Is there a query to run to determine the users and groups and what implied or explicit rights they have to a SQL table.

Thank you.

Yes.

EXECUTE AS LOGIN = 'someuser'
SELECT * FROM fn_my_permissions('sometable', 'OBJECT')
SELECT has_perms_by_name('sometable', 'OBJECT', 'SELECT')
REVERT

Hi,

Please try below options;

EXEC sp_table_privileges @table_name = 'Contact%';

Refer: sp_table_privileges (Transact-SQL)

Or you can try below sql query to find the result;

select permission_name, state, pr.name
from sys.database_permissions pe
join sys.database_principals pr on pe.grantee_principal_id = pr.principal_id
where pe.class = 1 
    and pe.major_id = object_id('<table_name>')
    and pe.minor_id = 0;

This can be tricky. I have posted a fairly long explanation in a topic called Effective Database Engine Permissions http://social.technet.microsoft.com/wiki/contents/articles/15180.effective-database-engine-permissions.aspx (and you might also be interested in Database Engine Permission Basics at http://social.technet.microsoft.com/wiki/contents/articles/4433.database-engine-permission-basics.aspx )

A user can receive permissions because of the permission on the object was granted to them, or to a database role that they are a member of, or to a server role that they are a member of. The permission could have been granted to that table, or to the schema of the table, or to the whole database. They might be a member of a Windows group, which has a login or is a member of some other group which has a login, and that group could have permissions. The permissions from all the sources are aggregated, and a DENY from any spot will override that.