Showing posts with label GRANT. Show all posts
Showing posts with label GRANT. Show all posts

Sunday, 3 January 2010

Grant Execute Permission to all Stored Procedures and Functions

How to grant execute permission to all your stored procedures and functions

Another useful stored procedure I have in my toolkit that I find myself using over and over on any system that I work on is the following proc that allows me to grant execute permission to all stored procedures and user defined functions within a database to a particular logon.

Sometimes I find myself creating multiple stored procedures or functions in one go, either through a CRUD proc generator script or just manually but without the necessary execute permissions added to each procedure or function they will fail to execute. Therefore its very handy if you have forgotten to add the GRANT EXECUTE statements as you went along to do it all in one batch.

The procedure makes use of the sysobjects system view to return a list of all the stored procedures and user defined functions within the database the procedure is called from. I then loop through each one and generate the necessary SQL to apply EXECUTE permission to that proc or UDF to the supplied logon.

I have also added a flag which allows you to print all the GRANT EXECUTE statements without running them so that you can check the output before running it.

The code is below.

CREATE PROCEDURE [dbo].[usp_sql_grant_execute_permission] 

 @login VARCHAR(50) = 'mylogon',
 @RunEXEC BIT = 1 --1 will run the statements, 0 = Prints them

AS

SET NOCOUNT ON

DECLARE @procname VARCHAR(50),
  @Rows INT,
  @Count INT

-- Populate the temporary table with user defined stored procs and functions
SELECT [name] INTO #tmp 
FROM sysobjects 
WHERE (xtype = 'P') OR  (xtype = 'FN' OR xtype = 'TF')

SELECT @Rows = @@ROWCOUNT, @Count = 0


-- Iterate through each of the rows on the table
WHILE (@Count < @Rows)
BEGIN
 -- get next item
 SELECT TOP 1 @procname = [name] FROM #tmp

 -- Prepare and execute SQL statement
 DECLARE @sql VARCHAR(255)
 SET @sql = 'GRANT EXEC ON ' + @procname + ' TO ' + @login
 
 -- do we run or print them out
 IF @RunEXEC = 1
   EXEC (@sql)
 ELSE
   PRINT @SQL
 
 -- delete record from temp table 
 DELETE #tmp WHERE [name] = @procname
 
 SELECT @Count = @Count + 1
END


You call it simply like so:

EXEC usp_sql_grant_execute_permission 'mylogin'

It's one of those simple procedures that are very handy to have and save a lot of time. Its very quick to run so if I ever come across any permission denied errors on my development system I just run this procedure first to ensure all my procedures and functions have the necessary execute permissions to run correctly.
By at 5 comments:
Labels: , , , ,
Subscribe to: Posts (Atom)