Solved

User Privileges to Database

Posted on 2006-06-23
5
1,136 Views
Last Modified: 2008-02-01
I am new to oracle and this is a simple question. What command do I use to grant read only rights to a user and what commands do I use to verify the privileg has been granted?
0
Comment
Question by:efaah0
5 Comments
 
LVL 142

Expert Comment

by:Guy Hengel [angelIII / a3]
Comment Utility
GRANT SELECT ON ALL TO USER;
0
 
LVL 25

Expert Comment

by:jrb1
Comment Utility
Didn't work for me:

grant select on all to jbush
                *
ERROR at line 1:
ORA-00903: invalid table name

http://asktom.oracle.com/pls/ask/f?p=4950:8:::::F4950_P8_DISPLAYID:1184235446570

"Well, there is no grant that allows a user or role access to all objects in a
schema like that"

However, this PL/SQL will work:

begin
   for x in ( select tname from tab )
   loop
      execute immediate 'grant select on ' || x.tname || ' to {username}';
   end loop;
end;
0
 
LVL 142

Expert Comment

by:Guy Hengel [angelIII / a3]
Comment Utility
I stand corrected. Actually, I messed up with "GRANT ALL ON <table> ... etc"  :-(

here the link:
http://asktom.oracle.com/pls/ask/f?p=4950:8:::::F4950_P8_DISPLAYID:1184235446570
0
 
LVL 3

Assisted Solution

by:JacekMycha
JacekMycha earned 125 total points
Comment Utility
1. You can grant a privilege to an object or you can grant a system privilege. You cannot grant select to all your tables (i.e. tables in your schema).
2. If you are a DBA or you have 'SELECT ANY TABLE' system privilege granted 'WITH ADMIN OPTION' then you can grant 'SELECT ANY TABLE' system privilege to a user. The grantee will be able to select from any table in the database. If you have any sensitive information in your database then you shouldn't do that. If it's developement environment with some dummy data then it can be fine.
3. You can grant a SELECT privilege on a table in your schema to a user. The syntax is:
GRANT SELECT ON <tablename> TO <username> [WITH GRANT OPTION]. WITH GRANT OPTION means that your user can pass this grant to other users. You cannot grant a privilege to all your tables in one statement.
4. You create a role and grant SELECT on your tables to that role. Than you can grant that role to many users. If you have a new user later on than you simply grant him a role. If you have a new table then you simply grant select on this new table to the role. It is much simpler when you have many tables and many users.
5. You can examine following data dictionary views for information on granted privileges:
DBA_SYS_PRIVS, USER_SYS_PRIVS
DBA_TAB_PRIVS, ALL_TAB_PRIVS, USER_TAB_PRIVS
ALL_TAB_PRIVS_MADE, USER_TAB_PRIVS_MADE
ALL_TAB_PRIVS_RECD, USER_TAB_PRIVS_RECD
DBA_ROLE_PRIVS, USER_ROLE_PRIVS
ROLE_SYS_PRIVS, ROLE_TAB_PRIVS, ROLE_ROLE_PRIVS

Please refer to Oracle documentation for description of these views.
JacekMycha
0
 
LVL 16

Accepted Solution

by:
MohanKNair earned 125 total points
Comment Utility
To provide read access for a user

1) execute "grant select on <table_name> to USER" for all tables and views
2) In the user schema create synonyms for the tables
3) Create roles for a set of table grants
4) Query DBA_SYS_PRIVS and DBA_TAB_PRIVS to query the privileges granted to the user
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Join & Write a Comment

Introduction A previously published article on Experts Exchange ("Joins in Oracle", http://www.experts-exchange.com/Database/Oracle/A_8249-Joins-in-Oracle.html) makes a statement about "Oracle proprietary" joins and mixes the join syntax with gen…
Configuring and using Oracle Database Gateway for ODBC Introduction First, a brief summary of what a Database Gateway is.  A Gateway is a set of driver agents and configurations that allow an Oracle database to communicate with other platforms…
This video shows information on the Oracle Data Dictionary, starting with the Oracle documentation, explaining the different types of Data Dictionary views available by group and permissions as well as giving examples on how to retrieve data from th…
This videos aims to give the viewer a basic demonstration of how a user can query current session information by using the SYS_CONTEXT function

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now