![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 99%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVC%3C/text%3E%3C/svg%3E)
SQL Server | Other
Additional SQL Server features and topics not covered by specific categories
Starting point is that a user has no permissions at all in the database. If you only want the user to be able to write data, you would do:
GRANT INSERT, UPDATE, DELETE ON tbl TO someuser
Rather than a table, you can also specify a schema (SCHEMA::dbo) or leave the ON clause to give permissions to all tables in the database.
If you already have granted the user permissions, start with removing those. This may include taking the user out of roles.
There is also a DENY command, but you can easily shoot yourself in the foot with that command, so avoid it as long as possible.