We should also grant to db_executor the EXECUTE permission for scalar functions.
It is interesting to note that:
- Inline Table-valued Functions have SELECT, INSERT, UPDATE and DELETE permissions
- Multi-statement Table-valued Functions have only the SELECT permission
- Scalar Functions have only the EXECUTE permission
Here is how I would write the SELECT statement for the cursor:
SELECT USER_NAME(uid) as Owner, [name] as StoredProcedure
FROM sysobjects so WHERE (xtype='P' or xtype='FN')
AND OBJECTPROPERTY([id], N'IsMSShipped')=0
AND [id] NOT IN (SELECT [id] FROM sysprotects sp
WHERE UID=USER_ID('db_executor') AND [action]=224)
Razvan