CREATE DATABASE DatabaseA;GOCREATE TABLE TableA ( ColumnA VARCHAR(255) )GOINSERT INTO TableA VALUES ('ABC');INSERT INTO TableA VALUES ('DEF');INSERT INTO TableA VALUES ('GHI');INSERT INTO TableA VALUES ('JKL');GRANT SELECT ON OBJECT::dbo.TableA TO [Test\TestUser];GOCREATE PROCEDURE spA @paramA VARCHAR(255)ASBEGIN EXEC('SELECT * FROM tableA WHERE ColumnA = ''' + @paramA + '''');ENDGOGRANT EXECUTE ON dbo.spA TO [Test\TestUser];
EXEC dbo.spA 'ABC'';DROP TABLE TableA;SELECT ''';
