Grant Method (Table, View)
This feature will be removed in a future version of Microsoft SQL Server. Avoid using this feature in new development work, and plan to modify applications that currently use this feature.
The Grant method assigns a table permission or a list of permissions to one or more Microsoft SQL Server users or roles.
Syntax
object.Grant(Privilege,GranteeNames, [ ColumnNames ] ,
[ GrantGrant ] , [ AsRole ] )
Parts
- object
Expression that evaluates to an object in the Applies To list.
- Privilege
Long integer that specifies one or more table permissions as described in Settings.
- GranteeNames
SQL Distributed Management Objects (SQL-DMO) multistring listing users or roles.
- ColumnNames
SQL-DMO multistring listing column names within the table or view. When used, the specified privilege is extended only to the columns named.
- GrantGrant
When TRUE, the grantee(s) specified are granted the ability to execute the GRANT statement referencing the table or view. When FALSE (default), the ability to extend permission is not granted.
- AsRole
String that identifies a role to which the connected user belongs as described in Remarks.
Prototype (C/C++)
HRESULT Grant(
SQLDMO_PRIVILEGE_TYPE iPrivileges,
SQLDMO_LPCSTR GranteeNames,
SQLDMO_LPCSTR ColumnNames = NULL,
BOOL GrantGrant = FALSE,
SQLDMO_LPCSTR AsRole = NULL);
Settings
Set Privilege using these SQLDMO_PRIVILEGE_TYPE values.
Constant | Value | Description |
---|---|---|
SQLDMOPriv_AllObjectPrivs |
63 |
Grant all permissions on the table. |
SQLDMOPriv_Delete |
8 |
Grant permission to execute the DELETE statement referencing the table. |
SQLDMOPriv_Insert |
2 |
Grant permission to execute the INSERT statement referencing the table. |
SQLDMOPriv_References |
32 |
Grant permission to reference the table in statements implementing declarative referential integrity. |
SQLDMOPriv_Select |
1 |
Grant permission to execute the SELECT statement referencing the table. |
SQLDMOPriv_Update |
4 |
Grant permission to execute the UPDATE statement referencing the table. |
Remarks
When a user is a member of more than a single role, the user can have permission to grant access to a table or view under one role and not under another. In this case, SQL Server security mechanisms prevent execution of the Grant method on the Table or View object referencing the database object. Use the AsRole argument to specify the role under which permission to execute the grant exists.
For more information about setting multistring parameters, see Using SQL-DMO Multistrings.
Note
Granting permissions to database users and roles using the Grant method of the Table or View object requires appropriate privilege. The SQL Server login used for SQLServer object connection must be granted the ability to execute GRANT referencing the database object, the owner of the database object, or a member of a role with greater privilege.