Executing a stored procedure which selects and inserts into tables in SQL ServerSQL Server stored procedure permissionsHow to change database owner for login and database created inside stored procedure?Update code works in manual stored procedure but not when run as SQL Server Agent JobMost efficient way to insert rows into a temp table in a stored procedureSQL Server : create table within stored procedureSQL Server CREATE and DROP TABLE Permissions in Stored Procedure Onlystored procedure can select and update tables in other databases - minimal permissions grantedStored Procedure Processing and Error LogGive execute permission to user which does not have execute permission for specific stored procedureHow to create a stored procedure that can insert a record into two tables [Informix]

Has any spacecraft ever had the ability to directly communicate with civilian air traffic control?

How to delegate to implementing class

Do I have an "anti-research" personality?

Killing undead fish underwater

Please, smoke with good manners

Counterexample: a pair of linearly ordered sets that are isomorphic to subsets of the other, but not isomorphic between them

Why was Germany not as successful as other Europeans in establishing overseas colonies?

Inner for loop when run in background in bash spawns new bash process

How would one muzzle a full grown polar bear in the 13th century?

Was it really necessary for the Lunar module LM to have 2 stages?

Unexpected email from Yorkshire Bank

Short story about a planet with two sentient species

How do I deal with a coworker that keeps asking to make small superficial changes to a report, and it is seriously triggering my anxiety?

Are Boeing 737-800’s grounded?

Was there a shared-world project before "Thieves World"?

What does YCWCYODFTRFDTY mean?

Why does nature favour the Laplacian?

Will a top journal at least read my introduction?

How can I place the product on a social media post better?

How to set the font color of quantity objects (Version 11.3 vs version 12)

Will tsunami waves travel forever if there was no land?

Does this extra sentence in the description of the warlock's Eyes of the Rune Keeper eldritch invocation appear in any official reference?

Smart diagram in Mathematica

How to creep the reader out with what seems like a normal person?



Executing a stored procedure which selects and inserts into tables in SQL Server


SQL Server stored procedure permissionsHow to change database owner for login and database created inside stored procedure?Update code works in manual stored procedure but not when run as SQL Server Agent JobMost efficient way to insert rows into a temp table in a stored procedureSQL Server : create table within stored procedureSQL Server CREATE and DROP TABLE Permissions in Stored Procedure Onlystored procedure can select and update tables in other databases - minimal permissions grantedStored Procedure Processing and Error LogGive execute permission to user which does not have execute permission for specific stored procedureHow to create a stored procedure that can insert a record into two tables [Informix]






.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;








1















I am a bit confused on the permissions required to execute stored procedure. For example, if you have 2 tables and a stored procedure which reads data from Table1 and inserts data into Table2, will execute permission on the stored procedure and select permission on the tables be enough? In theory I am finding that this is given as a solution but practically I am finding that a user would need execute permission on the stored procedure, select permission on the tables and insert permission on Table2.






sql-server stored-procedures







share|improve this question






















  • If you are finding more than just permissions to execute on the proc are needed, it means the ownership chain is broken. Are the objects in the same database and schema?

    – Dan Guzman
    1 hour ago


















1















I am a bit confused on the permissions required to execute stored procedure. For example, if you have 2 tables and a stored procedure which reads data from Table1 and inserts data into Table2, will execute permission on the stored procedure and select permission on the tables be enough? In theory I am finding that this is given as a solution but practically I am finding that a user would need execute permission on the stored procedure, select permission on the tables and insert permission on Table2.






sql-server stored-procedures







share|improve this question






















  • If you are finding more than just permissions to execute on the proc are needed, it means the ownership chain is broken. Are the objects in the same database and schema?

    – Dan Guzman
    1 hour ago














1












1








1








I am a bit confused on the permissions required to execute stored procedure. For example, if you have 2 tables and a stored procedure which reads data from Table1 and inserts data into Table2, will execute permission on the stored procedure and select permission on the tables be enough? In theory I am finding that this is given as a solution but practically I am finding that a user would need execute permission on the stored procedure, select permission on the tables and insert permission on Table2.






sql-server stored-procedures







share|improve this question














I am a bit confused on the permissions required to execute stored procedure. For example, if you have 2 tables and a stored procedure which reads data from Table1 and inserts data into Table2, will execute permission on the stored procedure and select permission on the tables be enough? In theory I am finding that this is given as a solution but practically I am finding that a user would need execute permission on the stored procedure, select permission on the tables and insert permission on Table2.






sql-server stored-procedures




sql-server stored-procedures






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked 2 hours ago









user1930901user1930901

494




494












  • If you are finding more than just permissions to execute on the proc are needed, it means the ownership chain is broken. Are the objects in the same database and schema?

    – Dan Guzman
    1 hour ago


















  • If you are finding more than just permissions to execute on the proc are needed, it means the ownership chain is broken. Are the objects in the same database and schema?

    – Dan Guzman
    1 hour ago

















If you are finding more than just permissions to execute on the proc are needed, it means the ownership chain is broken. Are the objects in the same database and schema?

– Dan Guzman
1 hour ago






If you are finding more than just permissions to execute on the proc are needed, it means the ownership chain is broken. Are the objects in the same database and schema?

– Dan Guzman
1 hour ago











1 Answer
1






active

oldest

votes


















2














No, you don't need to grant explicit permission on Table1 and Table2, that's one of the objective of embedding code in stored procedure and that's where encapsulation feature comes into effect.



Please check below link from Microsoft:



https://docs.microsoft.com/en-us/dotnet/framework/data/adonet/sql/managing-permissions-with-stored-procedures-in-sql-server



Stored Procedure Execution



Stored procedures take advantage of ownership chaining to provide access to data so that users do not need to have explicit permission to access database objects. An ownership chain exists when objects that access each other sequentially are owned by the same user. For example, a stored procedure can call other stored procedures, or a stored procedure can access multiple tables. If all objects in the chain of execution have the same owner, then SQL Server only checks the EXECUTE permission for the caller, not the caller's permissions on other objects. Therefore you need to grant only EXECUTE permissions on stored procedures; you can revoke or deny all permissions on the underlying tables.



use below code to grant execute permission:



USE database_name
go 
GRANT EXECUTE ON USP_NAME 
 TO User_name; 
GO


Hope above helps.






share|improve this answer























    Your Answer








    StackExchange.ready(function()
    var channelOptions =
    tags: "".split(" "),
    id: "182"
    ;
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function()
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled)
    StackExchange.using("snippets", function()
    createEditor();
    );

    else
    createEditor();

    );

    function createEditor()
    StackExchange.prepareEditor(
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: false,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: "",
    imageUploader:
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    ,
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    );



    );













    draft saved

    draft discarded


















    StackExchange.ready(
    function ()
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fdba.stackexchange.com%2fquestions%2f236876%2fexecuting-a-stored-procedure-which-selects-and-inserts-into-tables-in-sql-server%23new-answer', 'question_page');

    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    2














    No, you don't need to grant explicit permission on Table1 and Table2, that's one of the objective of embedding code in stored procedure and that's where encapsulation feature comes into effect.



    Please check below link from Microsoft:



    https://docs.microsoft.com/en-us/dotnet/framework/data/adonet/sql/managing-permissions-with-stored-procedures-in-sql-server



    Stored Procedure Execution



    Stored procedures take advantage of ownership chaining to provide access to data so that users do not need to have explicit permission to access database objects. An ownership chain exists when objects that access each other sequentially are owned by the same user. For example, a stored procedure can call other stored procedures, or a stored procedure can access multiple tables. If all objects in the chain of execution have the same owner, then SQL Server only checks the EXECUTE permission for the caller, not the caller's permissions on other objects. Therefore you need to grant only EXECUTE permissions on stored procedures; you can revoke or deny all permissions on the underlying tables.



    use below code to grant execute permission:



    USE database_name
    go 
    GRANT EXECUTE ON USP_NAME 
     TO User_name; 
    GO


    Hope above helps.






    share|improve this answer



























      2














      No, you don't need to grant explicit permission on Table1 and Table2, that's one of the objective of embedding code in stored procedure and that's where encapsulation feature comes into effect.



      Please check below link from Microsoft:



      https://docs.microsoft.com/en-us/dotnet/framework/data/adonet/sql/managing-permissions-with-stored-procedures-in-sql-server



      Stored Procedure Execution



      Stored procedures take advantage of ownership chaining to provide access to data so that users do not need to have explicit permission to access database objects. An ownership chain exists when objects that access each other sequentially are owned by the same user. For example, a stored procedure can call other stored procedures, or a stored procedure can access multiple tables. If all objects in the chain of execution have the same owner, then SQL Server only checks the EXECUTE permission for the caller, not the caller's permissions on other objects. Therefore you need to grant only EXECUTE permissions on stored procedures; you can revoke or deny all permissions on the underlying tables.



      use below code to grant execute permission:



      USE database_name
      go 
      GRANT EXECUTE ON USP_NAME 
       TO User_name; 
      GO


      Hope above helps.






      share|improve this answer

























        2












        2








        2







        No, you don't need to grant explicit permission on Table1 and Table2, that's one of the objective of embedding code in stored procedure and that's where encapsulation feature comes into effect.



        Please check below link from Microsoft:



        https://docs.microsoft.com/en-us/dotnet/framework/data/adonet/sql/managing-permissions-with-stored-procedures-in-sql-server



        Stored Procedure Execution



        Stored procedures take advantage of ownership chaining to provide access to data so that users do not need to have explicit permission to access database objects. An ownership chain exists when objects that access each other sequentially are owned by the same user. For example, a stored procedure can call other stored procedures, or a stored procedure can access multiple tables. If all objects in the chain of execution have the same owner, then SQL Server only checks the EXECUTE permission for the caller, not the caller's permissions on other objects. Therefore you need to grant only EXECUTE permissions on stored procedures; you can revoke or deny all permissions on the underlying tables.



        use below code to grant execute permission:



        USE database_name
        go 
        GRANT EXECUTE ON USP_NAME 
         TO User_name; 
        GO


        Hope above helps.






        share|improve this answer













        No, you don't need to grant explicit permission on Table1 and Table2, that's one of the objective of embedding code in stored procedure and that's where encapsulation feature comes into effect.



        Please check below link from Microsoft:



        https://docs.microsoft.com/en-us/dotnet/framework/data/adonet/sql/managing-permissions-with-stored-procedures-in-sql-server



        Stored Procedure Execution



        Stored procedures take advantage of ownership chaining to provide access to data so that users do not need to have explicit permission to access database objects. An ownership chain exists when objects that access each other sequentially are owned by the same user. For example, a stored procedure can call other stored procedures, or a stored procedure can access multiple tables. If all objects in the chain of execution have the same owner, then SQL Server only checks the EXECUTE permission for the caller, not the caller's permissions on other objects. Therefore you need to grant only EXECUTE permissions on stored procedures; you can revoke or deny all permissions on the underlying tables.



        use below code to grant execute permission:



        USE database_name
        go 
        GRANT EXECUTE ON USP_NAME 
         TO User_name; 
        GO


        Hope above helps.







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered 1 hour ago









        Learning_DBAdminLearning_DBAdmin

        695215




        695215



























            draft saved

            draft discarded
















































            Thanks for contributing an answer to Database Administrators Stack Exchange!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid


            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.

            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fdba.stackexchange.com%2fquestions%2f236876%2fexecuting-a-stored-procedure-which-selects-and-inserts-into-tables-in-sql-server%23new-answer', 'question_page');

            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            -

            Popular posts from this blog

            Magento 2 duplicate PHPSESSID cookie when using session_start() in custom php scriptMagento 2: User cant logged in into to account page, no error showing!Magento duplicate on subdomainGrabbing storeview from cookie (after using language selector)How do I run php custom script on magento2Magento 2: Include PHP script in headerSession lock after using Cm_RedisSessionscript php to update stockMagento set cookie popupMagento 2 session id cookie - where to find it?How to import Configurable product from csv with custom attributes using php scriptMagento 2 run custom PHP script

            Image
            In the late 1940’s to early 1950’s what technology was available that could melt a LOT of ice? "One can do his homework in the library" Setting correct UTM zone Time travel short story where dinosaur doesn't taste like chicken Do Bugbears' arms literally get longer when it's their turn? Offered promotion but I'm leaving. Should I tell? Subset counting for even numbers The difference between 時 and 時は String reversal in Python Good allowance savings plan? Do f-stop and exposure time perfectly cancel? What are some noteworthy "mic-drop" moments in math? They call me Inspector Morse Do I really need to have a scientific explanation for my premise? Make a transparent 448*448 image Could a cubesat propel itself to Mars? What is the chance of making a successful appeal to dismissal decision from a PhD program after failing the qualifying exam in the 2nd attempt? Could a cubesat be propelled to the moon? the return of Stri
            Read more

            Can not update quote_id field of “quote_item” table magento 2Magento 2.1 - We can't remove the item. (Shopping Cart doesnt allow us to remove items before becomes empty)Add value for custom quote item attribute using REST apiREST API endpoint v1/carts/cartId/items always returns error messageCorrect way to save entries to databaseHow to remove all associated quote objects of a customer completelyMagento 2 - Save value from custom input field to quote_itemGet quote_item data using quote id and product id filter in Magento 2How to set additional data to quote_item table from controller in Magento 2?What is the purpose of additional_data column in quote_item table in magento2Set Custom Price to Quote item magento2 from controller

            Image
            iPad being using in wall mount battery swollen Should I cover my bicycle overnight while bikepacking? Do UK voters know if their MP will be the Speaker of the House? Why can't we play rap on piano? Plagiarism or not? Why didn't Miles's spider sense work before? How to tell a function to use the default argument values? Short story with a alien planet, government officials must wear exploding medallions If human space travel is limited by the G force vulnerability, is there a way to counter G forces? What about the virus in 12 Monkeys? Is it acceptable for a professor to tell male students to not think that they are smarter than female students? Avoiding the "not like other girls" trope? Apex Framework / library for consuming REST services Is there an expression that means doing something right before you will need it rather than doing it in case you might need it? Method Does Not Exist error message How to show a landlord what we have
            Read more

            How to solve knockout JS error in Magento 2 Planned maintenance scheduled April 23, 2019 at 23:30 UTC (7:30pm US/Eastern) Announcing the arrival of Valued Associate #679: Cesar Manara Unicorn Meta Zoo #1: Why another podcast?(Magento2) knockout.js:3012 Uncaught ReferenceError: Unable to process bindingUnable to process binding Knockout.js magento 2Cannot read property `scopeLabel` of undefined on Product Detail PageCan't get Customer Data on frontend in Magento 2Magento2 Order Summary - unable to process bindingKO templates are not loading in Magento 2.1 applicationgetting knockout js error magento 2Product grid not load -— Unable to process binding Knockout.js magento 2Product form not loaded in magento2Uncaught ReferenceError: Unable to process binding “if: function()return (isShowLegend()) ” magento 2

            Image
            Does the Pact of the Blade warlock feature allow me to customize the properties of the pact weapon I create? Why isn't everyone flabbergasted about Bran's "gift"? Paektu / Changbai border dispute — why does the BBC shade a large area around the mountain? Is it OK if I do not take the receipt in Germany? How to ask rejected full-time candidates to apply to teach individual courses? /bin/ls sorts differently than just ls What *exactly* is electrical current, voltage, and resistance? Coin Game with infinite paradox Diffie-Hellman with non-prime modulus Example of a central simple algebra Etymology of 見舞い Lights are flickering on and off after accidentally bumping into light switch A journey... into the MIND How to calculate density of unknown planet? How to produce a PS1 prompt in bash or ksh93 similar to tcsh What's the connection between Mr. Nancy and fried chicken? How can I delete rows in the text? How is it possible to implement
            Read more