PrincipalObjectAccess (POA) table is an important table which holds all grants share on CRM objects. This is just for understanding purpose.

SELECT TOP 100

 [PrincipalObjectAccessId]

 ,[PrincipalId]

 ,[PrincipalTypeCode]

 ,[ObjectId]

 ,[ObjectTypeCode]

 ,[AccessRightsMask]

 ,[InheritedAccessRightsMask]

FROM

 [PrincipalObjectAccess] WITH (NOLOCK)

PrincipalObjectAccessId – The GUID of share record.
PrincipalId – The GUID of the User or Team receiving the Share.
PrincipalTypeCode – indicates whether it’s a User or Team. -- 8 user 9 team
ObjectId – The GUID of the specific object being shared.
ObjectTypeCode – The object type of the record being shared.
AccessRightsMask – This field stores the rights granted directly via the ‘Sharing’ dialog.
InheritedAccessRightsMask – The rights applied by the system through cascading or reassignment processes are stored in this field.

check microsoft queryto control this table data..

InheritedAccessRightsMask – The rights applied by the system through cascading or reassignment processes are stored in this field.

1 User

2 Business Unit

4 Parent: Child

8 Organization

Decoding the RightsMask Fields (AccessRightsMask and InheritedAccessRightsMask)

0               No permission
1                  Read
2                  Write
4                  Append
16                AppendTo
32                Create
65536           Delete
262144          Share
524288          Assign
134217728    Undocumented

for example 
852023 (1+2+4+16+32+65536+262144+524288) - ALL documneted permissions

Whenever a record is shared against a User or a Team, CRM will be tracking those entries in PincipalObjectAccess table and same will be queried using FilteredView.

FilteredAccount View part of code

or

[Account].[AccountId] in

(

select  POA.ObjectId from PrincipalObjectAccess POA

join SystemUserPrincipals sup (NOLOCK) on POA.PrincipalId = sup.PrincipalId

where sup.SystemUserId = u.SystemUserId and

POA.ObjectTypeCode = 1 and

((POA.AccessRightsMask | POA.InheritedAccessRightsMask) & 1)=1

)

---Get the total number of shared records

SELECT COUNT(0) FROM PrincipalObjectAccess

--Get the total number of shared records grouped by Entity

SELECT  EV.NAME AS [ENTITY NAME],COUNT(POA.OBJECTTYPECODE) AS [RECORDS COUNT]

FROM PRINCIPALOBJECTACCESS POA

INNER JOIN ENTITYLOGICALVIEW EV ON EV.OBJECTTYPECODE = POA.OBJECTTYPECODE

GROUP BY EV.NAME

ORDER BY 2 DESC

--Get the total number of shared records grouped by User

SELECT  SU.FULLNAME AS [USER NAME],COUNT(POA.OBJECTTYPECODE) AS [RECORDS COUNT]

FROM PRINCIPALOBJECTACCESS POA

INNER JOIN SYSTEMUSER SU ON POA.PRINCIPALID= SU.SYSTEMUSERID

GROUP BY SU.FULLNAME

ORDER BY 2 DESC

--Get the total number of shared records grouped by Entity and User

SELECT  SU.FULLNAME AS [USER NAME],EV.NAME AS [ENTITY NAME],COUNT(POA.OBJECTTYPECODE) AS [RECORDS COUNT]

FROM PRINCIPALOBJECTACCESS POA

INNER JOIN SYSTEMUSER SU ON POA.PRINCIPALID= SU.SYSTEMUSERID

INNER JOIN ENTITYLOGICALVIEW EV ON EV.OBJECTTYPECODE = POA.OBJECTTYPECODE

GROUP BY SU.FULLNAME,EV.NAME

ORDER BY 1

SELECT DISTINCT name, objecttypecode

FROM [CRMORGDB_MSCRM].[MetadataSchema].[Entity]

ORDER BY name ASC 

select distinct

       case

           when POA.[PrincipalTypeCode] = 8 then

               'User'

           when POA.[PrincipalTypeCode] = 9

                and TEAM.[TeamType] = 0 then

               'Owner Team'

           when POA.[PrincipalTypeCode] = 9

                and TEAM.[TeamType] = 1 then

               'Access Team'

           else

               'Other'

       end                                       as 'PrincipalType'

     , coalesce(USERID.[FirstName], TEAM.[Name]) as PrincipalName

     , POA.[ObjectTypeCode]

     , ENTITY.[OriginalLocalizedName]

     , POA.[ObjectId]

     , POA.[AccessRightsMask]

     , POA.[InheritedAccessRightsMask]

     , POA.[ChangedOn]

     , POA.[PrincipalTypeCode]

     , POA.[PrincipalId]

from KYGF_MSCRM.[dbo].[PrincipalObjectAccess]            as POA

    left outer join KYGF_MSCRM.[dbo].[SystemUserBase]    as USERID

        on POA.[PrincipalId] = USERID.[SystemUserId]

    left outer join KYGF_MSCRM.[dbo].[TeamBase]          as TEAM

        on POA.[PrincipalId] = TEAM.[TeamId]

    left outer join KYGF_MSCRM.[MetadataSchema].[Entity] as ENTITY

        on POA.[ObjectTypeCode] = ENTITY.[ObjectTypeCode]

where POA.[PrincipalTypeCode] in ( 8, 9 )

      and POA.[ObjectTypeCode] = 2

      and POA.ObjectId = 'C84FBA58-8CCB-DF11-9176-02BF0AC9DF07';

CRM PrincipalObjectAccess(POA)的更多相关文章

  1. How to control PrincipalObjectAccess table growth in Microsoft Dynamics CRM 2011

    https://support.microsoft.com/en-us/kb/2664150 How to control PrincipalObjectAccess table growth in ...

  2. Dynamic CRM 查询实体记录 被共享给了 哪个用户

    --客户表名"new_customer" SELECT u.FullName AS 被共享人,a.new_name AS 客户名称,sup.SystemUserid AS 共享人I ...

  3. crm查询记录共享给了哪些人

    有时候,我们须要查询一个记录.共享给了哪些人?怎么做? 第一种做法:是sql的方式 select * from PrincipalObjectAccess where objectid = '5226 ...

  4. Dynamics CRM查询实体共享给哪些人

    在mscrm中,如果想查询一条记录共享给了哪些人,需要用到PrincipalObjectAccess 表,sql如下: select u.FullName,a.RC_name,sup.SystemUs ...

  5. Dynamics 365 CE中AsyncOperationBase表记录太多,影响系统性能怎么办?

    微软动态CRM专家罗勇 ,回复311或者20190311可方便获取本文,同时可以在第一间得到我发布的最新博文信息,follow me!我的网站是 www.luoyong.me . 本文主要是根据微软官 ...

  6. 安装完成Dynamics 365 CE后别忘了更改维护作业的运行时间

    摘要: 微软动态CRM专家罗勇 ,回复309或者20190308可方便获取本文,同时可以在第一间得到我发布的最新博文信息,follow me!我的网站是 www.luoyong.me . 安装完毕Dy ...

  7. Dynamics 365 POA表记录的产生

    微软动态CRM专家罗勇 ,回复314或者20190311可方便获取本文,同时可以在第一间得到我发布的最新博文信息,follow me!我的网站是 www.luoyong.me . 前面的博文 Dyna ...

  8. Dynamics 365 POA表记录的查询

    微软动态CRM专家罗勇 ,回复313或者20190311可方便获取本文,同时可以在第一间得到我发布的最新博文信息,follow me!我的网站是 www.luoyong.me . PrincipalO ...

  9. Enterprise Solution 3.1 企业应用开发框架 .NET ERP/CRM/MIS 开发框架,C/S架构,SQL Server + ORM(LLBL Gen Pro) + Infragistics WinForms

    行业:基于数据库的制造行业管理软件,包含ERP.MRP.CRM.MIS.MES等企业管理软件 数据库平台:SQL Server 2005或以上 系统架构:C/S 开发技术 序号 领域 技术 1 数据库 ...

随机推荐

  1. oracle的高可用与负载均衡

    浏览了一下Oracle官方的网页以及非官方的ppt,简单了解了一下Oracle提供的高可用方案.1. RACRAC,  Real Application Clusters多个Oracle服务器组成一个 ...

  2. OpenJudge计算概论-求分数序列和

    /*======================================================================== 求分数序列和 总时间限制: 1000ms 内存限制 ...

  3. OpenJudge计算概论-能被3,5,7整除的数

    /*===================================== 能被3,5,7整除的数 总时间限制: 1000ms 内存限制: 65536kB 描述 输入一个整数,判断它能否被3,5, ...

  4. wikioi 1076 排序 【这里含冒泡、选择、插入以及快排库函数的调用】

    /*=================================================================== 1076 排序 题目描述 Description 给出n和n ...

  5. 【转】JSONP跨域的原理解析

    JavaScript是一种在Web开发中经常使用的前端动态脚本技术.在JavaScript中,有一个很重要的安全性限制,被称为“Same-Origin Policy”(同源策略).这一策略对于Java ...

  6. android虚拟机(ROOT)权限

    自己找的一个比较好用的pc端安卓模拟器,蓝手指总所周知吧,这个是较高版本但不是最新的一个版本,关键是自带root功能,对于破解安卓存档类游戏还是有用的.安卓版本4.4.2 BlueStacks 0.9 ...

  7. Mdrill:来自阿里的多维快速查询工具

    mdrill是阿里妈妈-adhoc-海量数据多维自助即席查询平台下的一个子项目.旨在帮助用户在几秒到几十秒的时间内,分析百亿级别的任意维度组合的数据.mdrill是一个分布式的在线分析查询系统,基于h ...

  8. mysql sys table

    本文详细地介绍了MySQL 5.7新引入的sys schema.首先,本文概要地介绍了sys schema的作用和定位:其次,分别介绍了sys schema中的视图.函数和存储过程:接下来,通过两个例 ...

  9. hadoop(二):hdfs HA原理及安装

    早期的hadoop版本,NN是HDFS集群的单点故障点,每一个集群只有一个NN,如果这个机器或进程不可用,整个集群就无法使用.为了解决这个问题,出现了一堆针对HDFS HA的解决方案(如:Linux ...

  10. EnterpriseLibrary之Caching应用

    http://blog.csdn.net/linux7985/article/details/6239433 http://cache.baiducontent.com/c?m=9f65cb4a8c8 ...