?
Solved

User Privileges to Database

Posted on 2006-06-23
5
Medium Priority
?
1,221 Views
Last Modified: 2008-02-01
I am new to oracle and this is a simple question. What command do I use to grant read only rights to a user and what commands do I use to verify the privileg has been granted?
0
Comment
Question by:efaah0
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 143

Expert Comment

by:Guy Hengel [angelIII / a3]
ID: 16972437
GRANT SELECT ON ALL TO USER;
0
 
LVL 25

Expert Comment

by:jrb1
ID: 16973270
Didn't work for me:

grant select on all to jbush
                *
ERROR at line 1:
ORA-00903: invalid table name

http://asktom.oracle.com/pls/ask/f?p=4950:8:::::F4950_P8_DISPLAYID:1184235446570

"Well, there is no grant that allows a user or role access to all objects in a
schema like that"

However, this PL/SQL will work:

begin
   for x in ( select tname from tab )
   loop
      execute immediate 'grant select on ' || x.tname || ' to {username}';
   end loop;
end;
0
 
LVL 143

Expert Comment

by:Guy Hengel [angelIII / a3]
ID: 16974311
I stand corrected. Actually, I messed up with "GRANT ALL ON <table> ... etc"  :-(

here the link:
http://asktom.oracle.com/pls/ask/f?p=4950:8:::::F4950_P8_DISPLAYID:1184235446570
0
 
LVL 3

Assisted Solution

by:JacekMycha
JacekMycha earned 375 total points
ID: 16975539
1. You can grant a privilege to an object or you can grant a system privilege. You cannot grant select to all your tables (i.e. tables in your schema).
2. If you are a DBA or you have 'SELECT ANY TABLE' system privilege granted 'WITH ADMIN OPTION' then you can grant 'SELECT ANY TABLE' system privilege to a user. The grantee will be able to select from any table in the database. If you have any sensitive information in your database then you shouldn't do that. If it's developement environment with some dummy data then it can be fine.
3. You can grant a SELECT privilege on a table in your schema to a user. The syntax is:
GRANT SELECT ON <tablename> TO <username> [WITH GRANT OPTION]. WITH GRANT OPTION means that your user can pass this grant to other users. You cannot grant a privilege to all your tables in one statement.
4. You create a role and grant SELECT on your tables to that role. Than you can grant that role to many users. If you have a new user later on than you simply grant him a role. If you have a new table then you simply grant select on this new table to the role. It is much simpler when you have many tables and many users.
5. You can examine following data dictionary views for information on granted privileges:
DBA_SYS_PRIVS, USER_SYS_PRIVS
DBA_TAB_PRIVS, ALL_TAB_PRIVS, USER_TAB_PRIVS
ALL_TAB_PRIVS_MADE, USER_TAB_PRIVS_MADE
ALL_TAB_PRIVS_RECD, USER_TAB_PRIVS_RECD
DBA_ROLE_PRIVS, USER_ROLE_PRIVS
ROLE_SYS_PRIVS, ROLE_TAB_PRIVS, ROLE_ROLE_PRIVS

Please refer to Oracle documentation for description of these views.
JacekMycha
0
 
LVL 16

Accepted Solution

by:
MohanKNair earned 375 total points
ID: 16977504
To provide read access for a user

1) execute "grant select on <table_name> to USER" for all tables and views
2) In the user schema create synonyms for the tables
3) Create roles for a set of table grants
4) Query DBA_SYS_PRIVS and DBA_TAB_PRIVS to query the privileges granted to the user
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to Create User-Defined Aggregates in Oracle Before we begin creating these things, what are user-defined aggregates?  They are a feature introduced in Oracle 9i that allows a developer to create his or her own functions like "SUM", "AVG", and…
This post first appeared at Oracleinaction  (http://oracleinaction.com/undo-and-redo-in-oracle/)by Anju Garg (Myself). I  will demonstrate that undo for DML’s is stored both in undo tablespace and online redo logs. Then, we will analyze the reaso…
This videos aims to give the viewer a basic demonstration of how a user can query current session information by using the SYS_CONTEXT function
This video shows how to configure and send email from and Oracle database using both UTL_SMTP and UTL_MAIL, as well as comparing UTL_SMTP to a manual SMTP conversation with a mail server.
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question