Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The Security Visualization Tool is a command-line utility to view and graphically depict security configurations. However, it is sometimes useful to view configurations as stored in the system. The SQL queries on this page enable a database administrator to view information about security configurations. Execute the queries from the EdFi_Security database.

View Permissions Under a Claim Set

Code Block
languagesql
USE EdFi_Security
GO

SELECT ClaimSets.ClaimSetName, ResourceClaims.DisplayName, Actions.ActionName
FROM ClaimSets
JOIN ClaimSetResourceClaimActions ON ClaimSetResourceClaimActions.ClaimSetId = ClaimSets.ClaimSetId
JOIN ResourceClaims ON ResourceClaims.ResourceClaimId = ClaimSetResourceClaimActions.ResourceClaimId
JOIN Actions ON Actions.ActionId = ClaimSetResourceClaimActions.ActionId

View Configured Authorization Strategies per Resource Claim 

Code Block
languagesql
USE EdFi_Security
GO

SELECT Actions.ActionName, AuthorizationStrategies.DisplayName AS AuthorizationName, ResourceClaims.ResourceName
FROM  ResourceClaimActions
JOIN ResourceClaims ON ResourceClaims.ResourceClaimId = ResourceClaimActions.ResourceClaimId
JOIN Actions ON Actions.ActionId = ResourceClaimActions.ActionId
JOIN ResourceClaimActionAuthorizationStrategies ON ResourceClaimActionAuthorizationStrategies.ResourceClaimActionId = ResourceClaimActions.ResourceClaimActionId
JOIN AuthorizationStrategies ON AuthorizationStrategies.AuthorizationStrategyId = ResourceClaimActionAuthorizationStrategies.AuthorizationStrategyId
ORDER BY ResourceClaims.ResourceClaimId   

View Configured Authorization Strategy Overrides per Claim Set 

Code Block
languagesql
USE EdFi_Security
GO 

SELECT Actions.ActionName, AuthorizationStrategies.DisplayName AS AuthorizationName,  ResourceClaims.DisplayName, ClaimSets.ClaimSetName
FROM ClaimSets
JOIN ClaimSetResourceClaimActions ON ClaimSetResourceClaimActions.ClaimSetId = ClaimSets.ClaimSetId
JOIN ClaimSetResourceClaimActionAuthorizationStrategyOverrides ON ClaimSetResourceClaimActionAuthorizationStrategyOverrides.ClaimSetResourceClaimActionId = ClaimSetResourceClaimActions.ClaimSetResourceClaimActionId
JOIN AuthorizationStrategies ON AuthorizationStrategies.AuthorizationStrategyId = ClaimSetResourceClaimActionAuthorizationStrategyOverrides.AuthorizationStrategyId
JOIN ResourceClaims ON ResourceClaims.ResourceClaimId = ClaimSetResourceClaimActions.ResourceClaimId
JOIN Actions ON Actions.ActionId = ClaimSetResourceClaimActions.ActionId
ORDER BY ClaimSets.ClaimSetId, ResourceClaims.ResourceClaimId

View Applications in Claim Sets 

Code Block
languagesql
USE EdFi_Security
GO

SELECT Apps.ApplicationName, Apps.ClaimSetName
FROM ClaimSets
JOIN EdFi_Admin.dbo.Applications Apps ON Apps.ClaimSetName = ClaimSets.ClaimSetName