Is it possible to control permissions on a single stored procedure level in SQL Server 2012? It seems that SQL Server Manager doesn't expose such functionality via GUI. Can somebody advice me how to view/set permission on a single stored procedure level?
In particular I'm interested in removing "Connect" right on one procedure for specified account while leaving Connect rights for this account on all the others procedures. Is it possible?
Sql-server – SQL Server 2012: stored procedures permissions
permissionssql-server-2012stored-procedures
Related Question
- Grant permission to execute stored procedure without granting access to underlying table – Oracle
- Sql-server – Using CREATE TYPE within Stored Procedure Call
- Sql-server – SQL Logins in db_owner role on database cannot create stored procedures
- Sql-server – SQL Server 2012 cannot use file server for log shipping
- MySQL: list users which have been granted EXECUTE permission on a given procedure
- Sql-server – How to grant permission to execute stored procedure in master database from another database
Best Answer
You just need to deny
EXECUTE
permissions on any object that you don't want the app login to see. DenyingVIEW DEFINITION
will only prevent the code of the object from being seen by that user. That is the point ofVIEW DEFINITION
: to allow users to run code that they can't see the code for. DenyingEXECUTE
on the object will removing it completely as far as that login is concerned.Once the
DENY
has been run, the following won't return anything for that login: