I was wondering if anyone ever tried to assign a role to a user and then while the role specifies that the user has delete access, still restrict the delete access for that user, without removing the role from the user.
I want to know if it is possible and if you can tell me how it would perfect.
I think you can bring up the Manage Permissions dialog for the object and specifically deny access to a particular user (or another role). The box should have a large red X in it, and the "Deny" trumps "Allow" if there is a conflict for a user assigned to more than one role or with special permissions.
Right-click on your table in Enterprise Manager and select All Tasks, Manage Permissions.
You will see a window listing users and roles, and their permissions on the table. Click a permission box once and a green check-mark appears, indicating the permission is granted. Click again and a red X appears indicating the permission is revoked. Click one more time and the box is cleared, indicating the the user has whatever permission is default or is defined by another role to which the user belongs.