/*** Find any facilities to which user does not have "VIEWER" permissions. ***/ DECLARE @user_id INT = 0; -- change 0 to the USER_ID of the user you are checking permission for. SELECT * FROM dt_facility f WHERE equis.auth(@user_id, 4, f.facility_id, -1) <> 4;