PrincipalObjectAccess (POA) table is an important table which holds all grants share on CRM objects. This is just for understanding purpose.

SELECT TOP 100

 [PrincipalObjectAccessId]

 ,[PrincipalId]

 ,[PrincipalTypeCode]

 ,[ObjectId]

 ,[ObjectTypeCode]

 ,[AccessRightsMask]

 ,[InheritedAccessRightsMask]

FROM

 [PrincipalObjectAccess] WITH (NOLOCK)

PrincipalObjectAccessId – The GUID of share record.
PrincipalId – The GUID of the User or Team receiving the Share.
PrincipalTypeCode – indicates whether it’s a User or Team. -- 8 user 9 team
ObjectId – The GUID of the specific object being shared.
ObjectTypeCode – The object type of the record being shared.
AccessRightsMask – This field stores the rights granted directly via the ‘Sharing’ dialog.
InheritedAccessRightsMask – The rights applied by the system through cascading or reassignment processes are stored in this field.

check microsoft queryto control this table data..

InheritedAccessRightsMask – The rights applied by the system through cascading or reassignment processes are stored in this field.

1 User

2 Business Unit

4 Parent: Child

8 Organization

Decoding the RightsMask Fields (AccessRightsMask and InheritedAccessRightsMask)

0               No permission
1                  Read
2                  Write
4                  Append
16                AppendTo
32                Create
65536           Delete
262144          Share
524288          Assign
134217728    Undocumented

for example 
852023 (1+2+4+16+32+65536+262144+524288) - ALL documneted permissions

Whenever a record is shared against a User or a Team, CRM will be tracking those entries in PincipalObjectAccess table and same will be queried using FilteredView.

FilteredAccount View part of code

or

[Account].[AccountId] in

(

select  POA.ObjectId from PrincipalObjectAccess POA

join SystemUserPrincipals sup (NOLOCK) on POA.PrincipalId = sup.PrincipalId

where sup.SystemUserId = u.SystemUserId and

POA.ObjectTypeCode = 1 and

((POA.AccessRightsMask | POA.InheritedAccessRightsMask) & 1)=1

)

---Get the total number of shared records

SELECT COUNT(0) FROM PrincipalObjectAccess

--Get the total number of shared records grouped by Entity

SELECT  EV.NAME AS [ENTITY NAME],COUNT(POA.OBJECTTYPECODE) AS [RECORDS COUNT]

FROM PRINCIPALOBJECTACCESS POA

INNER JOIN ENTITYLOGICALVIEW EV ON EV.OBJECTTYPECODE = POA.OBJECTTYPECODE

GROUP BY EV.NAME

ORDER BY 2 DESC

--Get the total number of shared records grouped by User

SELECT  SU.FULLNAME AS [USER NAME],COUNT(POA.OBJECTTYPECODE) AS [RECORDS COUNT]

FROM PRINCIPALOBJECTACCESS POA

INNER JOIN SYSTEMUSER SU ON POA.PRINCIPALID= SU.SYSTEMUSERID

GROUP BY SU.FULLNAME

ORDER BY 2 DESC

--Get the total number of shared records grouped by Entity and User

SELECT  SU.FULLNAME AS [USER NAME],EV.NAME AS [ENTITY NAME],COUNT(POA.OBJECTTYPECODE) AS [RECORDS COUNT]

FROM PRINCIPALOBJECTACCESS POA

INNER JOIN SYSTEMUSER SU ON POA.PRINCIPALID= SU.SYSTEMUSERID

INNER JOIN ENTITYLOGICALVIEW EV ON EV.OBJECTTYPECODE = POA.OBJECTTYPECODE

GROUP BY SU.FULLNAME,EV.NAME

ORDER BY 1

SELECT DISTINCT name, objecttypecode

FROM [CRMORGDB_MSCRM].[MetadataSchema].[Entity]

ORDER BY name ASC 

select distinct

       case

           when POA.[PrincipalTypeCode] = 8 then

               'User'

           when POA.[PrincipalTypeCode] = 9

                and TEAM.[TeamType] = 0 then

               'Owner Team'

           when POA.[PrincipalTypeCode] = 9

                and TEAM.[TeamType] = 1 then

               'Access Team'

           else

               'Other'

       end                                       as 'PrincipalType'

     , coalesce(USERID.[FirstName], TEAM.[Name]) as PrincipalName

     , POA.[ObjectTypeCode]

     , ENTITY.[OriginalLocalizedName]

     , POA.[ObjectId]

     , POA.[AccessRightsMask]

     , POA.[InheritedAccessRightsMask]

     , POA.[ChangedOn]

     , POA.[PrincipalTypeCode]

     , POA.[PrincipalId]

from KYGF_MSCRM.[dbo].[PrincipalObjectAccess]            as POA

    left outer join KYGF_MSCRM.[dbo].[SystemUserBase]    as USERID

        on POA.[PrincipalId] = USERID.[SystemUserId]

    left outer join KYGF_MSCRM.[dbo].[TeamBase]          as TEAM

        on POA.[PrincipalId] = TEAM.[TeamId]

    left outer join KYGF_MSCRM.[MetadataSchema].[Entity] as ENTITY

        on POA.[ObjectTypeCode] = ENTITY.[ObjectTypeCode]

where POA.[PrincipalTypeCode] in ( 8, 9 )

      and POA.[ObjectTypeCode] = 2

      and POA.ObjectId = 'C84FBA58-8CCB-DF11-9176-02BF0AC9DF07';

CRM PrincipalObjectAccess(POA)的更多相关文章

  1. How to control PrincipalObjectAccess table growth in Microsoft Dynamics CRM 2011

    https://support.microsoft.com/en-us/kb/2664150 How to control PrincipalObjectAccess table growth in ...

  2. Dynamic CRM 查询实体记录 被共享给了 哪个用户

    --客户表名"new_customer" SELECT u.FullName AS 被共享人,a.new_name AS 客户名称,sup.SystemUserid AS 共享人I ...

  3. crm查询记录共享给了哪些人

    有时候,我们须要查询一个记录.共享给了哪些人?怎么做? 第一种做法:是sql的方式 select * from PrincipalObjectAccess where objectid = '5226 ...

  4. Dynamics CRM查询实体共享给哪些人

    在mscrm中,如果想查询一条记录共享给了哪些人,需要用到PrincipalObjectAccess 表,sql如下: select u.FullName,a.RC_name,sup.SystemUs ...

  5. Dynamics 365 CE中AsyncOperationBase表记录太多,影响系统性能怎么办?

    微软动态CRM专家罗勇 ,回复311或者20190311可方便获取本文,同时可以在第一间得到我发布的最新博文信息,follow me!我的网站是 www.luoyong.me . 本文主要是根据微软官 ...

  6. 安装完成Dynamics 365 CE后别忘了更改维护作业的运行时间

    摘要: 微软动态CRM专家罗勇 ,回复309或者20190308可方便获取本文,同时可以在第一间得到我发布的最新博文信息,follow me!我的网站是 www.luoyong.me . 安装完毕Dy ...

  7. Dynamics 365 POA表记录的产生

    微软动态CRM专家罗勇 ,回复314或者20190311可方便获取本文,同时可以在第一间得到我发布的最新博文信息,follow me!我的网站是 www.luoyong.me . 前面的博文 Dyna ...

  8. Dynamics 365 POA表记录的查询

    微软动态CRM专家罗勇 ,回复313或者20190311可方便获取本文,同时可以在第一间得到我发布的最新博文信息,follow me!我的网站是 www.luoyong.me . PrincipalO ...

  9. Enterprise Solution 3.1 企业应用开发框架 .NET ERP/CRM/MIS 开发框架,C/S架构,SQL Server + ORM(LLBL Gen Pro) + Infragistics WinForms

    行业:基于数据库的制造行业管理软件,包含ERP.MRP.CRM.MIS.MES等企业管理软件 数据库平台:SQL Server 2005或以上 系统架构:C/S 开发技术 序号 领域 技术 1 数据库 ...

随机推荐

  1. 虚拟化之esxi命令行管理之二

    /vmfs # ls -l lrwxrwxrwx 1 root root 4 Mar 23 2013 devices -> /dev drwxr-xr-x 1 root root 512 Sep ...

  2. 运用cookie登陆人人网爬取数据

    浏览器访问WEB服务器的过程 在用户访问网页时,不论是通过URL输入域名或IP,还是点击链接,浏览器向WEB服务器发出了一个HTTP请求(Http Request),WEB服务器接收到客户端浏览器的请 ...

  3. 阅读layim代码小记,实现可以更改用户签名的方法

    用layim原版的时候发现,用户的签名是不能直接修改的,如下: 其实要改也很简单,查看一下源代码,然后加一个input进去,可是,加完之后是这样的: 没关系,给它一个样式,让它乖乖的“隐藏“起来. / ...

  4. C语言strlen函数和sizeof操作符

    字符'x'于字符串"x"的区别 'x' 属于基本类型(char)字符类型-----------------由1个字符组成('x') "x"属于派生类型(char ...

  5. SQL Server 2005 分区表创建实例

    --创建一个分区函数(默认为左边界)CREATE PARTITION FUNCTION PARTFUNC1(INT)AS RANGEFOR VALUES(1000,2000,3000,4000,500 ...

  6. Android 检测网络连接状态

    Android连接网络的时候,并不是每次都能连接到网络,因此在程序启动中需要对网络的状态进行判断,如果没有网络则提醒用户进行设置. 首先,要判断网络状态,需要有相应的权限,下面为权限代码(Androi ...

  7. MS CRM 2011的自定义和开发(11)——插件(plugin)开发(一)

    http://www.cnblogs.com/StoneGarden/archive/2012/02/02/2336147.html MS CRM 2011的自定义和开发(11)——插件(plugin ...

  8. C# Tips: 将 VS2012 / VS2013 的.sln文件、project文件转换成 VS2010格式

    原来有一些VS2013的工程文件(.sln..csproj),使用.Net 4.0.现需要将它们转换成VS2010格式. 经实验,办法如下: (1) 在Solution文件(.sln)中: 把文件头部 ...

  9. (转)textarea去掉右侧滚动条,去掉右下角拖拽

    本文转载自:http://blog.csdn.net/cctv_end/article/details/7946188 代码:  <TEXTAREA   style= "overflo ...

  10. Linux命令之at

    1.命令格式:at[参数][时间]2.命令功能:在一个指定的时间执行一个指定任务,只能执行一次,且需要开启atd进程(ps -ef | grep atd查看, 开启用/etc/init.d/atd s ...