Home Forums SQL Server 2005 Administering granting execute permissions to ALL stored procedure RE: granting execute permissions to ALL stored procedure

  • January 11, 2011 at 1:55 pm

    #1272086

    i think if you create a role, you can GRANT EXECUTE TO YOURROLE, but that grants execute on all functions as well.

    CREATE ROLE [ReallyReadOnly]

    GRANT EXECUTE TO [ReallyReadOnly]

    AFAIK granting permissions are two levels...you either grant access to everything, or you have to grant each object, one at a time...there;'s not any functionality to grant SELECT/UPDATE/DELETE/EXECUTE to say, just tables, or just views, or just procs...it's access to everything, or the hard way...a loop to do build/execute each statement for each object name.

    you can use the metadata like sys.objects to build the GRANT EXECUTE ON [EachObjectName] TO YOURROLE statements, but if you added a new proc, or dropped and recreated the proc, then you have to remember to re-add the permissions again.

    I wonder if you could build a DDL trigger that automatically added object names to some roles...

    Lowell

    --help us help you! If you post a question, make sure you include a CREATE TABLE... statement and INSERT INTO... statement into that table to give the volunteers here representative data. with your description of the problem, we can provide a tested, verifiable solution to your question! asking the question the right way gets you a tested answer the fastest way possible!