RE: View Designer Role and Security

From: Phil Leitch (anonymous_at_discussions.microsoft.com)
Date: 02/26/04


Date: Wed, 25 Feb 2004 15:26:06 -0800

Thanks very much Rand. I tried what you suggest and it worked well in that all users can use the view and don't need access to the tables.

However, it's also a requirement that this view designer not be given permissions to create or change stored procedures, functions or table structures. I tried using DENY to deny permissions to all statements and then just GRANT CREATE VIEW permissions to allow creating and editing views. The problem with this is that since he is a db_owner, he can REVOKE these denied permissions and get himself back to full permissions again.

Phil