One of my apps uses a login that is tied down to only use the sprocs and tables it is allowed to access. Its just given 'public' role. However, it needs to be able to add and delete fields from one table in particular. Is there a way to allow this? The login it uses has been given full rights to the table but an alter table command faults. The tbale must be a 'dbo' because other apps use it -- can I be granted DDL rights on a per table basis?
According to the BOL in the description of the GRANT command, in thefootnote 1 for ALTER TABLE it says that the object owner can issue ALTER TABLE commands for the objects that they own. The table shows that the db_owner and db_ddladmin roles can issue ALTER TABLE commands for objects owned by other users.