SA Developer .NET

A role is created eg.

EXECUTE sp_AddRole @RoleName = 'rl_DefaultRole'

EXECUTE SP_ADDROLEMEMBER

@rolename = 'rl_DefaultRole',

@membername = 'MyLogin'

 

When an Appliation uses this Login to access a DB, will the Login have access to read and write of tables by default?

Will this login have access to objects that have permissions granted to PUBLIC?

---

A Program is only Complete when the Programmer Dies

Everyone has the permissions of PUBLIC, so as soon as you create the role and add someone to it, the user will have access to the PUBLIC methods.

If you create the role and don't add any rights to the role, then the users added to the role with have the same rights - PUBLIC + nothing until you add some rights to the role.

---

Why go against tradition when we can admit defeat, live in decline, be the victim of our own design?
http://dotnet.org.za/calmyourself

All users in a database have the permissions assigned to public, regardless of whether they are members of a role, or not. It's one reason you should be very, very careful about what rights you grant to public. (preferably no rights at all)

Other than that, a user or role will only have permissions explicitly granted to it. There's no implicit granting of read all tables just by being a member of a role. 

---

Gail Shaw - SQL In the Wild
SQL Server MVP
--
Chaos, panic and disorder. My job here is done!