Menu
Is it possible to set up SQL Server to give developers read-only access to the contents of stored procedures on our production database?
903
Expand Stored Procedures, right-click the procedure to grant permissions on, and then select Properties. From Stored Procedure Properties, select the Permissions page. To grant permissions to a user, database role, or application role, select Search.
If you've READ permission on database, you can read data only from Tables, Views, and Functions. But to execute stored procedures, you need to provide permission explicitly to user. There are multiple ways you can provide execute permission to any user.
Using the UI you can use the User Mapping tab under the login, you can create the user with 'public' access only. Then you can go to the database and grant that user SELECT access to the particular table.
You can grant them the VIEW DEFINITION privilege to those procs.
See here for what this privilege does.
You can apply VIEW DEFINITION at different scopes:
You can also use a query to generate a script for many procs.
So if you have a user Bob:
SELECT N'GRANT VIEW DEFINITION ON ' + QUOTENAME(SPECIFIC_SCHEMA) + N'.' + QUOTENAME(SPECIFIC_NAME) + N' TO Bob;' FROM INFORMATION_SCHEMA.ROUTINES WHERE ROUTINE_TYPE = 'PROCEDURE'; that will give you something like this, which you can then run:
GRANT VIEW DEFINITION ON [dbo].[aspnet_RegisterSchemaVersion] TO Bob; GRANT VIEW DEFINITION ON [dbo].[aspnet_CheckSchemaVersion] TO Bob; GRANT VIEW DEFINITION ON [dbo].[aspnet_Applications_CreateApplication] TO Bob; ... Example of granting VIEW DEFINITION at the Schema scope/level for dbo.
GRANT VIEW DEFINITION ON schema::[dbo] TO Bob; MSDN Article
31
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
