September 20, 2007 at 5:54 am
Hi all,
Can anyone explain me this
a)on database I create view like this:
create view dbo.v_test
as
select * from TableA
b)then I create a sql user named “Test” with public role to that DB and only this permission:
grant select on v_test to test
deny select on TableA to test
after that, when I log on with that user, I can’t "select * from TableA", but I CAN "select * from v_test" even I DENY select on that object!
I thought that deny override every grant?
September 20, 2007 at 7:08 am
The behaviour you're seeing is perfectly normal and intended. The DENY overruling andy over grants only applies to grants on the same object.
For example if your testuser is also memebr of a group or role which has been granted select permission on the table. When all memebrs of that role can select from the table , except testuser.
Markus
[font="Verdana"]Markus Bohse[/font]
Viewing 2 posts - 1 through 1 (of 1 total)
You must be logged in to reply to this topic. Login to reply