Article ID: 247749
Article Last Modified on 3/14/2006
APPLIES TO
- Microsoft SQL Server 7.0 Standard Edition
This article was previously published under Q247749
BUG #: 56806 (SQLBUG_70)
SYMPTOMS
If a user or role has table level permissions and column level permissions on a particular table, the SQL Script generated using Enterprise Manager does not script both the permissions. Enterprise Manager only generates table level permissions.
STATUS
Microsoft has confirmed this to be a problem in SQL Server 7.0. This problem has been corrected in U.S. Service Pack 3 for Microsoft SQL Server 7.0. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
274799 INF: How to Obtain Service Pack 3 for Microsoft SQL Server 7.0 and Microsoft Data Engine (MSDE) 1.0
For more information, contact your primary support provider.
MORE INFORMATION
Steps to Reproduce Behavior
Use these steps to reproduce the behavior:
Create a table named table1 using this code:
CREATE TABLE [dbo].[table1] ( [col1] [varchar] (16) NOT NULL , [col2] [int] NULL ) ON [PRIMARY] GO
Create a Role named role1 using this code:
EXEC sp_addrole N'role1'
Case1
Run the following code:
GRANT SELECT, INSERT, DELETE ON [dbo].[table1] TO [role1] GO
Generate the SQL script using SQL Enterprise Manager. This successfully shows everything including the Table Level Permissions.
Case2
Next, run this code:
GRANT UPDATE ON [dbo].[table1] ([col1]) to role1 GO
Generate the SQL script using SQL Enterprise Manager. This successfully shows everything including the Column Level Permissions
Case3
Now, run this code:
GRANT SELECT , INSERT , DELETE ON [dbo].[table1] TO [role1] GO GRANT UPDATE ON [dbo].[table1] ([col1]) to role1 GO
Generate the SQL script using SQL Enterprise Manager. This will only show Table Level Permissions, No Column Level Permissions.
The order of the execution of the GRANT statements (first table level then Column level or vice versa) does not matter. The generated SQL Script does not have the Column Level Permissions, but in actuality, can do all the things like UPDATE on the specific column the user is permitted to and perform all the activities that the user is permitted to at the table level. The actual permissions are intact, they just are not shown in the script that is generated.
Additional query words: column permission script
Keywords: kbbug kbfix KB247749