SQL Server Permissions on Stored Procs with dynamic SQL

Question

I have a database which has an application role. The role members all belong to a group in Active Directory. Instead of giving the role permissions to select from the tables

Answer 1

Can you use impersonation to another ID with the required permissions?

SET @SQL = N'
EXECUTE AS USER = ''TrustedUser'';
SELECT * 
FROM dbo.uvView1 
INNER JOIN uvView2 ON uvView1.Id = uvView2.Id'

EXEC sp_executesql @SQL

Answer 2

No. Is there any way you can change it to not use dynamic SQL?

Answer 3

Yes.

Add an EXECUTE AS CALLER clause to the procedure, then sign the stored procedure and give the required permission to the signature. This is 100% safe, secure and bullet proof. See Signing Procedures with Certificates.