Checking a user's permissions in SQL Server

Reading Time: 15 minutes

Hello people!
Good day.

In this post, I will demonstrate how to verify the permissions of a user and / or database in SQL Server, as well as allowing you to easily remove these access or grant again. If you want to replicate a user's permissions between different instances, see if the article SQL Server - How to copy / replicate a user's permissions can help you.

Using system SP, sp_helprotect

Using the stored procedure sp_helprotect, we can easily list the permissions of a particular user or object:

Result

Result

Using Transact SQL Queries in Catalog Views

A very interesting way to get and work with this information that we saw in the SQL Server Managment Studio interface is by using SQL queries and SQL Server database catalog views. These queries bring more information than the sp_helprotect system sp and just like using SP we can work with the returned data.

View source

Return of Queries

Using a Custom Stored Procedure

With a little more work and refinement, we can use a Stored Procedure for this purpose. We can use feedback to generate an access report, record the information for history, etc. See how easy it is:

View SP source code

Usage examples

Return Example (First Example)

Using a Stored Procedure with GRANT and REVOKE Code

Like the previous Stored Procedure, this version is a little more "compact" and still generates the T-SQL codes to grant this privilege (if you want to make a backup of the existing permissions) and also the T-SQL code to remove this permission.

View stp's codeVerify_User_Permissions

Examples of use:

Result:

Result:

Result:

Result:

Using a Query

Another quick and convenient alternative to listing user permissions is by using a multi-UNION query to return role, system, and object permissions.