zachattack05 70 Posting Pro in Training

I was hoping someone might be kind enough to throw some advice my way on this one.

I am using stored procedures to perform many of the queries for my application. One of the reasons I chose stored procedures was for security.

Because I would like to make the application as dynamic as possible, and "mysterious" to the lowly users (I'll explain in a second) I was wondering if it is possible to bind to permissions from a SQL server?

Here's an example of what I mean.

Assume a user's job when using the application is to just retrieve information on customers to provide technical support to them. This particular user has no permissions to delete customers, or to modify their information, only view it. Given that I would be using stored procedures here, obviously this user would have no permission to execute the Delete or Update stored procedure for that customer. Because the user doesn't have that right, but the person sitting next to them might, I would like to know if there is a way for my application to check if the user has those permissions, and if not, to hide (not even show) the "Edit" or "Delete" buttons instead of showing a "Oops! You can't do that!" message. I'd rather keep it "secret" that the ability even exists. Obviously it doesn't take much thinking to realize it does, but...out of site, out of mind. It might keep "fiddlers" from "fiddling" too much.

I thought about creating a "User Permissions" table and having triggers fire off when permissions are changed that updates that table and just binding to that, but I'm not sure if that's possible or even the best way to do such a thing.

I'd appreciate any suggestions!

Cheers!