Rediger

Del via


sys.security_predicates (Transact-SQL)

Applies to: SQL Server 2016 (13.x) and later versions Azure SQL Database Azure SQL Managed Instance Azure Synapse Analytics SQL database in Microsoft Fabric

Returns a row for each security predicate in the database.

Column name Data type Description
object_id int ID of the security policy that contains this predicate.
security_predicate_id int Predicate ID within this security policy.
target_object_id int ID of the object on which the security predicate is bound.
predicate_definition nvarchar(max) Fully qualified name of the function that will be used as a security predicate, including the arguments. Note that the schema.function name may be normalized (i.e. escaped) as well as any other element in the text for consistency. For example:

[dbo].[fn_securitypredicate]([wing], [startTime], [endTime])
predicate_type int The type of predicate used by the security policy:

0 = FILTER PREDICATE

1 = BLOCK PREDICATE
predicate_type_desc nvarchar(60) The type of predicate used by the security policy:

FILTER

BLOCK
operation int The type of operation specified for the predicate:

NULL = all applicable operations

1 = AFTER INSERT

2 = AFTER UPDATE

3 = BEFORE UPDATE

4 = BEFORE DELETE
operation_desc nvarchar(60) The type of operation specified for the predicate:

NULL

AFTER INSERT

AFTER UPDATE

BEFORE UPDATE

BEFORE DELETE

Permissions

Principals with the ALTER ANY SECURITY POLICY permission have access to all objects in this catalog view as well as anyone with VIEW DEFINITION on the object.

See Also

Row-Level Security
sys.security_policies (Transact-SQL)
CREATE SECURITY POLICY (Transact-SQL)
Security Catalog Views (Transact-SQL)
Catalog Views (Transact-SQL)
Principals (Database Engine)