Solved

SQL 2005 Read Only Database Object Permissions

Posted on 2010-09-08
7
369 Views
Last Modified: 2012-05-10
I am looking for a way to allow my developers to be able to read table, stored procedure, view and function permissions without them being able to change them.  

I am thinking that I need to give them access to some of the system views, but I do not know which ones are needed for this.  db_securityadmin allows them to change permissions which they should not be able to do.
0
Comment
Question by:AaronRosema
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
7 Comments
 
LVL 17

Expert Comment

by:Chris Mangus
ID: 33631947
I don't know the exact system tables you need off the top of my head, but, I would create a custom view into the appropriate system table and grant your developers SELECT permission on the view you create.
0
 

Author Comment

by:AaronRosema
ID: 33730955
There is no way to do this without also being able to grant permissions.
0
The Ultimate Checklist to Optimize Your Website

Websites are getting bigger and complicated by the day. Video, images, custom fonts are all great for showcasing your product/service. But the price to pay in terms of reduced page load times and ultimately, decreased sales, can lead to some difficult decisions about what to cut.

 
LVL 17

Expert Comment

by:Chris Mangus
ID: 33733956
Disagree with poster.  It can be done and *is* done in many organizations.
0
 

Author Comment

by:AaronRosema
ID: 33734636
Then do you know how to do it?  If not, I will just delete the question since I am not getting a solution.
0
 
LVL 17

Expert Comment

by:Chris Mangus
ID: 33735329
I gave you enough info to be able to figure it out.  If you're unable to figure it out then I will create a view and send you the code.  You will need to be able to give SELECT permission to your developer group to the view.
0
 
LVL 17

Accepted Solution

by:
Chris Mangus earned 500 total points
ID: 33735626
Here's the code for a view.  Give your developers SELECT permission to the view you create.
SELECT su.name, OBJECT_NAME(sp.ID) As Object
		, CASE 
			WHEN sps.Action = 26	THEN 'REFERENCE'
			WHEN sps.Action = 178	THEN 'CREATE FUNCTION'
			WHEN sps.Action = 193	THEN 'SELECT'	
			WHEN sps.Action = 195	THEN 'INSERT'
			WHEN sps.Action = 196	THEN 'DELETE'
			WHEN sps.Action = 197	THEN 'UPDATE'
			WHEN sps.Action = 198	THEN 'CREATE TABLE'
			WHEN sps.Action = 203	THEN 'CREATE DATABASE'
			WHEN sps.Action = 207	THEN 'CREATE VIEW'
			WHEN sps.Action = 222 	THEN 'CREATE PROCEDURE'
			WHEN sps.Action = 224	THEN 'EXECUTE'
			WHEN sps.Action = 228	THEN 'BACKUP DATABASE'
			WHEN sps.Action = 233	THEN 'CREATE DEFAULT'
			WHEN sps.Action = 235	THEN 'BACKUP LOG'
			WHEN sps.Action = 236	THEN 'CREATE RULE'
			ELSE 'UNKNOWN'
		  END As Permission
  FROM	 syspermissions sp
 INNER JOIN sysusers su
	ON sp.grantee = su.uid
 INNER JOIN sysprotects sps
	ON su.uid = sps.uid AND sp.id = sps.id
Order By su.name

Open in new window

0

Featured Post

Salesforce Made Easy to Use

On-screen guidance at the moment of need enables you & your employees to focus on the core, you can now boost your adoption rates swiftly and simply with one easy tool.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article I will describe the Backup & Restore method as one possible migration process and I will add the extra tasks needed for an upgrade when and where is applied so it will cover all.
In this article we will get to know that how can we recover deleted data if it happens accidently. We really can recover deleted rows if we know the time when data is deleted by using the transaction log.
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question