Check that user belongs to db role









up vote
1
down vote

favorite












I took some code here: Check if role consists of particular user in DB?



SELECT *
 FROM sys.database_role_members AS RM 
 JOIN sys.database_principals AS U 
 ON RM.member_principal_id = U.principal_id 
 JOIN sys.database_principals AS R 
 ON RM.role_principal_id = R.principal_id 
 WHERE U.name = 'operator1' 
 AND R.name = 'myrole1'


that query returns 1 row. It means that user 'operator1' belongs to role 'myrole1'.
Now I'm trying to create a stored procedure for this:



CREATE PROCEDURE [dbo].[Proc1]
(
 @userName varchar,
 @roleName varchar
)
AS

IF EXISTS(SELECT * 
 FROM sys.database_role_members AS RM 
 JOIN sys.database_principals AS U 
 ON RM.member_principal_id = U.principal_id 
 JOIN sys.database_principals AS R 
 ON RM.role_principal_id = R.principal_id 
 WHERE U.name = @userName 
 AND R.name = @roleName)
 RETURN 0
ELSE RETURN -1


I use standard command from sql server 2008 'Execute stored procedure'



DECLARE @return_value int

EXEC @return_value = [dbo].[Proc1]
 @userName = N'operator1',
 @roleName = N'myrole1'

SELECT 'Return Value' = @return_value

GO


it always returns -1. WHY ???






tsql







share|improve this question



























    up vote
    1
    down vote

    favorite












    I took some code here: Check if role consists of particular user in DB?



    SELECT *
     FROM sys.database_role_members AS RM 
     JOIN sys.database_principals AS U 
     ON RM.member_principal_id = U.principal_id 
     JOIN sys.database_principals AS R 
     ON RM.role_principal_id = R.principal_id 
     WHERE U.name = 'operator1' 
     AND R.name = 'myrole1'


    that query returns 1 row. It means that user 'operator1' belongs to role 'myrole1'.
    Now I'm trying to create a stored procedure for this:



    CREATE PROCEDURE [dbo].[Proc1]
    (
     @userName varchar,
     @roleName varchar
    )
    AS

    IF EXISTS(SELECT * 
     FROM sys.database_role_members AS RM 
     JOIN sys.database_principals AS U 
     ON RM.member_principal_id = U.principal_id 
     JOIN sys.database_principals AS R 
     ON RM.role_principal_id = R.principal_id 
     WHERE U.name = @userName 
     AND R.name = @roleName)
     RETURN 0
    ELSE RETURN -1


    I use standard command from sql server 2008 'Execute stored procedure'



    DECLARE @return_value int

    EXEC @return_value = [dbo].[Proc1]
     @userName = N'operator1',
     @roleName = N'myrole1'

    SELECT 'Return Value' = @return_value

    GO


    it always returns -1. WHY ???






    tsql







    share|improve this question

























      up vote
      1
      down vote

      favorite









      up vote
      1
      down vote

      favorite











      I took some code here: Check if role consists of particular user in DB?



      SELECT *
       FROM sys.database_role_members AS RM 
       JOIN sys.database_principals AS U 
       ON RM.member_principal_id = U.principal_id 
       JOIN sys.database_principals AS R 
       ON RM.role_principal_id = R.principal_id 
       WHERE U.name = 'operator1' 
       AND R.name = 'myrole1'


      that query returns 1 row. It means that user 'operator1' belongs to role 'myrole1'.
      Now I'm trying to create a stored procedure for this:



      CREATE PROCEDURE [dbo].[Proc1]
      (
       @userName varchar,
       @roleName varchar
      )
      AS

      IF EXISTS(SELECT * 
       FROM sys.database_role_members AS RM 
       JOIN sys.database_principals AS U 
       ON RM.member_principal_id = U.principal_id 
       JOIN sys.database_principals AS R 
       ON RM.role_principal_id = R.principal_id 
       WHERE U.name = @userName 
       AND R.name = @roleName)
       RETURN 0
      ELSE RETURN -1


      I use standard command from sql server 2008 'Execute stored procedure'



      DECLARE @return_value int

      EXEC @return_value = [dbo].[Proc1]
       @userName = N'operator1',
       @roleName = N'myrole1'

      SELECT 'Return Value' = @return_value

      GO


      it always returns -1. WHY ???






      tsql







      share|improve this question















      I took some code here: Check if role consists of particular user in DB?



      SELECT *
       FROM sys.database_role_members AS RM 
       JOIN sys.database_principals AS U 
       ON RM.member_principal_id = U.principal_id 
       JOIN sys.database_principals AS R 
       ON RM.role_principal_id = R.principal_id 
       WHERE U.name = 'operator1' 
       AND R.name = 'myrole1'


      that query returns 1 row. It means that user 'operator1' belongs to role 'myrole1'.
      Now I'm trying to create a stored procedure for this:



      CREATE PROCEDURE [dbo].[Proc1]
      (
       @userName varchar,
       @roleName varchar
      )
      AS

      IF EXISTS(SELECT * 
       FROM sys.database_role_members AS RM 
       JOIN sys.database_principals AS U 
       ON RM.member_principal_id = U.principal_id 
       JOIN sys.database_principals AS R 
       ON RM.role_principal_id = R.principal_id 
       WHERE U.name = @userName 
       AND R.name = @roleName)
       RETURN 0
      ELSE RETURN -1


      I use standard command from sql server 2008 'Execute stored procedure'



      DECLARE @return_value int

      EXEC @return_value = [dbo].[Proc1]
       @userName = N'operator1',
       @roleName = N'myrole1'

      SELECT 'Return Value' = @return_value

      GO


      it always returns -1. WHY ???






      tsql




      tsql






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited May 23 '17 at 12:07









      Community

      11




      11










      asked Feb 25 '10 at 8:16









      Alexander Stalt

      43751321




      43751321






















          2 Answers
          2






          active

          oldest

          votes

















          up vote
          2
          down vote



          accepted










          You need to define the length attribute for each of your procedure parameters. If you change the beginning of your stored procedure declaration to the following, it will return the correct response:



          CREATE PROCEDURE [dbo].[Proc1]
          (
           @userName varchar(255),
           @roleName varchar(255)
          )
          AS


          Without the length attributes, SQL Server auto-defines the length of the variables as 1, so the user and role were being matched against "o" and "m", respectively. SQL Server is inconsistent in it's behavior of how it treats variables without the length specifier - sometimes they have a length of 30 and sometimes they have a length of 1. It is best practice to always specify the length attributes on string variables. See the following SQL Blog article for more information:



          • Bad habits to kick : declaring VARCHAR without (length)





          share|improve this answer






















          • Thanks for an input, Templar. Sorry for long-time answer. I didn't know that I should mark your answer as useful and other things ...
            – Alexander Stalt
            Mar 29 '10 at 13:21

















          up vote
          0
          down vote













          This code is not good, because it can return false, if a user is member of a group, which then is member of a role.



          User the built-in function IS_MEMBER() -- this is much simpler and always accureate.






          share|improve this answer




















            Your Answer






            StackExchange.ifUsing("editor", function ()
            StackExchange.using("externalEditor", function ()
            StackExchange.using("snippets", function ()
            StackExchange.snippets.init();
            );
            );
            , "code-snippets");

            StackExchange.ready(function()
            var channelOptions =
            tags: "".split(" "),
            id: "1"
            ;
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function()
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled)
            StackExchange.using("snippets", function()
            createEditor();
            );

            else
            createEditor();

            );

            function createEditor()
            StackExchange.prepareEditor(
            heartbeatType: 'answer',
            convertImagesToLinks: true,
            noModals: true,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: 10,
            bindNavPrevention: true,
            postfix: "",
            imageUploader:
            brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
            contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
            allowUrls: true
            ,
            onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            );



            );













            draft saved

            draft discarded


















            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f2332544%2fcheck-that-user-belongs-to-db-role%23new-answer', 'question_page');

            );

            Post as a guest















            Required, but never shown

























            2 Answers
            2






            active

            oldest

            votes








            2 Answers
            2






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes








            up vote
            2
            down vote



            accepted










            You need to define the length attribute for each of your procedure parameters. If you change the beginning of your stored procedure declaration to the following, it will return the correct response:



            CREATE PROCEDURE [dbo].[Proc1]
            (
             @userName varchar(255),
             @roleName varchar(255)
            )
            AS


            Without the length attributes, SQL Server auto-defines the length of the variables as 1, so the user and role were being matched against "o" and "m", respectively. SQL Server is inconsistent in it's behavior of how it treats variables without the length specifier - sometimes they have a length of 30 and sometimes they have a length of 1. It is best practice to always specify the length attributes on string variables. See the following SQL Blog article for more information:



            • Bad habits to kick : declaring VARCHAR without (length)





            share|improve this answer






















            • Thanks for an input, Templar. Sorry for long-time answer. I didn't know that I should mark your answer as useful and other things ...
              – Alexander Stalt
              Mar 29 '10 at 13:21














            up vote
            2
            down vote



            accepted










            You need to define the length attribute for each of your procedure parameters. If you change the beginning of your stored procedure declaration to the following, it will return the correct response:



            CREATE PROCEDURE [dbo].[Proc1]
            (
             @userName varchar(255),
             @roleName varchar(255)
            )
            AS


            Without the length attributes, SQL Server auto-defines the length of the variables as 1, so the user and role were being matched against "o" and "m", respectively. SQL Server is inconsistent in it's behavior of how it treats variables without the length specifier - sometimes they have a length of 30 and sometimes they have a length of 1. It is best practice to always specify the length attributes on string variables. See the following SQL Blog article for more information:



            • Bad habits to kick : declaring VARCHAR without (length)





            share|improve this answer






















            • Thanks for an input, Templar. Sorry for long-time answer. I didn't know that I should mark your answer as useful and other things ...
              – Alexander Stalt
              Mar 29 '10 at 13:21












            up vote
            2
            down vote



            accepted







            up vote
            2
            down vote



            accepted






            You need to define the length attribute for each of your procedure parameters. If you change the beginning of your stored procedure declaration to the following, it will return the correct response:



            CREATE PROCEDURE [dbo].[Proc1]
            (
             @userName varchar(255),
             @roleName varchar(255)
            )
            AS


            Without the length attributes, SQL Server auto-defines the length of the variables as 1, so the user and role were being matched against "o" and "m", respectively. SQL Server is inconsistent in it's behavior of how it treats variables without the length specifier - sometimes they have a length of 30 and sometimes they have a length of 1. It is best practice to always specify the length attributes on string variables. See the following SQL Blog article for more information:



            • Bad habits to kick : declaring VARCHAR without (length)





            share|improve this answer














            You need to define the length attribute for each of your procedure parameters. If you change the beginning of your stored procedure declaration to the following, it will return the correct response:



            CREATE PROCEDURE [dbo].[Proc1]
            (
             @userName varchar(255),
             @roleName varchar(255)
            )
            AS


            Without the length attributes, SQL Server auto-defines the length of the variables as 1, so the user and role were being matched against "o" and "m", respectively. SQL Server is inconsistent in it's behavior of how it treats variables without the length specifier - sometimes they have a length of 30 and sometimes they have a length of 1. It is best practice to always specify the length attributes on string variables. See the following SQL Blog article for more information:



            • Bad habits to kick : declaring VARCHAR without (length)






            share|improve this answer














            share|improve this answer



            share|improve this answer








            edited Nov 11 at 14:04









            Aaron Bertrand

            206k27361402




            206k27361402










            answered Mar 6 '10 at 4:28









            Templar

            3,31972737




            3,31972737











            • Thanks for an input, Templar. Sorry for long-time answer. I didn't know that I should mark your answer as useful and other things ...
              – Alexander Stalt
              Mar 29 '10 at 13:21
















            • Thanks for an input, Templar. Sorry for long-time answer. I didn't know that I should mark your answer as useful and other things ...
              – Alexander Stalt
              Mar 29 '10 at 13:21















            Thanks for an input, Templar. Sorry for long-time answer. I didn't know that I should mark your answer as useful and other things ...
            – Alexander Stalt
            Mar 29 '10 at 13:21




            Thanks for an input, Templar. Sorry for long-time answer. I didn't know that I should mark your answer as useful and other things ...
            – Alexander Stalt
            Mar 29 '10 at 13:21












            up vote
            0
            down vote













            This code is not good, because it can return false, if a user is member of a group, which then is member of a role.



            User the built-in function IS_MEMBER() -- this is much simpler and always accureate.






            share|improve this answer
























              up vote
              0
              down vote













              This code is not good, because it can return false, if a user is member of a group, which then is member of a role.



              User the built-in function IS_MEMBER() -- this is much simpler and always accureate.






              share|improve this answer






















                up vote
                0
                down vote










                up vote
                0
                down vote









                This code is not good, because it can return false, if a user is member of a group, which then is member of a role.



                User the built-in function IS_MEMBER() -- this is much simpler and always accureate.






                share|improve this answer












                This code is not good, because it can return false, if a user is member of a group, which then is member of a role.



                User the built-in function IS_MEMBER() -- this is much simpler and always accureate.







                share|improve this answer












                share|improve this answer



                share|improve this answer










                answered Aug 29 '14 at 13:52







                user872744


































                    draft saved

                    draft discarded
















































                    Thanks for contributing an answer to Stack Overflow!


                    • Please be sure to answer the question. Provide details and share your research!

                    But avoid


                    • Asking for help, clarification, or responding to other answers.

                    • Making statements based on opinion; back them up with references or personal experience.

                    To learn more, see our tips on writing great answers.





                    Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


                    Please pay close attention to the following guidance:


                    • Please be sure to answer the question. Provide details and share your research!

                    But avoid


                    • Asking for help, clarification, or responding to other answers.

                    • Making statements based on opinion; back them up with references or personal experience.

                    To learn more, see our tips on writing great answers.




                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function ()
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f2332544%2fcheck-that-user-belongs-to-db-role%23new-answer', 'question_page');

                    );

                    Post as a guest















                    Required, but never shown





















































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown

































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown







                    -

                    這個網誌中的熱門文章

                    What does pagestruct do in Eviews?

                    圖片
                    0 I have a panel data with column name dateid and an ID variable crossid and several other variables over a period of time. What does the following command do in Eviews (I am very new to Eviews) pagestruct crossid @date(dateid) structure eviews share | improve this question edited Nov 12 at 4:19 asked Nov 8 at 9:13 Dom Jo 42 6 add a comment  |  0 I have a panel data with column name dateid and an ID variable crossid and several other variables over a period of time. What does the following command do in Eviews (I am very new to Eviews) pagestruct crossid @date(dateid) structure eviews share | improve this question edited Nov 12 at 4:19 asked Nov 8 at 9:13 Dom Jo 42 6 add a comment  |  0 0 0 I have a panel data with column name dateid and an ID variable crossid and several other variables over a period of time. Wh...
                    閱讀完整內容

                    Dutch intervention in Lombok and Karangasem

                    圖片
                    Dutch intervention in Lombok and Karangasem (1894) Attack of the Dutch on a Balinese stronghold in Lombok in 1894. Date July–November 1894 Location Lombok Result Decisive Dutch victory. Dutch control of Lombok and Karangasem. Belligerents Netherlands Eastern Sasak Lombok Mataram Western Sasak Commanders and leaders General-Major Jacobus Augustinus Vetter (Commander) General-Major P.P.H. van Ham (Second in command)   † Strength 2,200 (July expedition) Casualties and losses 500 (August 1894) 166 (November 1894) Thousands v t e Dutch interventions in Bali Northern Bali (1846) Northern Bali (1848) Bali (1849) Lombok and Karangasem (1894) Southern Bali (1906) Southern Bali (1908) v t e Dutch colonial campaigns 17th Century Bantam (1601) Malacca (1606) Cape Rachado (1606) Banda Islands (1621) Macau (1622) Pescadores (1622–1624) Bahia (1624) Persian Gulf (1625) Elmina (1625) Cuba (1628) Recife (1630) Albrolhos (1631) Liaoluo Bay (1633) Taiwan (1635–36) Lamey...
                    閱讀完整內容

                    Channel Islands

                    圖片
                    This article is about the Crown dependencies. For the islands off Southern California, see Channel Islands (California). For the French Channel Islands, see Chausey. Channel Islands Îles Anglo-Normandes    (French) Îles d'la Manche    (Norman) Satellite photo of the Channel Islands in 2012 Location of the Channel Islands Geography Location Western Europe Coordinates 49°26′N 2°19′W  /  49.433°N 2.317°W  / 49.433; -2.317 Coordinates: 49°26′N 2°19′W  /  49.433°N 2.317°W  / 49.433; -2.317 Adjacent bodies of water English Channel Total islands 8 inhabited Major islands Jersey and Guernsey Area 198 km 2 (76 sq mi) Highest point Les Platons Administration Bailiwick of Guernsey Capital and largest settlement Saint Peter Port, Guernsey Area covered 78 km 2 (30 sq mi;  7001394000000000000♠ 39.4%) Bailiwick ...
                    閱讀完整內容