CREATE LOGIN TestLogin WITH password='abc';
-- Now add user to database
USE TestDB;
CREATE USER TestUser FOR LOGIN TestLogin;
GO
use [TestDB]
GO
DENY SCHEMA DELETE TO [TestUser]
GO
I was doing something like this, but this doesn't seem to work. I want to DENY SCHEMA DELETE on all Schemas for TestUser. What would be a way to do that?
You got it wrong. Rather it should be.
DENY DELETE ON SCHEMA :: schema_name TO [TestUser]
See DENY Schema Permissions for more information on the same. Actual syntax is:
DENY permission [ ,...n ] } ON SCHEMA :: schema_name
TO database_principal [ ,...n ]
[ CASCADE ]
[ AS denying_principal ]
You could leverage some dynamic sql for this.
declare @SQL nvarchar(max) = ''
select @SQL = @SQL + 'DENY DELETE ON SCHEMA :: ' + name + ' TO [TestUser];'
from sys.schemas
where name not like 'db[_]%'
exec sp_executesql @SQL
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.