Wondering about autorization

  • It's like this: I have a login, which is db-user on MyDB. I have granted this user the roles datareader and datawriter via EM. It works, users can read & update data.

    Now I choose a table, choose properties and then permissions. I'm shown the public role and the db-user. The db-user has NO select, update, insert, delete permissions. I know the login receives those permissions via the databaseroles, but I would expect to see these permissions shown here. Do I miss something here?

    When I look at the db-role datareader a button with 'permissions' is greyd out. I am SA. Can this button be used in existing roles?

    Minor things, but I keep wondering about them.

    Greetz,
    Hans Brouwer

  • In the case you describe, the login itself has no permissions - permissions are granted only via the fixed database role.  Permissions will appear for the login only if you grant permissions to the login itself.

    Datareader and datawriter are fixed database roles and have pre-defined permissions.  The permissions button is grayed out because there is nothing to change - permissions are fixed.  If you need more granular permissions, create a custom database role and assign permissions as required.

Viewing 2 posts - 1 through 1 (of 1 total)

You must be logged in to reply to this topic. Login to reply