BUG: Column Level Permissions not Scripted When Generated Using Enterprise Manager When Table Level Permissions Exist for That Role or User

ID: Q247749

The information in this article applies to:
  • Microsoft SQL Server version 7.0
BUG #: 56806 (SQLBUG_70)

SYMPTOMS

If a user or role has table level permissions and column level permissions on a particular table, the SQL Script generated using Enterprise Manager does not script both the permissions. Enterprise Manager only generates table level permissions.


STATUS

Microsoft has confirmed this to be a problem in SQL Server version 7.0.


MORE INFORMATION

Steps to Reproduce Behavior

Use these steps to reproduce the behavior:
  1. Create a table named table1 using this code:


    2. 
CREATE TABLE [dbo].[table1] (
	[col1] [varchar] (16) NOT NULL ,
	[col2] [int] NULL 
) ON [PRIMARY]
GO
  2. Create a Role named role1 using this code:


    3. 
EXEC sp_addrole N'role1'

Case1

Run the following code: 

GRANT  SELECT,  INSERT,  DELETE  ON [dbo].[table1]  TO [role1]
GO
Generate the SQL script using SQL Enterprise Manager. This successfully shows everything including the Table Level Permissions.

Case2

Next, run this code: 

GRANT  UPDATE  ON [dbo].[table1] ([col1]) to role1
GO
Generate the SQL script using SQL Enterprise Manager. This successfully shows everything including the Column Level Permissions

Case3

Now, run this code: 

GRANT  SELECT ,  INSERT ,  DELETE  ON [dbo].[table1]  TO [role1]
GO
GRANT  UPDATE  ON [dbo].[table1] ([col1]) to role1
GO
Generate the SQL script using SQL Enterprise Manager. This will only show Table Level Permissions, No Column Level Permissions.

The order of the execution of the GRANT statements (first table level then Column level or vice versa) does not matter. The generated SQL Script does not have the Column Level Permissions, but in actuality, can do all the things like UPDATE on the specific column the user is permitted to and perform all the activities that the user is permitted to at the table level. The actual permissions are intact, they just are not shown in the script that is generated.

Additional query words: column permission script

Keywords : kbSQLServ700bug
Version : winnt:7.0
Platform : winnt
Issue type : kbbug


Last Reviewed: December 28, 1999
© 2000 Microsoft Corporation. All rights reserved. Terms of Use.