Solved

SQL 2005 Read Only Database Object Permissions

Posted on 2010-09-08
7
361 Views
Last Modified: 2012-05-10
I am looking for a way to allow my developers to be able to read table, stored procedure, view and function permissions without them being able to change them.  

I am thinking that I need to give them access to some of the system views, but I do not know which ones are needed for this.  db_securityadmin allows them to change permissions which they should not be able to do.
0
Comment
Question by:AaronRosema
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
7 Comments
 
LVL 17

Expert Comment

by:Chris Mangus
ID: 33631947
I don't know the exact system tables you need off the top of my head, but, I would create a custom view into the appropriate system table and grant your developers SELECT permission on the view you create.
0
 
LVL 4

Expert Comment

by:MichaelMH
ID: 33635444
0
 

Author Comment

by:AaronRosema
ID: 33730955
There is no way to do this without also being able to grant permissions.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 17

Expert Comment

by:Chris Mangus
ID: 33733956
Disagree with poster.  It can be done and *is* done in many organizations.
0
 

Author Comment

by:AaronRosema
ID: 33734636
Then do you know how to do it?  If not, I will just delete the question since I am not getting a solution.
0
 
LVL 17

Expert Comment

by:Chris Mangus
ID: 33735329
I gave you enough info to be able to figure it out.  If you're unable to figure it out then I will create a view and send you the code.  You will need to be able to give SELECT permission to your developer group to the view.
0
 
LVL 17

Accepted Solution

by:
Chris Mangus earned 500 total points
ID: 33735626
Here's the code for a view.  Give your developers SELECT permission to the view you create.
SELECT su.name, OBJECT_NAME(sp.ID) As Object
		, CASE 
			WHEN sps.Action = 26	THEN 'REFERENCE'
			WHEN sps.Action = 178	THEN 'CREATE FUNCTION'
			WHEN sps.Action = 193	THEN 'SELECT'	
			WHEN sps.Action = 195	THEN 'INSERT'
			WHEN sps.Action = 196	THEN 'DELETE'
			WHEN sps.Action = 197	THEN 'UPDATE'
			WHEN sps.Action = 198	THEN 'CREATE TABLE'
			WHEN sps.Action = 203	THEN 'CREATE DATABASE'
			WHEN sps.Action = 207	THEN 'CREATE VIEW'
			WHEN sps.Action = 222 	THEN 'CREATE PROCEDURE'
			WHEN sps.Action = 224	THEN 'EXECUTE'
			WHEN sps.Action = 228	THEN 'BACKUP DATABASE'
			WHEN sps.Action = 233	THEN 'CREATE DEFAULT'
			WHEN sps.Action = 235	THEN 'BACKUP LOG'
			WHEN sps.Action = 236	THEN 'CREATE RULE'
			ELSE 'UNKNOWN'
		  END As Permission
  FROM	 syspermissions sp
 INNER JOIN sysusers su
	ON sp.grantee = su.uid
 INNER JOIN sysprotects sps
	ON su.uid = sps.uid AND sp.id = sps.id
Order By su.name

Open in new window

0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
spx for moving values to new table 5 76
sql Audit table 3 94
ISDATE() not working properly on my table? Any suggestions. 7 51
Addition to SQL for dynamic fields 6 61
This article will describe one method to parse a delimited string into a table of data.   Why would I do that you ask?  Let's say that you need to pass multiple parameters into a stored procedure to search for.  For our sake, we'll say that we wa…
I've encountered valid database schemas that do not have a primary key.  For example, I use LogParser from Microsoft to push IIS logs into a SQL database table for processing and analysis.  However, occasionally due to user error or a scheduled task…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question