How do I detect execute permission granted to a role (when no ON clause was used)
GRANT EXECUTE TO [principal]
is simply a shortcut for GRANT EXECUTE ON DATABASE::<dbname> TO [principal];
You can check this using the following:
SELECT dp.name
, perms.class_desc
, perms.permission_name
, perms.state_desc
FROM sys.database_permissions perms
INNER JOIN sys.database_principals dp ON perms.grantee_principal_id = dp.principal_id
WHERE dp.name = 'MyRole'
I wasn't paying attention to, or correctly interpreting, the results of the query from Kin's answer to this question:
List all permissions for a given role?
In the results of the query, you'll see execute listed but with no specific object type or object name!