Hello. I am trying to find a solution to allow a developer
to create new stored procedures and then automatically grant them EXECUTE WITH
GRANT permissions with the following restrictions:
1) The proc must be owned by dbo.
2) The user cannot be db_ddladmin and db_security admin (we only want
EXECUTE WITH GRANT, nothing more, nothing less
There does not seem to be any way reasonable to define these permissions.
The only possibility i could find was to use some sort of process such as the
sqlagent or nt scheduler to run in a different security context (grant dbo to the
service account...) than the user and then to have them dump the guts of their
proc into a file or table, or anything that could then be turned into the proper
proc with the proper permissions.
Any help would be greatly appreciated