Solved

User Privileges to Database

Posted on 2006-06-23
5
1,147 Views
Last Modified: 2008-02-01
I am new to oracle and this is a simple question. What command do I use to grant read only rights to a user and what commands do I use to verify the privileg has been granted?
0
Comment
Question by:efaah0
5 Comments
 
LVL 142

Expert Comment

by:Guy Hengel [angelIII / a3]
ID: 16972437
GRANT SELECT ON ALL TO USER;
0
 
LVL 25

Expert Comment

by:jrb1
ID: 16973270
Didn't work for me:

grant select on all to jbush
                *
ERROR at line 1:
ORA-00903: invalid table name

http://asktom.oracle.com/pls/ask/f?p=4950:8:::::F4950_P8_DISPLAYID:1184235446570

"Well, there is no grant that allows a user or role access to all objects in a
schema like that"

However, this PL/SQL will work:

begin
   for x in ( select tname from tab )
   loop
      execute immediate 'grant select on ' || x.tname || ' to {username}';
   end loop;
end;
0
 
LVL 142

Expert Comment

by:Guy Hengel [angelIII / a3]
ID: 16974311
I stand corrected. Actually, I messed up with "GRANT ALL ON <table> ... etc"  :-(

here the link:
http://asktom.oracle.com/pls/ask/f?p=4950:8:::::F4950_P8_DISPLAYID:1184235446570
0
 
LVL 3

Assisted Solution

by:JacekMycha
JacekMycha earned 125 total points
ID: 16975539
1. You can grant a privilege to an object or you can grant a system privilege. You cannot grant select to all your tables (i.e. tables in your schema).
2. If you are a DBA or you have 'SELECT ANY TABLE' system privilege granted 'WITH ADMIN OPTION' then you can grant 'SELECT ANY TABLE' system privilege to a user. The grantee will be able to select from any table in the database. If you have any sensitive information in your database then you shouldn't do that. If it's developement environment with some dummy data then it can be fine.
3. You can grant a SELECT privilege on a table in your schema to a user. The syntax is:
GRANT SELECT ON <tablename> TO <username> [WITH GRANT OPTION]. WITH GRANT OPTION means that your user can pass this grant to other users. You cannot grant a privilege to all your tables in one statement.
4. You create a role and grant SELECT on your tables to that role. Than you can grant that role to many users. If you have a new user later on than you simply grant him a role. If you have a new table then you simply grant select on this new table to the role. It is much simpler when you have many tables and many users.
5. You can examine following data dictionary views for information on granted privileges:
DBA_SYS_PRIVS, USER_SYS_PRIVS
DBA_TAB_PRIVS, ALL_TAB_PRIVS, USER_TAB_PRIVS
ALL_TAB_PRIVS_MADE, USER_TAB_PRIVS_MADE
ALL_TAB_PRIVS_RECD, USER_TAB_PRIVS_RECD
DBA_ROLE_PRIVS, USER_ROLE_PRIVS
ROLE_SYS_PRIVS, ROLE_TAB_PRIVS, ROLE_ROLE_PRIVS

Please refer to Oracle documentation for description of these views.
JacekMycha
0
 
LVL 16

Accepted Solution

by:
MohanKNair earned 125 total points
ID: 16977504
To provide read access for a user

1) execute "grant select on <table_name> to USER" for all tables and views
2) In the user schema create synonyms for the tables
3) Create roles for a set of table grants
4) Query DBA_SYS_PRIVS and DBA_TAB_PRIVS to query the privileges granted to the user
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Have you ever had to make fundamental changes to a table in Oracle, but haven't been able to get any downtime?  I'm talking things like: * Dropping columns * Shrinking allocated space * Removing chained blocks and restoring the PCTFREE * Re-or…
From implementing a password expiration date, to datatype conversions and file export options, these are some useful settings I've found in Jasper Server.
This video shows how to recover a database from a user managed backup
This video shows how to copy an entire tablespace from one database to another database using Transportable Tablespace functionality.

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now