endpoint is a server-level securable. 下表列出了可授予的对端点最为具体的限定权限,以及隐含这些权限的更为通用的权限。The most specific and limited permissions that can be granted on an endpoint are listed in the following table, together with the more general permissions that include them by implication.

端点权限Endpoint permission 端点权限隐含的权限Implied by endpoint permission 服务器权限隐含的权限Implied by server permission
ALTERALTER CONTROLCONTROL ALTER ANY ENDPOINTALTER ANY ENDPOINT
CONNECTCONNECT CONTROLCONTROL CONTROL SERVERCONTROL SERVER
CONTROLCONTROL CONTROLCONTROL CONTROL SERVERCONTROL SERVER
TAKE OWNERSHIPTAKE OWNERSHIP CONTROLCONTROL CONTROL SERVERCONTROL SERVER
VIEW DEFINITIONVIEW DEFINITION CONTROLCONTROL VIEW ANY DEFINITIONVIEW ANY DEFINITION

权限Permissions

需要对端点的 CONTROL 权限或对服务器的 ALTER ANY ENDPOINT 权限。Requires CONTROL permission on the endpoint or ALTER ANY ENDPOINT permission on the server.

示例Examples

A.A. 授予对端点的 VIEW DEFINITION 权限Granting VIEW DEFINITION permission on an endpoint

以下示例将对端点 VIEW DEFINITIONMirror7 权限授予 SQL ServerSQL Server 登录名 ZArifinThe following example grants VIEW DEFINITION permission on endpoint Mirror7 to SQL ServerSQL Server login ZArifin.

USE master;  
GRANT VIEW DEFINITION ON ENDPOINT::Mirror7 TO ZArifin;  
GO  

B.B. 使用 GRANT OPTION 授予 TAKE OWNERSHIP 权限Granting TAKE OWNERSHIP permission with the GRANT OPTION

以下示例使用 TAKE OWNERSHIP,将对端点 Shipping83PKomosinski 权限授予 SQL ServerSQL Server 用户 GRANT OPTIONThe following example grants TAKE OWNERSHIP permission on endpoint Shipping83 to SQL ServerSQL Server user PKomosinski with the GRANT OPTION.

USE master;  
GRANT TAKE OWNERSHIP ON ENDPOINT::Shipping83 TO PKomosinski   
    WITH GRANT OPTION;  
GO  

另请参阅See Also

DENY 终结点权限 (Transact-SQL) DENY Endpoint Permissions (Transact-SQL)
REVOKE 终结点权限 (Transact-SQL) REVOKE Endpoint Permissions (Transact-SQL)
CREATE ENDPOINT (Transact-SQL) CREATE ENDPOINT (Transact-SQL)
终结点目录视图 (Transact-SQL) Endpoints Catalog Views (Transact-SQL)
sys.endpoints (Transact-SQL) sys.endpoints (Transact-SQL)
权限(数据库引擎) Permissions (Database Engine)
主体(数据库引擎)Principals (Database Engine)