April 11, 2012 at 5:56 am
Hello!
I want to create user (test_user). This user has only these roles:
- execute all stored procedure
- create table
I use this script:
CREATE ROLE udb_user_role
GRANT EXECUTE TO udb_user_role
GRANT CREATE TABLE TO udb_user_role
GRANT ALTER ON SCHEMA::dbo TO udb_user_role
EXEC sp_addrolemember 'udb_user_role', 'test_user'
My problem: This user has DELETE table permission, DELETE procedure permission, etc.
Why? How to modify I my script?
April 11, 2012 at 8:05 am
This was removed by the editor as SPAM
April 12, 2012 at 1:08 am
I can't found only CREATE TABLE role for test_user, but I created this database trigger for my script.
CREATE TRIGGER
DDLTrigger_test_user_deny
ON DATABASE FOR
DROP_TABLE
,ALTER_TABLE
,CREATE_INDEX
,ALTER_INDEX
,DROP_INDEX
,CREATE_PROCEDURE
,ALTER_PROCEDURE
,DROP_PROCEDURE
,CREATE_FUNCTION
,ALTER_FUNCTION
,DROP_FUNCTION
,CREATE_VIEW
,ALTER_VIEW
,DROP_VIEW
,CREATE_TRIGGER
,ALTER_TRIGGER
,DROP_TRIGGER
AS
IF (SELECT SUSER_SNAME()) = 'test_user'
BEGIN
ROLLBACK
PRINT 'You do not have permission.'
END
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply