Please start any new threads on our new site at https://forums.sqlteam.com. We've got lots of great SQL Server experts to answer whatever question you can come up with.

 All Forums
 SQL Server 2008 Forums
 SQL Server Administration (2008)
 Grant Access to 1 table/ 2columns in a database

Author  Topic 

Pavlo01
Starting Member

6 Posts
Posted - 2013-07-30 : 19:09:15

Hello,

I am new to SQL Server 2008 administration and I have been asked to give a user access to only 1 table of a database. In addition i have been asked to give them access to only 2 columns within that table. How can I do this? I was told there is more than one way if you know multiple ways please share. If I have to type a command where do I type it? please start from scratch with me. Thank you very much I appreciate your input.

tkizer
Almighty SQL Goddess

38200 Posts
Posted - 2013-07-30 : 19:11:43
Just create a view and then grant select on that view.

create view SomeViewName
as
select column12, column 15
from SomeTable
go

grant select on SomeViewName to SomeUserOrGroupName

You type commands in a new query window.

Tara Kizer
Microsoft MVP for Windows Server System - SQL Server
http://weblogs.sqlteam.com/tarad/

Subscribe to my blog
Go to Top of Page

Pavlo01
Starting Member

6 Posts
Posted - 2013-07-31 : 09:41:31
Is there a way to do it in SQL Server Management Studio (SSMS)?
Go to Top of Page

tkizer
Almighty SQL Goddess

38200 Posts
Posted - 2013-07-31 : 13:05:07
Yes, that's what I posted.

Tara Kizer
Microsoft MVP for Windows Server System - SQL Server
http://weblogs.sqlteam.com/tarad/

Subscribe to my blog
Go to Top of Page

James K
Master Smack Fu Yak Hacker

3873 Posts
Posted - 2013-07-31 : 13:17:40
If you must grant permissions on the table itself, you can use column level permissions. See this example below - I am starting from scratch, creating a login, user, a table, and granting that user access to only two columns in the table. The relevant part that is of interest to you is the code in green.
USE [master]
GO
CREATE LOGIN [MyTestLogin] WITH PASSWORD=N'abcd1234dWQ', DEFAULT_DATABASE=[master], CHECK_EXPIRATION=ON, CHECK_POLICY=ON
GO
USE [TestDatabase]
GO
CREATE USER [MyTestLogin] FOR LOGIN [MyTestLogin]
GO



CREATE TABLE dbo.MyTestTable (col1 INT, col2 INT, col3 INT);
GO

INSERT INTO dbo.MyTestTable VALUES (1,2,3);
INSERT INTO dbo.MyTestTable VALUES (4,5,6);

GO

GRANT SELECT ON OBJECT::dbo.MyTestTable(col1,col2) TO MyTestLogin;
GO

EXECUTE AS USER = 'MyTestLogin'
GO

SELECT col1,col2,col3 FROM MyTestTable;
Msg 230, Level 14, State 1, Line 1
The SELECT permission was denied on the column 'col3' of the object 'MyTestTable', database 'TestDatabase', schema 'dbo'.
GO

SELECT col1,col2 FROM MyTestTable;
-- (2 row(s) affected)
GO

REVERT
GO

DROP TABLE MyTestTable
GO

DROP USER [MyTestLogin]
GO

USE MASTER
GO

DROP LOGIN [MyTestLogin]
GO
Go to Top of Page

Pavlo01
Starting Member

6 Posts
Posted - 2013-07-31 : 13:43:47
If I right click on a table and select properties then permissions.
I can add users or roles and underneath I can set permissions for the users.
Alter, Control, Delete, Insert, References, Select, Take ownership, Update, View change tracking, View definition. Then I can select Grant, With Grant or Deny.
There is also a button for Column Permissions...

Can I use these options to give a user acces to only 2 columsn within a table? If so which settings do I need to make.
Go to Top of Page

tkizer
Almighty SQL Goddess

38200 Posts
Posted - 2013-07-31 : 14:15:25
Just click the New Query button to open a query window. Then run the commands there. Yes you can use the GUI, but I don't have the steps as I avoid the GUI like the plague.

Tara Kizer
Microsoft MVP for Windows Server System - SQL Server
http://weblogs.sqlteam.com/tarad/

Subscribe to my blog
Go to Top of Page
   

Subscribe to SQLTeam.com

SQLTeam.com Articles via RSS

SQLTeam.com Weblog via RSS

- Advertisement -

Resources

Articles

Forums

Blogs

Contact Us

About the Site