Question about "Object permissions" & "Statement permissions"

I'm trying to find the answer on question about "Object permissions" &
"Statement permissions".
I read some books and received the discrepant (contradictory) information.
Can you help me to find the truth?
what is the question then?
sql server version would be useful as well. and the description of your
problem/case, for example.
Thanks, Liliya
"RedFox" wrote:

> I'm trying to find the answer on question about "Object permissions" &
> "Statement permissions".
> I read some books and received the discrepant (contradictory) information.
> Can you help me to find the truth?
|||The truth about what exactly? Can you be more specific?
Andrew J. Kelly SQL MVP
Solid Quality Mentors
"RedFox" <redfox_net@.ukr.net> wrote in message
news:BA9F61A6-95AF-4267-AA2F-37EF3669F4A2@.microsoft.com...
> I'm trying to find the answer on question about "Object permissions" &
> "Statement permissions".
> I read some books and received the discrepant (contradictory) information.
> Can you help me to find the truth?
|||RedFox
Object permissions means ( as I understand it) that you do not have any
access on. For instance you table called "Product" and cannot
INSERT/DELETE/UPDATE/SELECT/EXECUTE ,nothing
Statement permissions is a little bit difference as you may have SELECT
statement permission to read the data, however , you cannot modify any data
(UPDATE permission)
"RedFox" <redfox_net@.ukr.net> wrote in message
news:BA9F61A6-95AF-4267-AA2F-37EF3669F4A2@.microsoft.com...
> I'm trying to find the answer on question about "Object permissions" &
> "Statement permissions".
> I read some books and received the discrepant (contradictory) information.
> Can you help me to find the truth?
|||your question is...? ask one
Thanks, Liliya
"Uri Dimant" wrote:

> RedFox
> Object permissions means ( as I understand it) that you do not have any
> access on. For instance you table called "Product" and cannot
> INSERT/DELETE/UPDATE/SELECT/EXECUTE ,nothing
> Statement permissions is a little bit difference as you may have SELECT
> statement permission to read the data, however , you cannot modify any data
> (UPDATE permission)
>
>
> "RedFox" <redfox_net@.ukr.net> wrote in message
> news:BA9F61A6-95AF-4267-AA2F-37EF3669F4A2@.microsoft.com...
>
>
|||Dear All.
Excuse me for a shot message. Additional:
- Book "Microsoft? SQL Server 2005 Implementation and Maintenance
Study Guide (Exam 70–431)" by Joseph L. Jorden Dandy Weyn
In this book I found the descriptions:
- "Statement permissions have nothing to do with the actual data; they allow
users to create the structure that holds the data."
- "Once the structure exists to hold the data, you need to give users
permission to start working with the data in the databases, which is
accomplished by granting object permissions to your users."
Is these terms correct for SQL 2005 in this context?
"Uri Dimant" wrote:

> RedFox
> Object permissions means ( as I understand it) that you do not have any
> access on. For instance you table called "Product" and cannot
> INSERT/DELETE/UPDATE/SELECT/EXECUTE ,nothing
> Statement permissions is a little bit difference as you may have SELECT
> statement permission to read the data, however , you cannot modify any data
> (UPDATE permission)
>
>
> "RedFox" <redfox_net@.ukr.net> wrote in message
> news:BA9F61A6-95AF-4267-AA2F-37EF3669F4A2@.microsoft.com...
>
>
|||"RedFox" wrote:

> Dear All.
> Excuse me for a shot message. Additional:
> - Book "Microsoft? SQL Server 2005 Implementation and Maintenance
> Study Guide (Exam 70–431)" by Joseph L. Jorden Dandy Weyn
> In this book I found the descriptions:
> - "Statement permissions have nothing to do with the actual data; they allow
> users to create the structure that holds the data."
not really correct without the context. for example this particular
statement in the context as is is not applicable at all to statement
permissions
select, delete, update, insert, because they are not ddl

> - "Once the structure exists to hold the data, you need to give users
> permission to start working with the data in the databases, which is
> accomplished by granting object permissions to your users."
that is not correct in the context given also, because create database
statement permission for example can not deal with any data yet, they just do
not exist, if other 'create' statement permissions have anything to do with
the data is outside of the context of the quotation above as well, they are
for ddl after all.

> Is these terms correct for SQL 2005 in this context?
I would not say the statements are correct as given, however in its own
context of the book they may be.
If you want to find your what permissions the user has, then that is
sp_helprotect or permission function.
ms-help://MS.SQLCC.v9/MS.SQLSVR.v9.en/tsqlref9/html/81625a56-b160-4424-91c5-1ce8b259a8e6.htm
or
http://msdn2.microsoft.com/en-us/library/ms186915.aspx
can find your own permissions as well fn_my_permissions.
statement permission can be granted, revoked, denied and audited. Can a user
XYZ do action ABC on the object Q123 is defined by the chain of ownership
(what rights are granted, denied, revoked through what and on what).
Thanks, Liliya
[vbcol=seagreen]
> "Uri Dimant" wrote: