I have a .net where I only have read access to the SQL Server database. Is it possible for SQL Server to give me write access to just ONE of the tables in the database, and restrict me to read only for the rest of the database?
Use this TSQL script, if you need:
EXEC sp_addrolemember N'db_datareader', N'User1';
GRANT INSERT, UPDATE, SELECT ON
MyTable
TO User1 --for multiples, it's TO User1,User2
In SQL Server Management Studio, right-click the read-only user in database name|security|Users and select Properties.
Select "Securables" and click "Search...". In the popup select "All objects of the type..." and click OK. Select "Tables" in the next window and click OK.
Then back in the Securables window, for each table that the user may write to:
Click on the table, and in the Permissions window underneath, in the "Grant" column, select "Insert", "Select" and "Update".
Yes, yes it is.
Just grant yourself the ReadOnly role and give yourself explicit write permissions to the table in question.
Related
I have a server in SQL Server Management Studio, in this one when I open the "Security" folder, then "Connections" I have different user accounts already created.
I have two databases: RCE, and RCE_Finance_BI.
In the first one in the "Security" folder, then "Users" I have these accounts :
Including JeromeRCE who has write and read rights on this database.
Now in the RCE_Finance_BI database I have these users:
I would like to add to this database the JeromeRCE account and give him the same rights as in the RCE database, i.e. read and write rights.
How can I do it please?
Yes you can do it.
use the below script
USE [RCE_Finance_BI]
GO
CREATE USER [JeromeRCE] FOR LOGIN [JeromeRCE] WITH DEFAULT_SCHEMA=[dbo]
GO
Or you can create the script by below steps
Right click the user
Select 'Script User as'
Select 'Create To'
Select 'New Query Editor Window'
Change the database to you target database in the script.
I am not sure why but I just installed SQLdeveloper 32 bit (3.0.0.4). When I click to expand the tables/views/indexes or etc it displays nothing at all!
But when I do the following:
SELECT owner, table_name
FROM dba_tables
I see the list of tables and I have read access to these tables since I can do a select * from anytable and data shows. Any thoughts?
The SQL Developer tree shows you what objects you own, not what objects you have access to. If you want to see the objects that you have access to that are owned by other users, you would need to navigate to the "Other Users" branch of the tree, then the user that owns the table, then the "Tables" branch.
Add select privilege to all_objects/user/ojects in the db user
Launch SQL Developer as administrator
Im writing a simple utility that will allow our users to run simple select SQL statements on the DB to retrieve data they require. Just a textbox and a button and when they click the button it will spit out the query results in a list.
The problem I have is I only want them to be able to run SELECT statements. I dont want any edit statements to be executed i.e. update, insert, delete, drop etc.
Is there a simple way to parse a sql string to make sure its only a read only select statement entered?
A better way would be to use sql permissions. As a datareader, your users will only be able to SELECT. exec sp_addrolemember db_datareader, <user>
Best way to deal with this is by creating a user that only has limited permissions.
If you want to allow users to read data from all tables then you can go with what Steve D already suggested.
If you want to allow users to read data from only some tables but not all then you need to create a user that only has ‘public’ role and then GRANT SELECT for specific tables.
Make sure user only has ‘public’ selected here for a given database
Then just execute this query for all tables
grant select on <schema>.<table> to <user>
If I run a sql script in SQL Server 2005 SSMS (Version 9.00.4035.00) like
CREATE TABLE xxx.MyTable
the table will be created as dbo.MyTable although the schema xxx does exist! No error message!
The user I'm using to run the script as all permissions (tested with windows user and sql user with server role sysadmin)
What's wrong?
You probably have 2 tables now
xxx.MyTable
dbo.MyTable
To check:
SELECT SCHEMA_NAME(schema_id), name, create_date, modify_date
FROM sys.objects
WHERE name = 'MyTable'
Don't rely on SSMS Object Explorer: it needs refreshed (right click on the tables node, refresh).
Or wrong database, wrong server etc.
We use schemas and never had any problems
Edit: now check all databases
EXEC sp_msforeachdb '
USE ?
SELECT SCHEMA_NAME(schema_id), name, create_date, modify_date
FROM sys.objects
WHERE name = ''MyTable''
'
Please take a look at the possible workarounds:
1) Create a SQL login with dbo rights to the database where tables and other objects have to be created. Have the users connect to SSMS using the SQL login that you have created. Tables can be created using SSMS without issues.
2) Have the user of windows security group create table using TSQL. You will see that a new schema and user will be created for this database with the user name of the user. Table gets created with windows user name as the owner .
Now, go to the database user which got created. Change the default schema to xxx.
User of that security group can create tables in SSMS and with dbo as the object owner.
Apparently, this is a microsoft bug and has not been resolved yet.
https://connect.microsoft.com/feedback/viewfeedback.aspx?FeedbackID=238246&wa=wsignin1.0&siteid=68
Hope this helps.
I am having trouble adding a user to a test database I set up on my local machine. I have added the user fine but the user does not have permission to SELECT (Or anything else for that matter) on the database. I have tried gone the the permission tab under the server, the database, and the table (there is only one it is a very simple database just for testing) and selected grant for every single option yet it still does not work. I have also tried doing a Transact-SQL command like:
use testing
GRANT SELECT, UPDATE, DELETE, INSERT TO User
and a couple of other combinations that return successfully but I still do not have permission to select data from the table. Any suggestions?
Add the user to the db_datareader role to give the user select access to all of the tables.
Add the user to the public database role and they should be able to SELECT against the database (unless you have changed the public role's permissions).