Results 1 to 3 of 3
  1. #1
    Join Date
    Jan 2003

    Unanswered: Opinion Requested on Developer Permissions

    We are trying to restrict developer permissions in our development environment. One thought is to add developers to db_datareader, db_datawriter, db_ddladmin, db_securityadmin and then revoke various permissions from ddladmin and securityadmin. The goal is to allow developer to create stored procedures and assign permissions to the stored procedures.

    Another option is to place all developers in the same role and ask them to create all procedures using that role name (ex: dev_role.sp_procedurename). By doing this each developer will be able to run stored procedures created by another developer. The down side is the permissions do not match Model Office/User Test and Production.

    Any suggestions on how to handle this situation?

    Thanks, Dave

  2. #2
    Join Date
    Nov 2002
    I have 3 instances on 2 boxes..

    DEV, QA and PROD...

    Let the developers knock themsleves out in DEV...hopefully using some kind of version control

    Promote all the code and YOU execute it in QA..they're not allowed in there

    QA tests the code

    QA gets signed off

    Code is the promoted to prod on another box....

    It's a Great Day for America everybody!

    dbforums Yak CorralRadio 'Rita
    dbForums Member List
    I'm Good Once as I ever was

    The physical order of data in a database has no meaning.

  3. #3
    Join Date
    Jan 2003
    Provided Answers: 17
    We have the same thing here as Brett does there. Developers get added to the db_owners group in development, and are barred from using anything but the application logins in QA and prod (too hard to police, anyway). No one ever gets sysadmin on anything (and oh, how they ask).

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts