| Author |
Messages |
|
Harvin Queen
 |
| 12/09/2002 3:57 PM |
 Quote
 Reply
 Alert
|
| I'm new to SQL Server 2000, so please forgive this question.
Everything I'm seeing about granting permissions in SQL is for granting permissions to users, user roles, and groups. Is there a way to set permissions on a TABLE so that users cannot directly access the table without going through a stored procedure?
If so, can someone please give some brief steps on how to do this?
Thank you |
|
|
|
|
Chip Andrews
|
| 12/09/2002 4:04 PM |
Quote
Reply
Alert
|
| Yes. In fact, when you are talking about granting permissions for a user/role, it is usually to a database object (such as a table). In order to prevent all users from being able to access a table, make sure that no select/update/delete access has been granted for that table to the public role. You will then need to grant access to the specific users that need it.
This is easily managed via the Enterprise Manager for new users (or lazy administrators - which I am)
|
|
|
|
|
R Crisan
|
| 12/30/2002 4:38 PM |
Quote
Reply
Alert
|
| Yes. Don't grant any permissions on tables or views to any users or roles. Then create stored procs as needed to handle selects, inserts, updates and deletes. Grant execute rights to these stored procs to the users and/or roles requiring the level of access the procs provide.
When you given execute rights to a proc, any user with those rights doesn't need separate permissions on the objects that proc acts on (assuming they are owned by the same user...).
Hope this helps. |
|
|
|
|
|