• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1346
  • Last Modified:

User Privileges to Database

I am new to oracle and this is a simple question. What command do I use to grant read only rights to a user and what commands do I use to verify the privileg has been granted?
0
efaah0
Asked:
efaah0
2 Solutions
 
Guy Hengel [angelIII / a3]Billing EngineerCommented:
GRANT SELECT ON ALL TO USER;
0
 
jrb1Commented:
Didn't work for me:

grant select on all to jbush
                *
ERROR at line 1:
ORA-00903: invalid table name

http://asktom.oracle.com/pls/ask/f?p=4950:8:::::F4950_P8_DISPLAYID:1184235446570

"Well, there is no grant that allows a user or role access to all objects in a
schema like that"

However, this PL/SQL will work:

begin
   for x in ( select tname from tab )
   loop
      execute immediate 'grant select on ' || x.tname || ' to {username}';
   end loop;
end;
0
 
Guy Hengel [angelIII / a3]Billing EngineerCommented:
I stand corrected. Actually, I messed up with "GRANT ALL ON <table> ... etc"  :-(

here the link:
http://asktom.oracle.com/pls/ask/f?p=4950:8:::::F4950_P8_DISPLAYID:1184235446570
0
 
JacekMychaCommented:
1. You can grant a privilege to an object or you can grant a system privilege. You cannot grant select to all your tables (i.e. tables in your schema).
2. If you are a DBA or you have 'SELECT ANY TABLE' system privilege granted 'WITH ADMIN OPTION' then you can grant 'SELECT ANY TABLE' system privilege to a user. The grantee will be able to select from any table in the database. If you have any sensitive information in your database then you shouldn't do that. If it's developement environment with some dummy data then it can be fine.
3. You can grant a SELECT privilege on a table in your schema to a user. The syntax is:
GRANT SELECT ON <tablename> TO <username> [WITH GRANT OPTION]. WITH GRANT OPTION means that your user can pass this grant to other users. You cannot grant a privilege to all your tables in one statement.
4. You create a role and grant SELECT on your tables to that role. Than you can grant that role to many users. If you have a new user later on than you simply grant him a role. If you have a new table then you simply grant select on this new table to the role. It is much simpler when you have many tables and many users.
5. You can examine following data dictionary views for information on granted privileges:
DBA_SYS_PRIVS, USER_SYS_PRIVS
DBA_TAB_PRIVS, ALL_TAB_PRIVS, USER_TAB_PRIVS
ALL_TAB_PRIVS_MADE, USER_TAB_PRIVS_MADE
ALL_TAB_PRIVS_RECD, USER_TAB_PRIVS_RECD
DBA_ROLE_PRIVS, USER_ROLE_PRIVS
ROLE_SYS_PRIVS, ROLE_TAB_PRIVS, ROLE_ROLE_PRIVS

Please refer to Oracle documentation for description of these views.
JacekMycha
0
 
MohanKNairCommented:
To provide read access for a user

1) execute "grant select on <table_name> to USER" for all tables and views
2) In the user schema create synonyms for the tables
3) Create roles for a set of table grants
4) Query DBA_SYS_PRIVS and DBA_TAB_PRIVS to query the privileges granted to the user
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Amazon Web Services - Basic

Are you thinking about creating an Amazon Web Services account for your business? Not sure where to start? In this course you’ll get an overview of the history of AWS and take a tour of their user interface.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now