Generates a report on object permissions granted to the specified role, or user name, or the object permissions granted on the specified object or dbspace.
dbo.sp_objectpermission ( [object_name], [object_owner], [object_type] )
Arguments | Description |
---|---|
object_name | The name of an object or dbspace or a user or a role. If not specified, object permissions of the current user are reported. Default value is NULL. |
object_owner | The name of the object owner for the specified object name. The object permissions of the specified object owned by the specified object owner are displayed. This parameter must be specified to obtain the object permissions of an object owned by another user or role. Default value is NULL. |
object_type |
Valid values are:
Note: *Column-level object permissions also
appear.
If no value is specified, permissions on all object types are returned. Default value is NULL. |
Column Name | Data Ttype | Description |
---|---|---|
grantor | char(128) | The user ID of the grantor |
grantee | char(128) | The user ID of the grantee |
object_name | char(128) | The name of the object |
object_type | char(20) | The type of object |
column_name | char(128) | The name of the column |
permission | char(20) | The name of the permission |
grantable | char(1) | Whether or not the permission is grantable |
The following GRANT statements are executed:
GRANT SERVER OPERATOR TO r4; GRANT BACKUP DATABASE TO r3 WITH ADMIN OPTION; GRANT DROP CONNECTION TO r3 WITH ADMIN ONLY OPTION; GRANT MONITOR TO r2;GRANT CHECKPOINT TO r1; GRANT ROLE r2 TO r1 WITH ADMIN OPTION; GRANT ROLE r3 TO r2 WITH NO ADMIN OPTION; GRANT ROLE r4 TO r3 WITH ADMIN ONLY OPTION;
grantor | grantee | object_name | owner | object_type | column_name | permission | grantable |
---|---|---|---|---|---|---|---|
u5 | r2 | test_tab | r5 | TABLE | NULL | SELECT | Y |
u6 | r3 | test_tab | r5 | COLUMN | c1 | SELECT | N |
u6 | r3 | test_tab | r5 | COLUMN | c1 | REFERENCES | N |
u6 | r3 | test_proc | r5 | PROCEDURE | NULL | EXECUTE | N |
If sp_objectpermission( ‘test_tab’, ‘r5’, ‘table’ ) is executed, output is similar to:
granter | grantee | object_name | owner | object_type | column_name | permission | grantable |
---|---|---|---|---|---|---|---|
u5 | r2 | test_tab | r5 | TABLE | NULL | SELECT | Y |
u5 | r6 | test_tab | r5 | COLUMN | c1 | SELECT | Y |
u5 | r6 | test_tab | r5 | COLUMN | c1 | UPDATE | Y |
u6 | r3 | test_tab | r5 | COLUMN | c1 | SELECT | N |
u6 | r3 | test_tab | r5 | COLUMN | c1 | REFERENCES | N |