Re: Howto give users permission to create tables, but deny them DROP?
- From: "Steve" <morriszone@xxxxxxxxxxx>
- Date: 14 Dec 2006 20:44:42 -0800
For 2005 uas a DDL trigger
USE AdventureWorks
IF EXISTS (SELECT * FROM sys.triggers
WHERE parent_class = 0 AND name = 'safety')
DROP TRIGGER safety
ON DATABASE
GO
CREATE TRIGGER safety
ON DATABASE
FOR DROP_TABLE
AS
RAISERROR ('You must disable Trigger "safety" to drop tables!',10,
1)
ROLLBACK
GO
cc wrote:
Ok to protect users from themselves and also from an injection attack, what
permissions would one grant to a user login to allow them the ability to
create, alter, update tables and data on a db, but deny them the ability to
drop a table? Basically, my users have the expectation to be able to
create/edit their dbs on the fly (yah, I know . . . ) but I would like to
make it so that I, the dba, would have to step in to delete a table. Is this
possible?
Thank you,
Chad
.
- Prev by Date: Re: SQL2000 UserPermissions for Database
- Next by Date: SQL Server 2005 SSL
- Previous by thread: Re: SQL 2005 execute permissions
- Next by thread: SQL Server 2005 SSL
- Index(es):
