473,395 Members | 1,368 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > microsoft sql server > questions > non database owner call to sp_addrolemember or sp_droprolemember

Join Bytes to post your question to a community of 473,395 software developers and data experts.

Non Database Owner call to sp_addrolemember or sp_droprolemember

Hi,

Is there any way that calls to sp_addrolemember and sp_droprolemember
can be enabled for non database owners and non sysadmin members?

This would be very helpful for an application I'm in the middle of
developing, in which users have the right to view some data and edit
some data in a set of tables. The data is pulled up in a set of views
(using SQL Server 7 with an Access 2000 front-end). Depending on an
initial selection that the user makes, s/he should be able to either
read or edit the data.

The solution I hoped to use would run a stored procedure, that amongst
other things would add and/or remove the user to/from a data_read and
data_edit role, depending on the initial selection s/he made.

Any suggestions?

Much thanks!
Oren Bergman
Jul 20 '05 #1
3 4883
[posted and mailed, please reply in news]

Oren (or**@gdblegal.com) writes:
Is there any way that calls to sp_addrolemember and sp_droprolemember
can be enabled for non database owners and non sysadmin members?


Books Online says about permissions for sp_addrolemember:

Only members of the sysadmin fixed server role and the db_owner fixed
database role can execute sp_addrolemember to add a member to fixed
database roles. Role owners can execute sp_addrolemember to add a
member to any SQL Server role they own. Members of the db_securityadmin
fixed database role can add users to any user-defined role.

So, if the users are members of the roles that owns the role they
want to add/drop members from, they should be able to do it.

--
Erland Sommarskog, SQL Server MVP, es****@sommarskog.se

Books Online for SQL Server SP3 at
http://www.microsoft.com/sql/techinf...2000/books.asp
Jul 20 '05 #2
Ernland -

Thanks for the response.
Another solution that was suggested to me, without using SQL's roles
is as follows:

- Create 2 views for the data - a read only and a r/w.
- Create a table to track the various users' permissions.
- Pull up the view corresponding to the users choices and permissions
(in the permissions table).

This way the users don't have to have extra permissions (can a role
have more than one owner in any case? If not, this would complicate
the solution you suggested). The permissions table could have certain
defaults making it easier to add new users to it.

All the best,
Oren
Erland Sommarskog <es****@sommarskog.se> wrote in message news:<Xn**********************@127.0.0.1>...
[posted and mailed, please reply in news]

Oren (or**@gdblegal.com) writes:
Is there any way that calls to sp_addrolemember and sp_droprolemember
can be enabled for non database owners and non sysadmin members?


Books Online says about permissions for sp_addrolemember:

Only members of the sysadmin fixed server role and the db_owner fixed
database role can execute sp_addrolemember to add a member to fixed
database roles. Role owners can execute sp_addrolemember to add a
member to any SQL Server role they own. Members of the db_securityadmin
fixed database role can add users to any user-defined role.

So, if the users are members of the roles that owns the role they
want to add/drop members from, they should be able to do it.

Jul 20 '05 #3
Oren (or**@gdblegal.com) writes:
Thanks for the response.
Another solution that was suggested to me, without using SQL's roles
is as follows:

- Create 2 views for the data - a read only and a r/w.
- Create a table to track the various users' permissions.
- Pull up the view corresponding to the users choices and permissions
(in the permissions table).

This way the users don't have to have extra permissions (can a role
have more than one owner in any case? If not, this would complicate
the solution you suggested). The permissions table could have certain
defaults making it easier to add new users to it.


A role can only have one owner, but that owner may be a role, so it would
be possible to use that solution.

However, the view solution you present appears to be more palatable. It
confines the solution to user tables/views, and requires no special
configuration. If I understood your requirements correctly, this seems
to be the best solution.

--
Erland Sommarskog, SQL Server MVP, es****@sommarskog.se

Books Online for SQL Server SP3 at
http://www.microsoft.com/sql/techinf...2000/books.asp
Jul 20 '05 #4
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

1
Headaches moving an SQL2K database between servers
by: Ben M. | last post by:
Greetings all, This should be an easy task, and Im sure it is, but as many times as I have tried, I cant seem to get this to work properly. We changed ISPs recently from a shared host to a...
Microsoft SQL Server
4
Remote access to sql database...permissions
by: Phil | last post by:
Hi all, I need some help to access an SQL db on another machine. I am using VB.NET and remoting to make a client/server connection...although I don't think this is relevant to the question. I...
Microsoft SQL Server
5
ASP.NET database won't connect...
by: Daniel Bass | last post by:
I setup a asp.net project running on http://localhost/ which connects to a database on another server running sqlserver... I was able to connect to the database and create my application no...
ASP.NET
6
Troubles Querying Database in Application_Start
by: Ober | last post by:
I'm having trouble with my security model, Application_Start, and accessing my database. My ASP.NET app is only going to be running in an intranet environment (not on the public Internet). ...
ASP.NET
0
aspnet_regsql Database Errors
by: jj .NET | last post by:
I have several sites and membership databases on the same test computer. They all have different names, so there is no problem. However, now my Website Administration Tool won't create the...
ASP.NET
4
how to try-catch 'sp_addrolemember'?
by: fireball | last post by:
how to try-catch sp_addrolemember?
Microsoft SQL Server
2
File Owner
by: levimc | last post by:
I know that that topic may be old to you but I looked at other more- than-two-year-old topics related to mine. However, I didn't find them working for my project at all because its errors return...
Visual Basic .NET
3
[help] scripted database creation
by: Limunski Magarac | last post by:
Hi all :) My apologies if I posted in the wrong groups, but I just jumped in MS SQL waters, so any guidance will be appreciated. What I'm trying to do is the following process: present...
Microsoft SQL Server
1
creating a mail.php script that pulls email from database
by: sqshymnky | last post by:
Hello all, I know html but am sort of lost when it comes to PHP. I don't really know where to even begin to explain my problem. I am working on a site that deals with real estate. I have...
PHP
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!