Skip to content

Document minimal SQL Server permissions#19

Draft
Copilot wants to merge 3 commits intomasterfrom
copilot/add-sql-server-permissions-documentation
Draft

Document minimal SQL Server permissions#19
Copilot wants to merge 3 commits intomasterfrom
copilot/add-sql-server-permissions-documentation

Conversation

Copy link
Copy Markdown
Contributor

Copilot AI commented Apr 24, 2026
edited
Loading

  • Understand the documented SQL Server permissions in README
  • Study the SQL operations used by the library (install.sql, send.sql, SqlReceiver queries)
  • Start a SQL Server Docker container
  • Test that zero permissions correctly denies all operations
  • Test that documented minimal runtime permissions allow all operations (polling mode)
  • Prove each individual permission is necessary (removing any one causes failure)
  • Test schema installation permissions
  • Test Service Broker permissions
  • Discover that SqlDependency requires db_owner or CONTROL ON SCHEMA::dbo beyond individual grants
  • Update README to reflect accurate Service Broker permission requirements
  • Run validation

Copilot AI linked an issue Apr 24, 2026 that may be closed by this pull request
Document minimal SQL Server permissions #11
Open
@ascott18
Add SQL Server permissions documentation to README
f3067d3 
Document the minimal SQL Server permissions required to run the library,
covering three scenarios:
- Minimal runtime permissions (pre-installed schema with AutoInstallSchema=false)
- Service Broker permissions for real-time notifications
- Schema installation permissions (AutoInstallSchema=true)

Addresses #11

Agent-Logs-Url: https://github.com/IntelliTect/IntelliTect.AspNetCore.SignalR.SqlServer/sessions/e6792205-855a-410a-858c-2f32e3296108

Co-authored-by: ascott18 <5017521+ascott18@users.noreply.github.com>
Copilot AI changed the title [WIP] Document minimal SQL Server permissions in README Document minimal SQL Server permissions Apr 24, 2026
Copilot AI requested a review from ascott18 April 24, 2026 16:57
@ascott18
Update Service Broker permissions based on Docker testing
9c342d3 
Verified all documented permissions against SQL Server 2022 in Docker:
- Minimal runtime permissions (polling mode): SELECT/INSERT/DELETE on
  message tables + SELECT/UPDATE on id tables - verified each is
  individually necessary and collectively sufficient
- Service Broker permissions: Updated to recommend db_owner role since
  SqlDependency needs CONTROL ON SCHEMA::dbo to manage its temporary
  Service Broker objects (queue, service, stored procedure)
- Schema installation permissions: verified correct
- AutoEnableServiceBroker permission: verified correct

Agent-Logs-Url: https://github.com/IntelliTect/IntelliTect.AspNetCore.SignalR.SqlServer/sessions/e89277da-2d43-4215-a743-5700ccb78ff7

Co-authored-by: ascott18 <5017521+ascott18@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ascott18 ascott18 Awaiting requested review from ascott18

Assignees

@ascott18 ascott18

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Document minimal SQL Server permissions

2 participants

@ascott18