I have the following T-SQL to display all the permissions granted to principals on my SQL server 2005:
select dp.NAME AS principal_name, --1
dp.type_desc AS principal_type_desc, --2
o.NAME AS object_name, --3
p.permission_name, --4
p.state_desc AS permission_state_desc --5
from sys.database_permissions p
left OUTER JOIN sys.all_objects o
on p.major_id = o.OBJECT_ID
inner JOIN sys.database_principals dp
on p.grantee_principal_id = dp.principal_id
order by principal_name, object_name
The result displays public with SELECT granted:
1 2 3 4 5
...
public DATABASE_ROLE system_views SELECT GRANT
....
I think object_name system_views is for all the views in my database Views|system_views folder. I tried the following T-SQL (just to see if it works by GRANT again):
GRANT SELECT ON system_views TO public
I got error "Cannot find the object 'system_views', because it does not exist or you don't have permission". I do connect the SQL server as sa.
My question is how to revoke SELECT permission on system_views for public (user or principal?) and roll permission back if I have to. The second question is if the revoke on system_views for public have any side-effect for other users?