sp_helprotect includes the permission_name parameter to:
Display the grantor name.
Display the table or column name
Show whether the permission is grantable for all permissions granted in a given database.
Check for permissions on commands like update, delete, select.
The value for permission_name can be any of the values from sysprotects.action.
You can run sp_helprotect permission_name on a table, view, stored procedure, SQLJ stored procedure, SQLJ function, or using name of a user, user-defined role, group, or permission name in the current database. For example, this runs sp_helprotect using the action “Decrypt” from sysprotects.action:
sp_helprotect "Decrypt"grantor grantee type action object column grantable ------- -------- ----- ------- ------- ------ --------- sa1 hr_login Grant Decrypt employee ssn TRUE sa1 hr_role Grant Decrypt employee ssn FALSE
Any user can run sp_helprotect permission_name to view his or her permission information. Only the SSO can view permissions for all users.
