Menu
I have a stored procedure that I would like to give permission to insert identities while not giving the restricted user calling it ALTER TABLE privileges. Is that possible?
Here's my stored procedure:
CREATE PROCEDURE [dbo].[AddInternalQu]
(
@id [int],
@qu [nvarchar](500),
@pg [nvarchar](50),
@isactive [bit],
@isdoc [bit],
@allowNA [bit],
@textBox [bit],
@redf [bit],
@qord [int],
@shqu [nvarchar](50),
@restrict [bit],
@scanwizard [bit]
)
AS
BEGIN
SET IDENTITY_INSERT [questions] ON;
INSERT INTO [questions] (qu_id, question, shortqu, redflag, page, active, is_doc_qu,
allowNA, textBox, qu_order, scanwizard, restricted)
VALUES(@id, @qu, @shqu, @redf, @pg, @isactive, @isdoc,
@allowNA, @textBox, @qord, @scanwizard, @restrict);
SET IDENTITY_INSERT [questions] OFF;
END
GRANT EXEC ON AddInternalQu TO MyStandardRole;
As it stands a user I add to the MyStandardRole role has the rights to execute the stored procedure but then it fails trying to set the identity insert with insufficient privileges.
500
If the value inserted is larger than the current identity value for the table, SQL Server automatically uses the new inserted value as the current identity value. The setting of SET IDENTITY_INSERT is set at execute or run time and not at parse time.
Answers. In a given session , you can have only one table's IDENTITY_INSERT property set to ON. You can use set IDENTITY_INSERT state (on/off) only at excute or run time.
By default, SQL Server automatically inserts an increment value for an IDENTITY column, when the IDENTITY_INSERT parameter is set to OFF. If you don't need an explicit value for the IDENTITY column, remove the IDENTITY column from the component schema.
IDENTITY_INSERT is a table property that allows you to insert explicit values into the column of table identifiers, i.e. into the column with IDENTITY. The value of the inserted identifier can be either less than the current value or more, for example, to skip a certain interval of values.
"WITH EXECUTE AS OWNER" should do the trick.
CREATE PROCEDURE [dbo].[AddInternalQu]
(
@id [int],
@qu [nvarchar](500),
@pg [nvarchar](50),
@isactive [bit],
@isdoc [bit],
@allowNA [bit],
@textBox [bit],
@redf [bit],
@qord [int],
@shqu [nvarchar](50),
@restrict [bit],
@scanwizard [bit]
)
WITH EXECUTE AS OWNER
AS
BEGIN
SET IDENTITY_INSERT [questions] ON;
INSERT INTO [questions] (qu_id, question, shortqu, redflag, page, active, is_doc_qu,
allowNA, textBox, qu_order, scanwizard, restricted)
VALUES(@id, @qu, @shqu, @redf, @pg, @isactive, @isdoc,
@allowNA, @textBox, @qord, @scanwizard, @restrict);
SET IDENTITY_INSERT [questions] OFF;
END
GRANT EXEC ON AddInternalQu TO MyStandardRole;
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
