How to Check Parameter is not null in sql server? - sql

I have a stored procedure. In this stored procedure I have to check that a particular parameter is not null. How can I do this? I wrote this:
ALTER PROCEDURE [dbo].[GetReelListings]
#locationUrlIdentifier VARCHAR(100)
AS
BEGIN
SET NOCOUNT ON;
declare #Sql varchar(max)=''
SET #Sql = 'SELECT CategoryName, CategoryUrlIdentifier, LocationUrlIdentifier, Directory.* FROM (SELECT ROW_NUMBER() OVER (PARTITION BY Category.Name ORDER BY CASE WHEN '''+ #locationUrlIdentifier + ''' = Location.UrlIdentifier THEN 1 ELSE CASE WHEN ''' + #locationUrlIdentifier + ''' IS NULL AND Directory.LocationId IS NULL THEN 0 ELSE 2 END END, Directory.SortOrder ) AS ''RowNo'', Category.Name AS CategoryName, Category.UrlIdentifier AS CategoryUrlIdentifier, dbo.Location.UrlIdentifier AS LocationUrlIdentifier, Directory.DirectoryId, CASE WHEN ''' + #locationUrlIdentifier + ''' = Location.UrlIdentifier THEN 1 ELSE CASE WHEN ''' + #locationUrlIdentifier + ''' IS NULL AND Directory.LocationId IS NULL THEN 0 ELSE 2 END END AS CategoryOrder FROM dbo.Directory INNER JOIN dbo.Category ON Directory.CategoryId = Category.CategoryId LEFT OUTER JOIN dbo.Location ON dbo.Directory.LocationId = location.Location_ID ) AS content INNER JOIN dbo.Directory ON content.DirectoryId = Directory.DirectoryId WHERE content.RowNo =1 '
if (#locationUrlIdentifier is null)
begin
SET #Sql = #Sql + ' and 1=1'
end
else
begin
SET #Sql = #Sql + ' and CategoryOrder = 1 '
end
print #SQl
EXECUTE (#Sql)
END
This will work in SQL but this will return a null Dataset in Codebehind.

Whenever you join strings and NULLs together, the result is NULL. By the time you're asking about whether the variable is NULL, you've already done this:
' + #locationUrlIdentifier + '
Several times. If it's NULL, so will #Sql be.
You might want to consider using COALESCE to replace the NULL with a suitable replacement (e.g. an empty string):
' + COALESCE(#locationUrlIdentifier,'') + '
You also still have a logic error on your final construction. If the variable is NULL, you'll have a where clause saying:
WHERE content.RowNo =1 1=1
Which isn't valid. I don't think you should be appending anything.
I'm also not clear on why you're doing this as dynamic SQL. The below seems to be an equivalent query which can be executed directly:
SELECT
CategoryName,
CategoryUrlIdentifier,
LocationUrlIdentifier,
Directory.*
FROM
(SELECT
ROW_NUMBER() OVER (
PARTITION BY Category.Name ORDER BY
CASE
WHEN #locationUrlIdentifier = Location.UrlIdentifier THEN 1
WHEN #locationUrlIdentifier IS NULL AND Directory.LocationId IS NULL THEN 0
ELSE 2
END,
Directory.SortOrder
) AS RowNo,
Category.Name AS CategoryName,
Category.UrlIdentifier AS CategoryUrlIdentifier,
dbo.Location.UrlIdentifier AS LocationUrlIdentifier,
Directory.DirectoryId,
CASE
WHEN #locationUrlIdentifier = Location.UrlIdentifier THEN 1
WHEN #locationUrlIdentifier IS NULL AND Directory.LocationId IS NULL THEN 0
ELSE 2
END AS CategoryOrder
FROM
dbo.Directory
INNER JOIN
dbo.Category
ON
Directory.CategoryId = Category.CategoryId
LEFT OUTER JOIN
dbo.Location
ON
dbo.Directory.LocationId = location.Location_ID
) AS content
INNER JOIN
dbo.Directory
ON
content.DirectoryId = Directory.DirectoryId
WHERE
content.RowNo =1 and
(#locationUrlIdentifier or CategoryOrder = 1)

You can do it just in ONE query:
Select Query ...where ...
and ((#locationUrlIdentifier is null) or (CategoryOrder = 1))

You can use NULLIF instead of IS NULL
Refer : Check if a parameter is null or empty in a stored procedure
http://msdn.microsoft.com/en-us/library/ms177562.aspx

Alternatively you can use ISNULL() check and then change the null to empty string
IF (ISNULL(#locationUrlIdentifier,'') = '')
OR even before this check you can use ISNULL() to convert from NULL to empty string if it persists to be a problem

Related

Concatenate query string in procedure having case statement with parameter

I need to append below select query set with another set query based on condition
DECLARE #queryString VARCHAR(1000);
-- Insert statements for procedure here
Set #queryString ='SELECT
CASE
WHEN d.sno IS NOT NULL THEN 'y'
ELSE NULL
END
amendment_type,
u.user_login_id [User],
role_name [Role],
u.user_name [Name],
a.companyname +':<br>('+b.branch+')' [Agent/Branch],
u.last_login_pc+'('+u.ip_address+')<br> Login Time: '+cast(u.last_login AS varchar(50)) [Last Login],
u.lock_status [Lock/Unlock],
CASE
WHEN u.lock_status='y' THEN 'Locked - '+ u.lock_by
WHEN datediff(d,u.last_login,getdate())>u.lock_days
AND isnull(u.lock_days,0)>0 THEN 'Locked - Day Exceed'
WHEN u.active_session IS NULL
AND isnull(u.lock_status,'n')='n' THEN 'Not Login'
ELSE 'Active'
END
[Status],
u.*,
a.agentcan,
b.branch,
b.branchcodechar,
NULL branchcan
FROM agentsub u
JOIN agentbranchdetail b
ON u.agent_branch_code=b.agent_branch_code
JOIN agentdetail a
ON b.agentcode=a.agentcode
LEFT OUTER JOIN application_role_agent_user r
ON u.user_login_id=r.user_id
LEFT OUTER JOIN application_role p
ON r.role_id=p.role_id
LEFT OUTER JOIN agentsub_amendment d
ON d.agent_user_id=u.agent_user_id
WHERE 1=1'
IF (#loginId !=null)
BEGIN
SET #queryString =#queryString + 'and u.user_login_id like ('+ #loginId +')'
END
SET #queryString =#queryString +'order by u.user_login_id,a.companyname,b.branch'
EXEC #queryString
First... Your query as it stands (via notepad++) is 1,731 characters, so it wont fit into a varchar(1000)
Second... You need to address some escaping issues with your query; e.g.
WHEN d.sno IS NOT NULL THEN 'y'
should probably be
WHEN d.sno IS NOT NULL THEN ''y''
Third... google/investigate sp_executesql and parameters
Finally... as #Panagiotis Kanavos says, Don't concatenate anything (see Third...); you need to look up "sql injection"
#uberbloke is correct regarding query length.
EXEC sp_executesql with multiple parameters link give you solution for dynamic query to pass parameter values.
Please check below updated query code.
DECLARE #queryString NVARCHAR(MAX);
-- Insert statements for procedure here
Set #queryString =
'SELECT
CASE
WHEN d.sno IS NOT NULL THEN ''y''
ELSE NULL
END
amendment_type,
u.user_login_id [User],
role_name [Role],
u.user_name [Name],
a.companyname + '':<br>('' + b.branch) [Agent/Branch],
u.last_login_pc + ''('' + u.ip_address + '')<br> Login Time: '' + cast(u.last_login AS varchar(50)) + '' [Last Login],
u.lock_status [Lock/Unlock],
CASE
WHEN u.lock_status = ''y'' THEN ''Locked - '' + u.lock_by
WHEN datediff(d,u.last_login,getdate()) > u.lock_days AND (u.lock_days,0) > 0 THEN ''Locked - Day Exceed''
WHEN u.active_session IS NULL AND isnull(u.lock_status,''n'') = ''n'' THEN ''Not Login''
ELSE ''Active''
END [Status],
u.*,
a.agentcan,
b.branch,
b.branchcodechar,
NULL branchcan
FROM agentsub u
JOIN agentbranchdetail b ON u.agent_branch_code = b.agent_branch_code
JOIN agentdetail a ON b.agentcode = a.agentcode
LEFT OUTER JOIN application_role_agent_user r ON u.user_login_id = r.user_id
LEFT OUTER JOIN application_role p ON r.role_id = p.role_id
LEFT OUTER JOIN agentsub_amendment d ON d.agent_user_id = u.agent_user_id
WHERE 1 = 1 '
IF (#loginId !=null)
BEGIN
SET #queryString = #queryString + 'and u.user_login_id like ('+ #loginId + ')'
END
SET #queryString = #queryString + ' order by u.user_login_id,a.companyname,b.branch'
EXEC sp_executesql #queryString
I am getting below error:

SQL Query filter with custom field

Below code are use to detect if there exist userid=1 followerid=2 AND userid=2 followerid=1, then the custom column 'bool' will return TRUE.
However, somehow i can't get rid the extra row.
Any better suggestion or recommendations are appreciated. Thank you.
SELECT DISTINCT a.id, a.userid, a.followerid,
CASE WHEN b.userid=a.followerid AND b.followerid=a.userid
THEN 'TRUE' ELSE 'FALSE' END AS bool
FROM tableUserfollow AS a, tableUserfollow AS b
where a.userid=1
tableUserFollow:
id userid followerid
1 1 2
2 3 4
3 1 4
4 5 1
5 2 1
The output result should be:
1 1 2 TRUE
3 1 4 FALSE
instead of this:
1 1 2 FALSE
1 1 2 TRUE
3 1 4 FALSE
If you want to know if the reciprocal relationship is present, then I think the simplest way is using a correlated subquery, left join, or outer apply:
select uf.*, coalesce(flag, 'FALSE') as
from tableUserfollow uf outer apply
(select 'TRUE' as flag
from tableUserfollow uf2
where uf2.userId = uf.followerId and uf2.follwerId = uf.userId
) f;
The join would look like:
select uf.*,
(case when uf2.userId is null then 'FALSE' else 'TRUE' end)
from tableUserfollow uf left join
tableUserfollow uf2
on uf2.userId = uf.followerId and uf2.follwerId = uf.userId
DECLARE #sql AS nvarchar(MAX);
DECLARE #Search AS nvarchar(MAX);
DECLARE #AllFiels Varchar(max);
DECLARE #FixedField Varchar(max);
SET #FixedField=( SELECT
ISNULL(( STUFF(
(
SELECT ', '+(a.value) FROM vwCustomColumns a
WHERE a.Name IN (SELECT items FROM dbo.Split(CustomReports.ReportFixedFields,',') )
FOR XML path('')
)
, 1,1,'')) ,'cR.ContractID [Contract ID]') FixedField
FROM CustomReports WHERE CustomReportId=#CustomReportId )
SET #AllFiels=#FixedField;
SET #sql ='SELECT count(*) OVER() AS Maxcount ,'+#AllFiels+'
FROM vwRequestLatest cR
INNER JOIN MasterUsers ON MasterUsers.UsersId = cR.Addedby
LEFT OUTER JOIN RequestTemplate cte ON cte.ContractTemplateId=cR.RequestTemplateId
LEFT OUTER JOIN CountryMaster co ON co.CountryId=cR.CountryId
ORDER BY
';
IF (#SortColumn = '')
BEGIN
IF (#Direction = 0)
SET #sql =#sql + ' cR.RequestId ASC '
ELSE
SET #sql =#sql + ' cR.RequestId DESC '
END
ELSE IF (#SortColumn = 'Request ID')
BEGIN
IF (#Direction = 0)
SET #sql =#sql + ' cR.RequestId ASC '
ELSE
SET #sql =#sql + ' cR.RequestId DESC '
END
SET #sql =#sql +'OFFSET ( '+CONVERT(VARCHAR(100),#PageNo)+' - 1 ) * '+CONVERT(VARCHAR(100),#RecordsPerPage)+' ROWS FETCH NEXT '+CONVERT(VARCHAR(100),#RecordsPerPage)+' ROWS ONLY'
EXEC(#sql);

Replace OR with dynamic sql or IF

Below consider below extract from a query:
FROM d_employee e
LEFT JOIN [dbo].[t_etl_employee] t
ON e.customer_nr = t.employee_nr
AND (t.dep_id = #dep_id OR #dep_id IS NULL)
Requirement is to replace "AND (t.dep_id = #dep_id OR #dep_id IS NULL)" in above query by dynamic sql or handle with IF statement but in any case OR should be avoided.
Thanks All! I will try to go ahead with COALESCE. Sorry to add a bit more to the question.
FROM d_employee e
LEFT JOIN [dbo].[t_etl_employee] t
ON e.customer_nr = t.employee_nr
AND (COALESCE(#dep_id, t.dep_id) =t.dep_id)
AND ( t.status = 0)
WHERE e.end_date = N'99991130'
AND (t.employee_nr IS NULL
OR t.employee_shortname <> e.employee_shortname
OR t.employee_description <> e.employee_description
OR t.employee_address_1 <> e.t.employee_address_1
OR t.nce_code <> e.nce_code
OR (t.rt_code IS NULL AND e.rt_code IS NOT NULL)
OR (t.rt_code IS NOT NULL AND e.rt_code IS NULL)
OR t.is_rated <> e.is_rated
OR t.is_default <> e.is_default
)
Additional requirement suggested is:
◾splitting the AND and OR statements in the where clause…… then left join could be INNER join for the OR statements (separate statement for left join and IS NULL check)…. not sure how will I split it? Any help is much appreciated.
Try COALESCE:
...
AND COALESCE(#dep_id, t.dep_id) = t.dep_id
I don't know what's wrong with your original query - but a dynamic-sql version of it would be this:
DECLARE #cmd NVARCHAR(MAX) = ''
DECLARE #dep_id TINYINT = NULL
SET #cmd = 'SELECT e.customer_nr
FROM d_employee e
LEFT JOIN [dbo].[t_etl_employee] t
ON e.customer_nr = t.employee_nr'
+ IIF(#dep_id IS NOT NULL,' AND t.dep_id = ' + CAST(#dep_id AS NVARCHAR(3)),'')
PRINT #cmd
EXECUTE sp_executesql #cmd

Using case statement to remove ISNULL's in my SQL query

declare #sSQL VARCHAR(2000)
SET sSQL='Select top 20 ID
FROM Prospects
WHERE p.StatusID not in (-1,2,4,5,6,7,8,9,12,13,14)'
+CASE WHEN #state IS NULL THEN '' ELSE CHAR(10) + 'AND P.State = '+ CHAR(39)+#State +CHAR(39) end
The above piece does not return any state value and I want to maintain the ISNULL functionality.
The original one was having the where clause like this -- 'p.State = IsNull(#State, p.State)'
There is no need to add query in varchar variable. You can achieve it without using any variable like this -
Solution-1:
SELECT TOP 20 ID
FROM Prospects
WHERE p.StatusID NOT IN (-1,2,4,5,6,7,8,9,12,13,14)
AND (
P.STATE = #State
OR #State IS NULL
)
Solution-2:
SELECT TOP 20 ID
FROM Prospects
WHERE p.StatusID NOT IN (-1,2,4,5,6,7,8,9,12,13,14)
AND P.STATE = COALESCE(#State, P.STATE)
Solution-3: Dynamic query (Which i always tried to avoid).
SET #sSQL = 'Select top 20 ID
FROM Prospects
WHERE p.StatusID not in (-1,2,4,5,6,7,8,9,12,13,14)' + (
CASE
WHEN #state IS NULL
THEN ''
ELSE ' AND P.State = ' + QUOTENAME(#State, '''')
END
)
Try leaving out the special characters and just using spaces instead and putting the value of #State in single quotes:
SET sSQL = 'Select top 20 ID
FROM Prospects
WHERE p.StatusID not in (-1,2,4,5,6,7,8,9,12,13,14)' +
(CASE WHEN #state IS NULL THEN '' ELSE ' AND P.State = ''' + #State + '''' end)
Alternatively, you could write this as:
SET sSQL = 'Select top 20 ID
FROM Prospects
WHERE p.StatusID not in (-1,2,4,5,6,7,8,9,12,13,14)' +
(CASE WHEN #state IS NULL THEN '' ELSE ' AND P.State = #State' end)
And execute the statement using sp_executesql rather than just exec.

The server principal "sa" is not able to access the database under the current security context

I believe there are many StackOverflow posts related to this error, but none seems to have a straightforward solution which I am looking for. I'll be thankful if anyone of you can look into this.
The issue: I am using a dynamic sql stored procedure which uses FundTransfer Database tables in cte expression and then joins with WebbnkDb database.
But, I run into the exception mentioned in the title above. Everything works fine if I remove WITH EXECUTE AS SELF command but unfortunately I can't get rid of it as it is used for some security reasons. Please suggest me solution in easy words.
USE [WebBank]
GO
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER PROCEDURE [dbo].[usp_naSearchV2_20131504]
#Debug BIT = 0,
#UserName varchar(50)=NULL, --This will be used to potentially limit the results per user & also for logging
#SSN char(9) = NULL,
#FName varchar(25) = NULL,
#LName varchar(30) = NULL,
#dtApplicationStart datetime = NULL,
#dtApplicationEnd datetime = NULL,
#CompanyName varchar(50) = NULL,
#DaysInTask int = NULL, --This will be how many days it's been in the current task...
#AcctNum varchar(11) = NULL,
#BranchNums varchar(1500) = NULL, --This will be passed to an IN. Don't enclose each in single quotes - for example, '45, 145, 1, 15'
#WorkflowID int = NULL, --1 = HSA, 2 = Personal, 3 = SEI
#OriginationID tinyint = NULL, --This comes from the Applicant record.
#QueueID int = NULL,
#TaskStageIDs varchar(500) = NULL, --Will be passed to an IN, so multiple TaskStageIDs can be passed.
#TaskIDs VARCHAR(1500)=NULL,
#DaysAged int = NULL, --Days since application was entered (not including time spent in approved/declined/open states)
#LastActivityStart datetime=NULL,
#LastActivityEnd datetime=NULL,
#SOAApplID int = NULL, --SEI ID
#Market VARCHAR(50) = NULL, --from luAffinityMarket
#IncludeSecondary bit=0,
#IncludeAliasName bit=0,
#EmailTypeIDs varchar(500) = NULL
WITH EXECUTE AS SELF --This is needed because we're using dynamic SQL & don't want to grant access to underlying tables.
AS
SET TRANSACTION ISOLATION LEVEL READ UNCOMMITTED
/*
** New Account - Search.
**
** This will be done in dynamic SQL. The reason is because when searching on multiple optional parameters,
** SQL cannot use indexes without using dynamic SQL. This makes the proc sssssslllllooooooooowwwwwwwwwww (when not using dynamic sql).
** See http://www.sommarskog.se/dyn-search-2005.html
**
** In addition to the basics (name, social, branch, product, "workflow"), also show Task, Queue, Check-Out info, etc
**
*/
/*
I have to create new version of this store procedure since we continue making changes to resolve helpdesk tickets and
for AOT Part 2. Some tables that we are going to use for AOT project part 2 will not be moved to production until 12/05/10.
New version will be called usp_naSearchV2 and will contain new tables for AOT Part 2
*/
--CAST(ROUND(ISNULL(cteAge.Age + 1, 0), 2) AS DECIMAL(8, 2)) AS DaysAged,
DECLARE #SQL nvarchar(max),#paramlist nvarchar(max)
DECLARE #SOASQL nvarchar(MAX)
SET #FName = '%' + #FName + '%'
SET #LName = '%' + #LName + '%'
SET #CompanyName = '%' + #CompanyName + '%'
SELECT #SQL = '
WITH
cteAutoApprove (AcctID, AutoApproved)
AS (
SELECT awt.AcctID, MIN(CAST(awt.autoEnter AS SMALLINT)) AS AutoApproved
FROM dbo.AccountWorkflowTask awt JOIN dbo.WorkflowTask wt ON awt.WorkflowTaskID = wt.WorkflowTaskID
WHERE (wt.TaskID IN (9, 17) AND ReasonIDExit = 1)
OR (wt.TaskID IN (209, 309, 409, 509, 609, 709, 809, 909) AND ReasonIDExit = 40)
--OR ReasonIDExit IN(216,202) OR ReasonIDEnter=215
or(wt.TaskID=201 and ReasonIDExit is NULL) GROUP BY awt.AcctID),
cteAge (AcctID, Age)
AS (SELECT AcctID, SUM(CASE WHEN t.TaskStageID IN (2, 3, 4) OR t.TaskID = 1 THEN 0 '--don''t count Pending Completion, Open, Approved, or Declined in age
+ 'ELSE DATEDIFF(minute, dtEnter, ISNULL(dtExit, GETDATE())) END) / 60 / 24.0 Age
FROM dbo.AccountWorkflowTask awt JOIN WorkflowTask wt ON awt.WorkflowTaskID = wt.WorkflowTaskID JOIN Task t ON wt.TaskID = t.TaskID
GROUP BY AcctID),
**cteFundingStatus(AcctID,FundingStatus,SourceAccountTypeDescription)
AS
(SELECT TransferStaging.AcctID,luTransferStatus.TransferStatusDesc, luAcctType.AcctTypeDesc from
FundsTransfer.dbo.TransferStaging
JOIN FundsTransfer.dbo.luTransferType ON luTransferType.TransferTypeID = TransferStaging.TransferTypeID
JOIN FundsTransfer.dbo.luAcctType ON luTransferType.SourceAcctTypeID = luAcctType.AcctTypeID
JOIN FundsTransfer.dbo.luTransferStatus ON luTransferStatus.TransferStatusID = TransferStaging.TransferStatusID),**
cteFulfillment(AcctID, Request, TemplateName)
AS
(SELECT ful.AcctID, CAST(Request AS NVARCHAR(max))Request, lt.TemplateName FROM dbo.fulfillment ful left join LetterRequest lr on lr.LetterID = ful.LetterID
LEFT JOIN luLetterTemplate lt ON lt.TemplateID = lr.TemplateID
WHERE (Request IS NOT NULL OR ful.LetterID IS NOT NULL) AND FulfillmentID=(SELECT MAX(FulfillmentID) FROM fulfillment sub WHERE ful.AcctID=sub.AcctID AND (Request IS NOT NULL OR LetterID IS NOT NULL)) ),
cteNote(AcctID,userEntered,dtEntered,Note,NoteReasonDesc,ReasonCode,NoteReasonID)
as
(SELECT AcctID,userEntered,dtEntered,Note,NoteReasonDesc,ReasonCode,n.NoteReasonID FROM note n JOIN
dbo.luNoteReason lu ON lu.NoteReasonID=n.NoteReasonID WHERE '
IF #EmailTypeIDs IS NOT NULL
SELECT #SQL=#SQL+' n.NoteReasonID IN (' + #EmailTypeIDs + ') AND '
SELECT #SQL=#SQL+ ' dtEntered=(SELECT MAX(dtEntered)FROM note sub WHERE sub.AcctId=n.AcctID '
IF #EmailTypeIDs IS NOT NULL
SELECT #SQL=#SQL+ ' AND sub.NoteReasonID IN (' + #EmailTypeIDs + ')'
SELECT #SQL=#SQL+')) '
SELECT #SQL=#SQL+'SELECT a.ApplID, acct.AcctID, acct.dtApplication, ai.FName, ai.MName, ai.LName, ai.SSN, a.Email, ao.CompanyName,'
SELECT #SQL=#SQL+'ao.DBAName, ao.TaxID, acct.AcctNum, acct.AcctAffinityNum, luA.AffinityNum, luA.AffinityName, t.TaskDesc, awt.dtEnter,'
SELECT #SQL=#SQL+'DATEDIFF(day, awt.dtEnter, GETDATE()) + 1 DaysInTask, q.QueueDesc, w.WorkflowID, w.WorkflowDesc,'
SELECT #SQL=#SQL+'luO.OriginationID, luO.OriginationDesc, aco.dtCheckOut, aco.UserCheckOut, aco.GUIDCheckout, lts.TaskStageDesc,'
SELECT #SQL=#SQL+'DATEDIFF(day, acct.dtApplication, GETDATE()) + 1 DaysAgedOld,CAST(ROUND(ISNULL(cteAge.Age + 1, 0), 2) AS int) AS DaysAged,'
SELECT #SQL=#SQL+'asa.SOAApplID, case when (w.WorkflowID=1 and luO.OriginationID=4) then ''Low''when luO.OriginationID=9 then ''Low'''
SELECT #SQL=#SQL+'else''High'' end as RiskType, awt.userEnter, awt.dtEnter, case when cteAutoApprove.AutoApproved=1 then ''Automated'''
SELECT #SQL=#SQL+'when cteAutoApprove.AutoApproved=0 then ''Manual'' else '''' end as DecisionType,acctLam.Market,ful.Request,ful.TemplateName,fun.SourceAccountTypeDescription,fun.FundingStatus, acct.BrokerCode,
COALESCE(ai.SSN, ao.TAXID) as TIN, case when bup.BusPurposeDesc like ''%Other%'' then ao.BusPurposeOther else bup.BusPurposeDesc end as BusPurpose
,note.Note,note.NoteReasonDesc,note.ReasonCode,aa.RelationshipCode,luRel.RelationshipCodeDesc, Addr.Address1, Addr.Address2, Addr.City, Addr.State, Addr.Zip FROM dbo.Applicant a JOIN dbo.APPLICANTACCOUNT aa ON a.ApplID = aa.ApplID '
IF #IncludeSecondary=0
SELECT #SQL=#SQL+' AND aa.RelationshipCode = ''000'' '
SELECT #SQL=#SQL+'LEFT JOIN dbo.ApplicantIndiv ai ON a.ApplID = ai.ApplID LEFT JOIN dbo.ApplicantOrg ao ON a.ApplID = ao.ApplID JOIN dbo.AFFINITYGROUP ag ON a.AffGroupID = ag.AffGroupID JOIN dbo.luAffinity luA ON ag.AffinityID = luA.AffinityID
JOIN dbo.Account acct ON aa.AcctID = acct.AcctID JOIN dbo.AccountWorkflowTask awt ON acct.AcctID = awt.AcctID AND awt.dtExit IS NULL --join to current AccountWorkflowTask
JOIN dbo.WorkflowTask wt ON awt.WorkflowTaskID = wt.WorkflowTaskID JOIN dbo.Task t ON wt.TaskID = t.TaskID
JOIN dbo.Workflow w ON wt.WorkflowID = w.WorkflowID JOIN dbo.luTaskStage lts ON t.TaskStageID = lts.TaskStageID
LEFT JOIN dbo.Queue q ON t.QueueID = q.QueueID LEFT JOIN dbo.luOrigination luO on a.OriginationID = luO.OriginationID
LEFT JOIN dbo.accountCheckOut aco ON acct.AcctID = aco.AcctID AND aco.dtCheckIn IS NULL LEFT JOIN AccountSOAApplication asa ON acct.AcctID = asa.AcctID
LEFT JOIN cteAutoApprove on cteAutoApprove.AcctID = acct.AcctID LEFT JOIN cteAge ON cteAge.AcctID = acct.AcctID
LEFT JOIN luAffinityMarket lam ON CAST(luA.AffinityNum AS INT) = CAST(lam.BRNCH_NBR AS INT) LEFT JOIN luAffinityMarket acctLam ON acct.AcctAffinityNum = CAST(acctLam.BRNCH_NBR AS INT)
LEFT JOIN cteFulfillment ful on acct.AcctID=ful.AcctID
left Join **cteFundingStatus** fun on fun.AcctID=acct.AcctID
left Join luBusPurpose bup on bup.BusPurposeID=ao.BusPurposeID
Left join cteNote note on acct.AcctID=note.AcctID
left join luRelationshipCode luRel on aa.RelationshipCode=luRel.RelationshipCode
LEFT JOIN Address Addr ON Addr.ApplID = aa.ApplID AND Addr.AddrTypeID = 1
WHERE 1 = 1 ' --this is in here so that the following statements in the WHERE clause can start with "AND (...)".
-- IF #debug = 1 PRINT LEN(#SQL) v_AOTInitialAccountFunding
--SELECT #SQL = REPLACE(#SQL, CHAR(9), '') --remove tabs to save string size
IF #debug = 1 PRINT LEN(#SQL)
IF #SSN IS NOT NULL
SELECT #sql = #sql + ' AND (ai.SSN = #xSSN OR REPLACE(ao.TaxID, ''-'', '''') = #xSSN)'
IF #IncludeAliasName <>1 AND #FName IS NOT NULL
SELECT #sql = #sql + ' AND (ai.FName LIKE #xFName)'
IF #IncludeAliasName <>1 AND #LName IS NOT NULL
SELECT #sql = #sql + ' AND (ai.LName LIKE #xLName)'
IF #IncludeAliasName <>0 AND #FName IS NOT NULL
SELECT #sql = #sql + ' AND (ai.AliasFName LIKE #xFName OR ai.FName LIKE #xFName)'
IF #IncludeAliasName <>0 AND #LName IS NOT NULL
SELECT #sql = #sql + ' AND (ai.AliasLName LIKE #xLName OR ai.LName LIKE #xLName)'
IF #dtApplicationStart IS NOT NULL
SELECT #sql = #sql + ' AND (CONVERT(char(10), acct.dtApplication, 101) >= #xdtApplicationStart)'
IF #dtApplicationEnd IS NOT NULL
SELECT #sql = #sql + ' AND (CONVERT(char(10), acct.dtApplication, 101) <= #xdtApplicationEnd)'
IF #CompanyName IS NOT NULL
SELECT #sql = #sql + ' AND (ao.CompanyName LIKE #xCompanyName)'
IF #DaysInTask IS NOT NULL
SELECT #sql = #sql + ' AND (DATEDIFF(day, awt.dtEnter, GETDATE()) >= #xDaysInTask)'
IF #AcctNum IS NOT NULL
SELECT #sql = #sql + ' AND (acct.AcctNum LIKE #xAcctNum)'
IF #BranchNums IS NOT NULL
--Can't use a parameter of the executesql for the list of affinity numbers.
SELECT #sql = #sql + ' AND (acct.AcctAffinityNum IN (' + #BranchNums + ') OR luA.AffinityNum IN (' + #BranchNums + '))'
IF #WorkflowID IS NOT NULL
SELECT #sql = #sql + ' AND (w.WorkflowID = #xWorkflowID)'
IF #OriginationID IS NOT NULL
SELECT #sql = #sql + ' AND (a.OriginationID = #xOriginationID)'
IF #QueueID IS NOT NULL
SELECT #sql = #sql + ' AND (t.QueueID = #xQueueID)'
IF #TaskStageIDs IS NOT NULL
--Can't use a parameter of the executesql for the list of affinity numbers.
SELECT #sql = #sql + ' AND (lts.TaskStageID IN (' + #TaskStageIDs + '))'
IF #TaskIDs IS NOT NULL
--Can't use a parameter of the executesql for the list of affinity numbers.
SELECT #sql = #sql + ' AND (t.TaskID IN (' + #TaskIDs + '))'
IF #DaysAged IS NOT NULL
SELECT #sql = #sql + ' AND ISNULL(cteAge.Age + 1, 0) <= #xDaysAged'
--SELECT #sql = #sql + ' AND (DATEDIFF(day, acct.dtApplication, GETDATE()) + 1 = #xDaysAged)'
IF #LastActivityStart IS NOT NULL
SELECT #sql = #sql + ' AND (CONVERT(char(10), awt.dtEnter, 101) >= #xLastActivityStart)'
IF #LastActivityEnd IS NOT NULL
SELECT #sql = #sql + ' AND (CONVERT(char(10), awt.dtEnter, 101) <= #xLastActivityEnd)'
IF #Market IS NOT NULL
SELECT #sql = #sql + ' AND (lam.Market = #xMarket OR acctLam.Market = #xMarket)'
IF #EmailTypeIDs IS NOT NULL
SELECT #sql = #sql + ' AND (note.NoteReasonID IN (' + #EmailTypeIDs + '))'
IF #SOAApplID IS NOT NULL
SELECT #sql = #sql + ' AND asa.SOAApplID = #xSOAApplID UNION
SELECT NULL ApplID, NULL AcctID, sa.dtAdded dtApplication, sap.FName, sap.MName, sap.LName, sap.SSN, sap.Email, NULL CompanyName,NULL DBAName,
NULL TaxID, NULL AcctNum, 145 AcctAffinityNum, ''145'' AffinityNum, luA.AffinityName, NULL TaskDesc, NULL dtEnter,
NULL DaysInTask, NULL QueueDesc, NULL WorkflowID, ''SEI Online App'' WorkflowDesc,NULL OriginationID, NULL OriginationDesc, NULL dtCheckOut,
NULL UserCheckOut, NULL GUIDCheckout, NULL TaskStageDesc,
0, DATEDIFF(day, sa.dtAdded, GETDATE()) + 1 DaysAged, sa.SOAApplID,'' '', '' '', '' '' dtEnter, '' ''DecisionType,'' '' Market,
'' ''Request,'' ''SourceAccountTypeDescription,'' ''FundingStatus,'' ''BrokerCode, '' ''TIN,'' ''BusPurpose,'' ''Note,'' ''t,
'' ''t1,'' '' RelationshipCode, '' '' RelationshipCodeDesc FROM SOAApplication sa LEFT JOIN AccountSOAApplication asa
ON sa.SOAApplID = asa.SOAApplID JOIN SOAApplicant sap ON sa.SOAApplID = sap.SOAApplID JOIN luAffinity luA ON luA.AffinityNum = ''145''
WHERE asa.SOAApplID IS NULL AND sa.SOAApplID = #xSOAApplID AND sap.PrimaryContact = 1'
IF #debug = 1
PRINT #sql
IF #debug = 1
PRINT #sql
SELECT #paramlist =
'#xSSN char(9),
#xFName varchar(25),
#xLName varchar(30),
#xdtApplicationStart datetime,
#xdtApplicationEnd datetime,
#xCompanyName varchar(50),
#xDaysInTask int,
#xAcctNum varchar(11),
#xWorkflowID int,
#xOriginationID tinyint,
#xQueueID int,
#xDaysAged int,
#xMarket varchar(50),
#xSOAApplID int,
#xLastActivityStart datetime,
#xLastActivityEnd datetime'
IF #Debug = 1 PRINT LEN(#SQL)
EXEC sp_executesql #sql, #paramlist,
#SSN,
#FName,
#LName,
#dtApplicationStart,
#dtApplicationEnd,
#CompanyName,
#DaysInTask,
#AcctNum,
#WorkflowID,
#OriginationID,
#QueueID,
#DaysAged,
#Market,
#SOAApplID,
#LastActivityStart,
#LastActivityEnd
So when you add EXECUTE AS SELF to a procedure, it's the same as saying "Execute this procedure as though the person who created it is running it". So whoever deploys the procedure (under whatever principal account) is the one that will be the basis for what the procedure uses.
I'm presuming that your deployment strategy is to have an administrator run the CREATE/ALTER steps using the sa account. Your DBAs are probably following best practice and not having the sa account own the databases on the server (and possibly not have read access at all), so you get the security error.
Given all that, in your current situation, you're probably not going to use EXECUTE AS SELF, or at least I suspect so. In terms of when you would want to use it in a more general sense, it's hard to give a blanket answer. Short version is if you have a situation where you ("you" being a principal you can log in as) need to run an object at your level of permissions rather than whatever permissions the caller has.