With explicit context switching, you can use the
EXECUTE AS statement to change the user or login used to check permissions. This is similar to the
SET USER statement available in prior versions. It is extremely useful for administrators who are testing the permissions they have set for users or logins. The following example demonstrates the use of the explicit
EXECUTE AS statement:
--Assume that you are connected as an administrator (DBO)--and want to prevent members of the Public role from--selecting from the Sales.Customer tableDENY SELECT ON sales.customer TO Public--We can check that user Laura cannot select from the-- Sales.Customer table using the EXECUTE AS statementEXECUTE AS USER ...