question

aderossi avatar image
aderossi asked

SELECT permission for UPDATE with WHERE

I have configured a user with UPDATE permissions on a table. I don´t want that user to read the data. But when the user issues an UPDATE to the table with a WHERE clause, an error occurs telling that SELECT permission was denied. I guess is needed a reading permission to resolve the WHERE predicate This command works fine: UPDATE dbo.TestTable SET Fecha = '20130115'; This one fails: UPDATE dbo.TestTable SET Fecha = '20130116' WHERE Id = 1; The SELECT permission was denied on the object 'TestTable', database 'TestDB', schema 'dbo'. Is it mandatory to grant SELECT permissions in this case? Or is there any other way to set the permissions Thanks
permissionsdenied
10 |1200

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

1 Answer

·
JohnM avatar image
JohnM answered
Why not put the code into a stored procedure and then grant the user execute permissions to that procedure? This would allow them to update the table and NOT have read permissions.
1 comment
10 |1200

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

aderossi avatar image aderossi commented ·
Thanks for your answer, but we don´t want to go that way. We have our reasons. So, is mandatory to give the user select persmissions in this case?
0 Likes 0 ·

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.